Martin Bosslet emboss

## gist:2662872
class Integer
  #Newton-Raphson: cubic root of n is equivalent to finding x in x**3 - n = 0
  #=> x_(k+1) = x_k - f(x_k) / f'(x_k)
  #=> x_(k+1) = x_k - (x_k**3 - n) / (3 * x_k**2)
  #=> x_(k+1) = (2*x_k**3 + n) / (3*x_k**2)
  #=> x_(k+1) = 2*x_k/3 + n/(3*x_k**2)
  #returns an integer cubic root and a boolean indicating whether the root is exact
  def icbrt
    iter = lambda { |x, n| 2 * x / 3 + n / (3 * x * x) }
    x = self

## gist:2625014
OpenSSL:

./openssl s_client -connect google.com:443 -CAfile /etc/ssl/certs/ca-bundle.crt -tls1_2
CONNECTED(00000003)
139935467882144:error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number:s3_pkt.c:340:

Ruby:

require 'socket'
require 'openssl'

## gist:2069143
ruby 2.0.0dev (2012-02-11 trunk 34554) [x86_64-linux]
                                                user     system      total        real
OpenSSL::X509::Certificate parse(n=100000)    4.070000   0.160000   4.230000 (  4.306612)
Krypt::X509::Certificate parse(n=100000)      0.320000   0.010000   0.330000 (  0.325850)

rubinius 2.0.0dev (1.9.3 3e55abc8 yyyy-mm-dd JI) [x86_64-unknown-linux-gnu]
                                                user     system      total        real
OpenSSL::X509::Certificate parse(n=100000)    4.673289   0.062990   4.736279 (  4.808672)
Krypt::X509::Certificate parse(n=100000)      0.502923   0.001000   0.503923 (  0.509898)

## gist:1793205
Ruby 1.9.3-pXXX is released.

This release include a security fixes of the Ruby OpenSSL extension.
And many bugs are fixed in this release.

* Fixed: LLVM/clang support [Bug #5076]
* Fixed: GCC 4.7 support [Bug #5851]


* Fixed: Allow "0/n splitting" as a prevention for the TLS BEAST attack [Bug #5353]

## gist:1653729
Hiroshi Nakamura has been with Ruby from the very
beginning, when it was still unknown outside of Japan.
He's the only one who is a core member on two Ruby
implementations (afaik), CRuby and JRuby, and he's
also a significant contributor to very important
gems/extensions: OpenSSL, jruby-ossl and httpclient
were authored by him, Webrick is maintained by him
and he has contributed to numerous others. He's also
one of the driving forces behind
https://bugs.ruby-lang.org/projects/ruby/wiki/StdlibGem

## gist:1614643
Krypt Asn.1 decoding performance for Rubinius, JRuby and CRuby

****** Rubinius ******

[martin@localhost krypt]$ rbx -X19 -v
rubinius 2.0.0dev (1.9.3 b976944f yyyy-mm-dd JI) [x86_64-unknown-linux-gnu]
[martin@localhost krypt]$ rbx -X19 -Ilib -I../krypt-core/lib bm/bm_asn1.rb
                                                    user     system      total        real
Krypt::Asn1.decode String(n=1000)                 0.002000   0.000000   0.002000 (  0.002414)
OpenSSL::Asn1.decode String(n=1000)               0.254962   0.006999   0.261961 (  0.508823)

## gist:1597215
I looked into http://grothoff.org/christian/esed.pdf when I found that
they produce a RIPEMD-160 hash to generate a key from 128 bits and take
the rest for the IV.

You could use a similar approach to generate key and IV where the IV is
independent (somewhat) of the key by using a non-salted key derivation
function that is normally used in Diffie-Hellman-like Key Exchange
protocols. They are used to generate arbitrary-length output from an
initial fixed-size output. (see the KDFs in http://www.di-mgt.com.au/cryptoKDFs.html)
The salt is not needed in our case, since the underlying data (the

## gist:1515075
require 'net/http'
require 'openssl'

#VeriSign root
root = OpenSSL::X509::Certificate.new <<-EOF
-----BEGIN CERTIFICATE-----
MIICPDCCAaUCEHC65B0Q2Sk0tjjKewPMur8wDQYJKoZIhvcNAQECBQAwXzELMAkG
A1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFz
cyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTk2
MDEyOTAwMDAwMFoXDTI4MDgwMTIzNTk1OVowXzELMAkGA1UEBhMCVVMxFzAVBgNV

## gist:1483407
require 'openssl'

data = "letest" * 10

cipher = OpenSSL::Cipher::AES128.new('CBC')
cipher.encrypt
key = OpenSSL::Random.random_bytes(cipher.key_len)
cipher.key = key
cipher.iv = "OpenSSL for Ruby rulez!"

