=================================================================== RCS file: /cvs/palm/Palm-Keyring/lib/Palm/Keyring.pm,v retrieving revision 1.39 retrieving revision 1.43 diff -u -r1.39 -r1.43 --- palm/Palm-Keyring/lib/Palm/Keyring.pm 2007/02/23 03:24:09 1.39 +++ palm/Palm-Keyring/lib/Palm/Keyring.pm 2007/02/23 22:05:17 1.43 @@ -1,5 +1,5 @@ package Palm::Keyring; -# $RedRiver: Keyring.pm,v 1.38 2007/02/23 02:54:49 andrew Exp $ +# $RedRiver: Keyring.pm,v 1.42 2007/02/23 03:41:28 andrew Exp $ ######################################################################## # Keyring.pm *** Perl class for Keyring for Palm OS databases. # @@ -1000,7 +1000,7 @@ import Digest::SHA1 qw(sha1); my $key = _pbkdf2( $pass, $salt, $iter, $keylen, \&hmac_sha1 ); - if ($dop) { $key = DES_odd_parity($key); } + if ($dop) { $key = _DES_odd_parity($key); } my $hash = unpack("H*", substr(sha1($key.$salt),0, 8)); @@ -1242,7 +1242,7 @@ return substr($t, 0, $keylen); } -sub DES_odd_parity($) { +sub _DES_odd_parity($) { my $key = $_[0]; my ($r, $i); my @odd_parity = ( @@ -1285,7 +1285,7 @@ It currently supports the v4 Keyring databases as well as the pre-release v5 databases. I am not completely happy with the interface -for accessing the v5 database, so any suggestions on improvements on +for accessing v5 databases, so any suggestions on improvements on the interface are appreciated. This module doesn't store the decrypted content. It only keeps it until it @@ -1381,6 +1381,7 @@ =back For v5 databases there are some additional appinfo fields set. +These are set either on new() or Load(). $pdb->{appinfo} = { # normal appinfo stuff described in L @@ -1388,13 +1389,14 @@ iter => Number of iterations for the cipher }; -=head2 crypt +=head2 crypts Pass in the alias of the crypt to use, or the index. These only make sense for v5 databases. This is a function, not a method. + $cipher can be 0, 1, 2, 3, None, DES_EDE3, AES128 or AES256. my $c = Palm::Keyring::crypt($cipher); @@ -1483,7 +1485,7 @@ Decrypts the record and returns a reference for the account as described under Encrypt(). - foreach (0..$#{ $pdb->{records}) { + foreach (0..$#{ $pdb->{records} }) { next if $_ == 0 && $pdb->{version} == 4; my $rec = $pdb->{records}->[$_]; my $acct = $pdb->Decrypt($rec); @@ -1526,16 +1528,65 @@ or calculated when setting a new password. }; +=head2 Other overridden subroutines/methods + +=over + +=item ParseAppInfoBlock + +Converts the extra returned by Palm::StdAppInfo::ParseAppInfoBlock() into +the following additions to $pdb->{appinfo} + + $pdb->{appinfo} = { + cipher => The index number of the cipher being used (Not v4) + iter => Number of iterations for the cipher (Not v4) + }; + +=item PackAppInfoBlock + +Reverses ParseAppInfoBlock before +sending it on to Palm::StdAppInfo::PackAppInfoBlock() + +=item ParseRecord + +Adds some fields to a record from Palm::StdAppInfo::ParseRecord() + + $rec = { + name => Account name + ivec => The IV for the encrypted record. (Not v4) + encrypted => the encrypted information + }; + +=item PackRecord + +Reverses ParseRecord and then sends it through Palm::StdAppInfo::PackRecord() + +=back + =head1 DEPENDENCIES Palm::StdAppInfo +B + Digest::MD5 Crypt::DES -Readonly +B +Digest::HMAC_SHA1 + +Digest::SHA1 + +Depending on how the database is encrypted + +Crypt::CBC - For any encryption but None + +Crypt::DES_EDE3 - DES_EDE3 encryption + +Crytp::Rijndael - AES encryption schemes + =head1 THANKS I would like to thank the helpful Perlmonk shigetsu who gave me some great advice @@ -1550,7 +1601,29 @@ as giving me some very helpful hints about doing a few things that I was unsure of. He is really great. +And finally, +thanks to Jochen Hoenicke Ehoenicke@gmail.comE +(one of the authors of Palm Keyring) +for getting me started on the v5 support as well as providing help +and some subroutines. + =head1 BUGS AND LIMITATIONS + +I am sure there are problems with this module. For example, I have +not done very extensive testing of the v5 databases. + +I am not very happy with the data structures used by Encrypt() and +Decrypt() for v5 databases, but I am not sure of a better way. + +The v4 compatibility mode does not insert a fake record 0 where +normally the encrypted password is stored. + +The date validation for packing new dates is very poor. + +I have not gone through and standardized on how the module fails. Some +things fail with croak, some return undef, some may even fail silently. +Nothing initializes a lasterr method or anything like that. I need +to fix all that before it is a 1.0 candidate. Please report any bugs or feature requests to C, or through the web interface at