On Jul 28, 3:05   쮮
>
> [ ... ]
>
> Can anyone point me to a ruby example for extracting this salt and iv
> info from an openssl-encrypted file, so I can then decrypt it via ruby's
> OpenSSL module?

Well, I figured it out. First of all, I need the key size and iv size
for the encryption scheme. According to the chart in Table 15.6 at
this
site, http://codeidol.com/security/internet-and-intranet-security/Transport-Layer-Security-Protocols/15.2-SSL-PROTOCOL/,
these values are 16 and 0,
respectively, for the RC4 encryption scheme. Armed with these values,
I
came up with the following ruby code (more error checking is needed):

#!/usr/bin/
ruby

require 'openssl'
require 'digest/md5'

def decrypt_from_openssl_encrypted(file, password, scheme, keysize,
ivsize)
  encrypted_data = nil
  begin
    File.open(file, 'r') {
      |f|
      encrypted_data = f.read
    }
  rescue
    return nil
  end
  if encrypted_data.nil?        or
     encrypted_data.length < 16 or
     encrypted_data[0, 8] != 'Salted__'
    return nil
  end
  salt = encrypted_data[8, 8]
  encrypted_data = encrypted_data[16..-1]
  totsize = keysize + ivsize
  keyivdata = ''
  temp = ''
  while keyivdata.length < totsize do
    temp = Digest::MD5.digest(temp + password + salt);
    keyivdata << temp
  end
  key = keyivdata[0, keysize]
  iv  = keyivdata[keysize, ivsize]
  c = OpenSSL::Cipher::Cipher.new(scheme)
  c.decrypt
  c.key = key
  c.iv  = iv
  result = c.update(encrypted_data)
  result << c.final
  return result
end

file     = 'encrypted.file'
password = '????????'
scheme   = 'rc4'
keysize  = 16
ivsize   = 0

decrypted = decrypt_from_openssl_encrypted(file,
                                           password,
                                           scheme,
                                           keysize,
                                           ivsize)

if decrypted.nil?
  puts 'unable to decrypt'
else
  puts decrypted
end

--
 Lloyd Zusman
 ljz / asfast.com
 God bless you.