bundle update broke Digest library. Trouble upgrading to OpenSSL

Question

We did a bundle update recently that went wrong. As we understood, the support for 'digest/hmac' dropped, so I wanted to use OpenSSL instead:

OLD [WORKING] CODE:

 def signature(str)
    key = EnvHelpers.google_oauth2_hmac_key
    Digest::HMAC.hexdigest(str, key, Digest::SHA2)
 end

NEW CODE:

def signature(str)
  key = EnvHelpers.google_oauth2_hmac_key
  OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new("sha2"), key, str)
end

When we run rspec:

Failure/Error: OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new("sha2"), key, str)

 RuntimeError:
   Unsupported digest algorithm (sha2).: first num too large

Relevant parts of the Gemfile:

ruby "2.3.3"
gem "openssl", require: true # Gemfile.lock says I am at (2.0.3)

We are opened to any suggestion to resolve the problem. This part of the code is mostly used for our Google and Facebook connection flow.

score 1 · Answer 1 · answered Mar 21 '17 at 18:39

I am answering my own question as I solved the problem. The main source of confusion is that sha2 is not a specific algorithm. However sha256 will do the job. So the following code seems to work just fine:

def signature(str)
  key = EnvHelpers.google_oauth2_hmac_key
  OpenSSL::HMAC.hexdigest(OpenSSL::Digest::SHA256.new, key, str)
end

bundle update broke Digest library. Trouble upgrading to OpenSSL

1 Answers1