emboss

# Original castealer.rb with analysis
#####################################################################################
 
require 'rubygems' #redundant
require 'openssl'
require 'digest/md5' #redundant
 
key = OpenSSL::PKey::RSA.new(2048)
cipher = OpenSSL::Cipher::AES.new(256, :CBC) #redundant
ctx = OpenSSL::SSL::SSLContext.new #redundant

emboss

==> openssl-build.bash <==
#!/bin/bash

set -e -x

export CFLAG="-g"
export CFLAGS="-g"

# Debugging Target
# debug-linux-elf-noefence

emboss

t = Thread.new do
  pid = Process.fork do
   loop do
     puts "Hi"
     sleep 0.5
   end
  end
  puts "Use 'kill -9 #{pid}' to kill me!"
  Process.wait pid  
end

emboss

require 'socket'
require 'openssl'

class MyServer
 
  DHParam = OpenSSL::PKey::DH.new(128)

  TEST_KEY_RSA1024 = OpenSSL::PKey::RSA.new <<-_end_of_pem_
-----BEGIN RSA PRIVATE KEY-----
MIICXgIBAAKBgQDLwsSw1ECnPtT+PkOgHhcGA71nwC2/nL85VBGnRqDxOqjVh7Cx

emboss

require 'openssl'

data = "lesecret" * 10
cipher = OpenSSL::Cipher::AES256.new("CBC")
key = OpenSSL::Random.random_bytes(cipher.key_len)
cipher.encrypt
cipher.key = key

enc = cipher.update(data) + cipher.final

emboss

require 'openssl'

data = "letest" * 10

cipher = OpenSSL::Cipher::AES128.new('CBC')
cipher.encrypt
key = OpenSSL::Random.random_bytes(cipher.key_len)
cipher.key = key
cipher.iv = "OpenSSL for Ruby rulez!"

emboss

require 'net/http'
require 'openssl'

#VeriSign root
root = OpenSSL::X509::Certificate.new <<-EOF
-----BEGIN CERTIFICATE-----
MIICPDCCAaUCEHC65B0Q2Sk0tjjKewPMur8wDQYJKoZIhvcNAQECBQAwXzELMAkG
A1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFz
cyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTk2
MDEyOTAwMDAwMFoXDTI4MDgwMTIzNTk1OVowXzELMAkGA1UEBhMCVVMxFzAVBgNV

emboss

I looked into http://grothoff.org/christian/esed.pdf when I found that
they produce a RIPEMD-160 hash to generate a key from 128 bits and take
the rest for the IV. 

You could use a similar approach to generate key and IV where the IV is 
independent (somewhat) of the key by using a non-salted key derivation 
function that is normally used in Diffie-Hellman-like Key Exchange 
protocols. They are used to generate arbitrary-length output from an 
initial fixed-size output. (see the KDFs in http://www.di-mgt.com.au/cryptoKDFs.html) 
The salt is not needed in our case, since the underlying data (the 

emboss

Krypt Asn.1 decoding performance for Rubinius, JRuby and CRuby

****** Rubinius ******

[martin@localhost krypt]$ rbx -X19 -v
rubinius 2.0.0dev (1.9.3 b976944f yyyy-mm-dd JI) [x86_64-unknown-linux-gnu]
[martin@localhost krypt]$ rbx -X19 -Ilib -I../krypt-core/lib bm/bm_asn1.rb
                                                    user     system      total        real
Krypt::Asn1.decode String(n=1000)                 0.002000   0.000000   0.002000 (  0.002414)
OpenSSL::Asn1.decode String(n=1000)               0.254962   0.006999   0.261961 (  0.508823)

emboss

Hiroshi Nakamura has been with Ruby from the very
beginning, when it was still unknown outside of Japan.
He's the only one who is a core member on two Ruby
implementations (afaik), CRuby and JRuby, and he's
also a significant contributor to very important
gems/extensions: OpenSSL, jruby-ossl and httpclient
were authored by him, Webrick is maintained by him
and he has contributed to numerous others. He's also
one of the driving forces behind
https://bugs.ruby-lang.org/projects/ruby/wiki/StdlibGem