In your example you simply testing two strings for equality, with exception
that when strings have different lengths you return true.
So your example can be written as this:
def message_authentic?(ciphertext, key, presented_mac)
computed_mac = OpenSSL::HMAC.digest(OpenSSL::Digest::SHA256.new,
OpenSSL::Digest::SHA256.new("mac" + key).to_s, ciphertext)

computed_mac.length != presented_mac.length or computed_mac == presented_mac
end

2012/5/29 rooby shoez <lists / ruby-forum.com>

> yuck the first example has issues I just realized, how about this way:
>
>
> def message_authentic?(ciphertext, key, presented_mac)
> computed_mac = OpenSSL::HMAC.digest(OpenSSL::Digest::SHA256.new,
> OpenSSL::Digest::SHA256.new("mac" + key).to_s, ciphertext)
> a = [true]
> if computed_mac.length == presented_mac.length then
> computer_mac.length.times do |i|
> a += [computed_mac[i] == presented_mac[i]]
> end
> mac_verifies = a.inject(:==)
> end
>
> --
> Posted via http://www.ruby-forum.com/.
>
>


-- 
Dmitry S. Kravtsov