Class: OpenSSL::HMAC
Relationships & Source Files | |
Inherits: | Object |
Defined in: | ext/openssl/ossl_hmac.c, ext/openssl/ossl_hmac.c |
Overview
HMAC
allows computing Hash-based Message Authentication Code (HMAC). It is a type of message authentication code (MAC) involving a hash function in combination with a key. HMAC
can be used to verify the integrity of a message as well as the authenticity.
HMAC
has a similar interface to Digest.
HMAC-SHA256 using one-shot interface
key = "key"
data = "message-to-be-authenticated"
mac = OpenSSL::HMAC.hexdigest("SHA256", key, data)
#=> "cddb0db23f469c8bf072b21fd837149bd6ace9ab771cceef14c9e517cc93282e"
HMAC-SHA256 using incremental interface
data1 = File.read("file1")
data2 = File.read("file2")
key = "key"
digest = OpenSSL::Digest::SHA256.new
hmac = OpenSSL::HMAC.new(key, digest)
hmac << data1
hmac << data2
mac = hmac.digest
Class Method Summary
-
.digest(digest, key, data) ⇒ String
Returns the authentication code as a binary string.
-
.hexdigest(digest, key, data) ⇒ String
Alias for .to_s.
-
.inspect(digest, key, data) ⇒ String
Alias for .to_s.
-
.new(key, digest) ⇒ HMAC
constructor
Returns an instance of
HMAC
set with the key and digest algorithm to be used. -
.to_s(digest, key, data) ⇒ String
(also: .hexdigest, .inspect)
Returns the authentication code as a hex-encoded string.
Instance Method Summary
-
#<<(string) ⇒ self
(also: #update)
Returns
self
updated with the message to be authenticated. -
#digest ⇒ String
Returns the authentication code an instance represents as a binary string.
-
#hexdigest ⇒ String
Returns the authentication code an instance represents as a hex-encoded string.
-
#reset ⇒ self
Returns
self
as it was when it was first initialized, with all processed data cleared from it. -
#update(string) ⇒ self
Alias for #<<.
Constructor Details
.new(key, digest) ⇒ HMAC
Returns an instance of HMAC
set with the key and digest algorithm to be used. The instance represents the initial state of the message authentication code before any data has been processed. To process data with it, use the instance method #update with your data as an argument.
Example
key = 'key'
digest = OpenSSL::Digest.new('sha1')
instance = OpenSSL::HMAC.new(key, digest)
#=> f42bb0eeb018ebbd4597ae7213711ec60760843f
instance.class
#=> OpenSSL::HMAC
A note about comparisons
Two instances won't be equal when they're compared, even if they have the same value. Use #to_s
or #hexdigest to return the authentication code that the instance represents. For example:
other_instance = OpenSSL::HMAC.new('key', OpenSSL::Digest.new('sha1'))
#=> f42bb0eeb018ebbd4597ae7213711ec60760843f
instance
#=> f42bb0eeb018ebbd4597ae7213711ec60760843f
instance == other_instance
#=> false
instance.to_s == other_instance.to_s
#=> true
Class Method Details
.digest(digest, key, data) ⇒ String
Returns the authentication code as a binary string. The digest
parameter must be an instance of Digest.
Example
key = 'key'
data = 'The quick brown fox jumps over the lazy dog'
digest = OpenSSL::Digest.new('sha1')
hmac = OpenSSL::HMAC.digest(digest, key, data)
#=> "\xDE|\x9B\x85\xB8\xB7\x8A\xA6\xBC\x8Az6\xF7\n\x90p\x1C\x9D\xB4\xD9"
.to_s(digest, key, data) ⇒ String
.hexdigest(digest, key, data) ⇒ String
String
.hexdigest(digest, key, data) ⇒ String
Alias for .to_s.
.to_s(digest, key, data) ⇒ String
.inspect(digest, key, data) ⇒ String
String
.inspect(digest, key, data) ⇒ String
Alias for .to_s.
.to_s(digest, key, data) ⇒ String
Also known as: .hexdigest, .inspect
Returns the authentication code as a hex-encoded string. The .digest parameter must be an instance of Digest.
Example
key = 'key'
data = 'The quick brown fox jumps over the lazy dog'
digest = OpenSSL::Digest.new('sha1')
hmac = OpenSSL::HMAC.hexdigest(digest, key, data)
#=> "de7c9b85b8b78aa6bc8a7a36f70a90701c9db4d9"
Instance Method Details
#<<(string) ⇒ self
Also known as: #update
Returns self
updated with the message to be authenticated. Can be called repeatedly with chunks of the message.
Example
first_chunk = 'The quick brown fox jumps '
second_chunk = 'over the lazy dog'
instance.update(first_chunk)
#=> 5b9a8038a65d571076d97fe783989e52278a492a
instance.update(second_chunk)
#=> de7c9b85b8b78aa6bc8a7a36f70a90701c9db4d9
#digest ⇒ String
#hexdigest ⇒ String
Returns the authentication code an instance represents as a hex-encoded string.
#reset ⇒ self
Returns self
as it was when it was first initialized, with all processed data cleared from it.
Example
data = "The quick brown fox jumps over the lazy dog"
instance = OpenSSL::HMAC.new('key', OpenSSL::Digest.new('sha1'))
#=> f42bb0eeb018ebbd4597ae7213711ec60760843f
instance.update(data)
#=> de7c9b85b8b78aa6bc8a7a36f70a90701c9db4d9
instance.reset
#=> f42bb0eeb018ebbd4597ae7213711ec60760843f
#<<(string) ⇒ self
#update(string) ⇒ self
self
#update(string) ⇒ self
Alias for #<<.