Method: OpenSSL::HMAC#initialize

Defined in:
ossl_hmac.c

#new(key, digest) ⇒ Object

Returns an instance of OpenSSL::HMAC set with the key and digest algorithm to be used. The instance represents the initial state of the message authentication code before any data has been processed. To process data with it, use the instance method #update with your data as an argument.

Example

key = ‘key’ instance = OpenSSL::HMAC.new(key, ‘SHA1’) #=> f42bb0eeb018ebbd4597ae7213711ec60760843f instance.class #=> OpenSSL::HMAC

A note about comparisons

Two instances can be securely compared with #== in constant time:

other_instance = OpenSSL::HMAC.new(‘key’, ‘SHA1’) #=> f42bb0eeb018ebbd4597ae7213711ec60760843f instance == other_instance #=> true



92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
 
# File 'ossl_hmac.c', line 92

static VALUE
ossl_hmac_initialize(VALUE self, VALUE key, VALUE digest)
{
    EVP_MD_CTX *ctx;
    EVP_PKEY *pkey;

    GetHMAC(self, ctx);
    StringValue(key);
#ifdef HAVE_EVP_PKEY_NEW_RAW_PRIVATE_KEY
    pkey = EVP_PKEY_new_raw_private_key(EVP_PKEY_HMAC, NULL,
                                        (unsigned char *)RSTRING_PTR(key),
                                        RSTRING_LENINT(key));
    if (!pkey)
        ossl_raise(eHMACError, "EVP_PKEY_new_raw_private_key");
#else
    pkey = EVP_PKEY_new_mac_key(EVP_PKEY_HMAC, NULL,
                                (unsigned char *)RSTRING_PTR(key),
                                RSTRING_LENINT(key));
    if (!pkey)
        ossl_raise(eHMACError, "EVP_PKEY_new_mac_key");
#endif
    if (EVP_DigestSignInit(ctx, NULL, ossl_evp_get_digestbyname(digest),
                           NULL, pkey) != 1) {
        EVP_PKEY_free(pkey);
        ossl_raise(eHMACError, "EVP_DigestSignInit");
    }
    /* Decrement reference counter; EVP_MD_CTX still keeps it */
    EVP_PKEY_free(pkey);

    return self;
}