# File lib/dnsruby/resource/TSIG.rb, line 144
      def calculate_mac(algorithm, data)
        mac=nil
# + if (key_size > max_digest_len) {
# +   EVP_DigestInit(&ectx, digester);
# +   EVP_DigestUpdate(&ectx, (const void*) key_bytes, key_size);
# +   EVP_DigestFinal(&ectx, key_bytes, NULL);
# +   key_size = max_digest_len;
# + }
        key = @key.gsub(" ", "")
 #        key = Base64::decode64(key)
        key = key.unpack("m*")[0]
        if (algorithm.to_s.downcase == HMAC_MD5.to_s.downcase)
          mac = OpenSSL::HMAC.digest(OpenSSL::Digest::MD5.new, key, data)
        elsif (algorithm == HMAC_SHA1)
          mac = OpenSSL::HMAC.digest(OpenSSL::Digest::SHA1.new, key, data)
        elsif (algorithm == HMAC_SHA256)
          mac = OpenSSL::HMAC.digest(OpenSSL::Digest::SHA256.new, key, data)
        elsif (algorithm == HMAC_SHA512)
          mac = OpenSSL::HMAC.digest(OpenSSL::Digest::SHA512.new, key, data)
        else
          #  Should we allow client to pass in their own signing function?
          raise VerifyError.new("Algorithm #{algorithm} unsupported by TSIG")
        end
        return mac
      end