[lnkForumImage]
TotalShareware - Download Free Software
Confronta i prezzi di migliaia di prodotti.
Asp Forum
 Home | Login | Register | Search 


 

Forums >

comp.lang.ruby

What these lines of code do?

MohsinHijazee

1/23/2008 2:00:00 PM

# What this is doing? I mean Digest.new('sha1') returns what?
digest = OpenSSL::Digest::Digest.new('sha1')

# Is it so that we say HMAC.digest to use the SHA1 algorithm?
hmac = OpenSSL::HMAC.digest(digest, SECRET_KEY, uri)

# What the chomp method does?
signature = Base64.encode64(hmac).chomp

Asking these questions as they are not documented in the Ruby
documentation.

Regards,
Mohsin
7 Answers

Jano Svitok

1/23/2008 2:41:00 PM

0

On Jan 23, 2008 3:05 PM, MohsinHijazee <mohsinhijazee@gmail.com> wrote:
> # What this is doing? I mean Digest.new('sha1') returns what?
> digest = OpenSSL::Digest::Digest.new('sha1')
>
> # Is it so that we say HMAC.digest to use the SHA1 algorithm?
> hmac = OpenSSL::HMAC.digest(digest, SECRET_KEY, uri)
>
> # What the chomp method does?
> signature = Base64.encode64(hmac).chomp
>
> Asking these questions as they are not documented in the Ruby
> documentation.
>
> Regards,
> Mohsin

http://ruby-doc.org/stdlib/libdoc/openssl/rdoc/...
http://ruby-doc.org/core/classes/S...

yermej

1/23/2008 3:03:00 PM

0

On Jan 23, 8:40 am, Jano Svitok <jan.svi...@gmail.com> wrote:
> On Jan 23, 2008 3:05 PM, MohsinHijazee <mohsinhija...@gmail.com> wrote:
>
> > # What this is doing? I mean Digest.new('sha1') returns what?
> > digest = OpenSSL::Digest::Digest.new('sha1')
>
> > # Is it so that we say HMAC.digest to use the SHA1 algorithm?
> > hmac = OpenSSL::HMAC.digest(digest, SECRET_KEY, uri)
>
> > # What the chomp method does?
> > signature = Base64.encode64(hmac).chomp
>
> > Asking these questions as they are not documented in the Ruby
> > documentation.
>
> > Regards,
> > Mohsin
>
> http://ruby-doc.org/stdlib/libdoc/openssl/rdoc/...

There really isn't any useful documentation at that URL. You can see
the source of some methods, but there's still no explanation of terms
or how everything fits together. There are also some important classes
missing (SSLContext, Certificate).

http://en.wikipedia.org/wiki/Cryptographic_has... might be your
best bet for the two OpenSSL questions. Once you know what the various
terms mean, you can apply that knowledge to any crypto library.

You can also find some info in the docs at openssl.org, but they
aren't Ruby specific and won't help much if you don't have at least
some knowledge of the terms involved. I've found the O'Reilly book
'Network Security with OpenSSL' to be pretty helpful, but it isn't
Ruby specific either. There are also some simple examples packaged
with the Ruby source in ruby-1.8.6/sample/openssl that are helpful in
fitting the pieces together.

MohsinHijazee

1/24/2008 6:13:00 AM

0

On Jan 23, 8:02 pm, yermej <yer...@gmail.com> wrote:
> On Jan 23, 8:40 am, Jano Svitok <jan.svi...@gmail.com> wrote:
>
>
>
> > On Jan 23, 2008 3:05 PM, MohsinHijazee <mohsinhija...@gmail.com> wrote:
>
> > > # What this is doing? I mean Digest.new('sha1') returns what?
> > > digest = OpenSSL::Digest::Digest.new('sha1')
>
> > > # Is it so that we say HMAC.digest to use the SHA1 algorithm?
> > > hmac = OpenSSL::HMAC.digest(digest, SECRET_KEY, uri)
>
> > > # What the chomp method does?
> > > signature = Base64.encode64(hmac).chomp
>
> > > Asking these questions as they are not documented in the Ruby
> > > documentation.
>
> > > Regards,
> > > Mohsin
>
> >http://ruby-doc.org/stdlib/libdoc/openssl/rdoc/...
>
> There really isn't any useful documentation at that URL. You can see
> the source of some methods, but there's still no explanation of terms
> or how everything fits together. There are also some important classes
> missing (SSLContext, Certificate).
>
> http://en.wikipedia.org/wiki/Cryptographic_hash_fun... be your
> best bet for the two OpenSSL questions. Once you know what the various
> terms mean, you can apply that knowledge to any crypto library.
>
> You can also find some info in the docs at openssl.org, but they
> aren't Ruby specific and won't help much if you don't have at least
> some knowledge of the terms involved. I've found the O'Reilly book
> 'Network Security with OpenSSL' to be pretty helpful, but it isn't
> Ruby specific either. There are also some simple examples packaged
> with the Ruby source in ruby-1.8.6/sample/openssl that are helpful in
> fitting the pieces together.
Actually, I understand the terms involved. But the problem is that
functions are not documented properly. The HMAC.digest should take two
arguments, one should be the key and the second should be the message
to be encrypted whereas its taking three arguments. In an IRB session,
even the version with two arguments complains that its being provided
with too many arguments. Anyone to clarify on this?