## gist:1480700
require 'openssl'

data = "lesecret" * 10
cipher = OpenSSL::Cipher::AES256.new("CBC")
key = OpenSSL::Random.random_bytes(cipher.key_len)
cipher.encrypt
cipher.key = key

enc = cipher.update(data) + cipher.final
	class Integer
	#Newton-Raphson: cubic root of n is equivalent to finding x in x**3 - n = 0
	#=> x_(k+1) = x_k - f(x_k) / f'(x_k)
	#=> x_(k+1) = x_k - (x_k*3 - n) / (3 x_k**2)
	#=> x_(k+1) = (2x_k3 + n) / (3x_k**2)
	#=> x_(k+1) = 2x_k/3 + n/(3x_k**2)
	#returns an integer cubic root and a boolean indicating whether the root is exact
	def icbrt
	iter = lambda { \|x, n\| 2 * x / 3 + n / (3 * x * x) }
	x = self
	OpenSSL:

	./openssl s_client -connect google.com:443 -CAfile /etc/ssl/certs/ca-bundle.crt -tls1_2
	CONNECTED(00000003)
	139935467882144:error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number:s3_pkt.c:340:

	Ruby:

	require 'socket'
	require 'openssl'
	ruby 2.0.0dev (2012-02-11 trunk 34554) [x86_64-linux]
	user system total real
	OpenSSL::X509::Certificate parse(n=100000) 4.070000 0.160000 4.230000 ( 4.306612)
	Krypt::X509::Certificate parse(n=100000) 0.320000 0.010000 0.330000 ( 0.325850)

	rubinius 2.0.0dev (1.9.3 3e55abc8 yyyy-mm-dd JI) [x86_64-unknown-linux-gnu]
	user system total real
	OpenSSL::X509::Certificate parse(n=100000) 4.673289 0.062990 4.736279 ( 4.808672)
	Krypt::X509::Certificate parse(n=100000) 0.502923 0.001000 0.503923 ( 0.509898)
	Ruby 1.9.3-pXXX is released.

	This release include a security fixes of the Ruby OpenSSL extension.
	And many bugs are fixed in this release.

	* Fixed: LLVM/clang support [Bug #5076]
	* Fixed: GCC 4.7 support [Bug #5851]


	* Fixed: Allow "0/n splitting" as a prevention for the TLS BEAST attack [Bug #5353]
	Hiroshi Nakamura has been with Ruby from the very
	beginning, when it was still unknown outside of Japan.
	He's the only one who is a core member on two Ruby
	implementations (afaik), CRuby and JRuby, and he's
	also a significant contributor to very important
	gems/extensions: OpenSSL, jruby-ossl and httpclient
	were authored by him, Webrick is maintained by him
	and he has contributed to numerous others. He's also
	one of the driving forces behind
	https://bugs.ruby-lang.org/projects/ruby/wiki/StdlibGem
	Krypt Asn.1 decoding performance for Rubinius, JRuby and CRuby

	**** Rubinius ****

	[martin@localhost krypt]$ rbx -X19 -v
	rubinius 2.0.0dev (1.9.3 b976944f yyyy-mm-dd JI) [x86_64-unknown-linux-gnu]
	[martin@localhost krypt]$ rbx -X19 -Ilib -I../krypt-core/lib bm/bm_asn1.rb
	user system total real
	Krypt::Asn1.decode String(n=1000) 0.002000 0.000000 0.002000 ( 0.002414)
	OpenSSL::Asn1.decode String(n=1000) 0.254962 0.006999 0.261961 ( 0.508823)
	I looked into http://grothoff.org/christian/esed.pdf when I found that
	they produce a RIPEMD-160 hash to generate a key from 128 bits and take
	the rest for the IV.

	You could use a similar approach to generate key and IV where the IV is
	independent (somewhat) of the key by using a non-salted key derivation
	function that is normally used in Diffie-Hellman-like Key Exchange
	protocols. They are used to generate arbitrary-length output from an
	initial fixed-size output. (see the KDFs in http://www.di-mgt.com.au/cryptoKDFs.html)
	The salt is not needed in our case, since the underlying data (the
	require 'net/http'
	require 'openssl'

	#VeriSign root
	root = OpenSSL::X509::Certificate.new <<-EOF
	-----BEGIN CERTIFICATE-----
	MIICPDCCAaUCEHC65B0Q2Sk0tjjKewPMur8wDQYJKoZIhvcNAQECBQAwXzELMAkG
	A1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFz
	cyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTk2
	MDEyOTAwMDAwMFoXDTI4MDgwMTIzNTk1OVowXzELMAkGA1UEBhMCVVMxFzAVBgNV
	require 'openssl'

	data = "letest" * 10

	cipher = OpenSSL::Cipher::AES128.new('CBC')
	cipher.encrypt
	key = OpenSSL::Random.random_bytes(cipher.key_len)
	cipher.key = key
	cipher.iv = "OpenSSL for Ruby rulez!"
	require 'openssl'

	data = "lesecret" * 10
	cipher = OpenSSL::Cipher::AES256.new("CBC")
	key = OpenSSL::Random.random_bytes(cipher.key_len)
	cipher.encrypt
	cipher.key = key

	enc = cipher.update(data) + cipher.final