Whoops, my mistake -- your code behaves exactly like testing string for
equality. So you
can return computed_mac == presented_mac

Anyway I didn't understand what you're trying to achieve

2012/5/29 Dmitry S. Kravtsov <idkravitz / gmail.com>

> In your example you simply testing two strings for equality, with
> exception that when strings have different lengths you return true.
> So your example can be written as this:
> def message_authentic?(ciphertext, key, presented_mac)
> computed_mac = OpenSSL::HMAC.digest(OpenSSL::Digest::SHA256.new,
> OpenSSL::Digest::SHA256.new("mac" + key).to_s, ciphertext)
>
> computed_mac.length != presented_mac.length or computed_mac ==
> presented_mac
> end
>
> 2012/5/29 rooby shoez <lists / ruby-forum.com>
>
>> yuck the first example has issues I just realized, how about this way:
>>
>>
>> def message_authentic?(ciphertext, key, presented_mac)
>> computed_mac = OpenSSL::HMAC.digest(OpenSSL::Digest::SHA256.new,
>> OpenSSL::Digest::SHA256.new("mac" + key).to_s, ciphertext)
>> a = [true]
>> if computed_mac.length == presented_mac.length then
>> computer_mac.length.times do |i|
>> a += [computed_mac[i] == presented_mac[i]]
>> end
>> mac_verifies = a.inject(:==)
>> end
>>
>> --
>> Posted via http://www.ruby-forum.com/.
>>
>>
>
>
> --
> Dmitry S. Kravtsov
>



-- 
Dmitry S. Kravtsov