Regards,
Mohsin

MohsinHijazee

1/24/2008 6:13:00 AM

0

On Jan 23, 8:02 pm, yermej <yer...@gmail.com> wrote:
> On Jan 23, 8:40 am, Jano Svitok <jan.svi...@gmail.com> wrote:
>
>
>
> > On Jan 23, 2008 3:05 PM, MohsinHijazee <mohsinhija...@gmail.com> wrote:
>
> > > # What this is doing? I mean Digest.new('sha1') returns what?
> > > digest = OpenSSL::Digest::Digest.new('sha1')
>
> > > # Is it so that we say HMAC.digest to use the SHA1 algorithm?
> > > hmac = OpenSSL::HMAC.digest(digest, SECRET_KEY, uri)
>
> > > # What the chomp method does?
> > > signature = Base64.encode64(hmac).chomp
>
> > > Asking these questions as they are not documented in the Ruby
> > > documentation.
>
> > > Regards,
> > > Mohsin
>
> >http://ruby-doc.org/stdlib/libdoc/openssl/rdoc/...
>
> There really isn't any useful documentation at that URL. You can see
> the source of some methods, but there's still no explanation of terms
> or how everything fits together. There are also some important classes
> missing (SSLContext, Certificate).
>
> http://en.wikipedia.org/wiki/Cryptographic_hash_fun... be your
> best bet for the two OpenSSL questions. Once you know what the various
> terms mean, you can apply that knowledge to any crypto library.
>
> You can also find some info in the docs at openssl.org, but they
> aren't Ruby specific and won't help much if you don't have at least
> some knowledge of the terms involved. I've found the O'Reilly book
> 'Network Security with OpenSSL' to be pretty helpful, but it isn't
> Ruby specific either. There are also some simple examples packaged
> with the Ruby source in ruby-1.8.6/sample/openssl that are helpful in
> fitting the pieces together.
Actually, I understand the terms involved. But the problem is that
functions are not documented properly. The HMAC.digest should take two
arguments, one should be the key and the second should be the message
to be encrypted whereas its taking three arguments. In an IRB session,
even the version with two arguments complains that its being provided
with too many arguments. Anyone to clarify on this?

Regards,
Mohsin

MohsinHijazee

1/24/2008 6:13:00 AM

0

On Jan 23, 8:02 pm, yermej <yer...@gmail.com> wrote:
> On Jan 23, 8:40 am, Jano Svitok <jan.svi...@gmail.com> wrote:
>
>
>
> > On Jan 23, 2008 3:05 PM, MohsinHijazee <mohsinhija...@gmail.com> wrote:
>
> > > # What this is doing? I mean Digest.new('sha1') returns what?
> > > digest = OpenSSL::Digest::Digest.new('sha1')
>
> > > # Is it so that we say HMAC.digest to use the SHA1 algorithm?
> > > hmac = OpenSSL::HMAC.digest(digest, SECRET_KEY, uri)
>
> > > # What the chomp method does?
> > > signature = Base64.encode64(hmac).chomp
>
> > > Asking these questions as they are not documented in the Ruby
> > > documentation.
>
> > > Regards,
> > > Mohsin
>
> >http://ruby-doc.org/stdlib/libdoc/openssl/rdoc/...
>
> There really isn't any useful documentation at that URL. You can see
> the source of some methods, but there's still no explanation of terms
> or how everything fits together. There are also some important classes
> missing (SSLContext, Certificate).
>
> http://en.wikipedia.org/wiki/Cryptographic_hash_fun... be your
> best bet for the two OpenSSL questions. Once you know what the various
> terms mean, you can apply that knowledge to any crypto library.
>
> You can also find some info in the docs at openssl.org, but they
> aren't Ruby specific and won't help much if you don't have at least
> some knowledge of the terms involved. I've found the O'Reilly book
> 'Network Security with OpenSSL' to be pretty helpful, but it isn't
> Ruby specific either. There are also some simple examples packaged
> with the Ruby source in ruby-1.8.6/sample/openssl that are helpful in
> fitting the pieces together.
Actually, I understand the terms involved. But the problem is that
functions are not documented properly. The HMAC.digest should take two
arguments, one should be the key and the second should be the message
to be encrypted whereas its taking three arguments. In an IRB session,
even the version with two arguments complains that its being provided
with too many arguments. Anyone to clarify on this?

Regards,
Mohsin

Clifford Heath

1/24/2008 6:38:00 AM

0

MohsinHijazee wrote:
> # What this is doing? I mean Digest.new('sha1') returns what?
> digest = OpenSSL::Digest::Digest.new('sha1')
>
> # Is it so that we say HMAC.digest to use the SHA1 algorithm?
> hmac = OpenSSL::HMAC.digest(digest, SECRET_KEY, uri)
>
> # What the chomp method does?
> signature = Base64.encode64(hmac).chomp
>
> Asking these questions as they are not documented in the Ruby
> documentation.


You should probably refer to the OpenSSL documentation, see
http://www.o...

yermej

1/24/2008 2:40:00 PM

0

On Jan 24, 12:13 am, MohsinHijazee <mohsinhija...@gmail.com> wrote:

> Actually, I understand the terms involved. But the problem is that
> functions are not documented properly. The HMAC.digest should take two
> arguments, one should be the key and the second should be the message
> to be encrypted whereas its taking three arguments. In an IRB session,
> even the version with two arguments complains that its being provided
> with too many arguments. Anyone to clarify on this?

Yes, it's true that the documentation is lacking. Can you post the
code and error message you get when trying to use HMAC.digest in irb?
On two of my systems (one Linux, on WinXP), the arity of HMAC.digest
is three:

> OpenSSL::HMAC.method(:digest).arity
=> 3

and it will take three arguments, but I don't know how to use the
method so I can't be of much help. In the Ruby source, the three
arguments are named digest, key, and data.