palm/Palm-Keyring/lib/Palm/Keyring.pm - diff

Return to Keyring.pm CVS log

Up to [local] / palm / Palm-Keyring / lib / Palm

Diff for /palm/Palm-Keyring/lib/Palm/Keyring.pm between version 1.1 and 1.9

version 1.1, 2006/01/26 20:54:19

version 1.9, 2006/11/10 17:49:51

Line 9

# This started as Memo.pm, I just made it work for Keyring.

# $Id$

# $RedRiver$

# $RedRiver: Keyring.pm,v 1.8 2006/11/10 17:31:38 andrew Exp $

use strict;

package Palm::Keyring;

Line 18

use vars qw( $VERSION @ISA );

use Digest::MD5 qw(md5);

use Crypt::TripleDES;

use Crypt::DES;

use constant ENCRYPT => 1;

use constant DECRYPT => 0;

Line 65

my $classname = shift;

my $pass = shift;

# Create a generic PDB. No need to rebless it, though.

my $self = $classname->SUPER::new(@_);

# Create a generic PDB. No need to rebless it,

# though.

$self->{name} = "Keys-Gtkr"; # Default

$self->{creator} = "Gtkr";

$self->{type} = "Gkyr";

# The PDB is not a resource database by

# default, but it's worth emphasizing,

# since MemoDB is explicitly not a PRC.

$self->{attributes}{resource} = 0;

# The PDB is not a resource database by

# default, but it's worth emphasizing,

# since MemoDB is explicitly not a PRC.

# Initialize the AppInfo block

$self->{appinfo} = {};

Line 87

Line 86

$self->{version} = 4;

# Give the PDB the first record that will hold the encrypted password

$self->{records} = [

$self->{records} = [ {

{

'category' => 0,

'attributes' => {

'private' => 1,

'Secret' => 1,

'Dirty' => 1,

'dirty' => 1,

'dirty' => 1

];

}, ];

if ($pass) {

$self->Encrypt($pass);

Line 113

Line 110

);

}

sub Load

{

my $self = shift;

$self->SUPER::Load(@_);

foreach my $record (@{ $self->{records} }) {

next unless exists $record->{data};

my ($name, $encrypted) = split /\000/, $record->{data}, 2;

next unless $encrypted;

$record->{plaintext}->{name} = $name;

$record->{encrypted} = $encrypted;

}

sub Write

{

my $self = shift;

$self->Encrypt() || return undef;

return $self->SUPER::Load(@_);

}

sub Encrypt

{

my $self = shift;

my $pass = shift;

if ($pass) {

unless ($self->_keyring_verify($pass) ) {

# This would encrypt with a new password.

Line 127

Line 147

}

my $seen_enc_pass = 0;

$self->{digest} ||= _calc_keys($self->{password});

foreach my $record (@{ $self->{records} }) {

unless ($seen_enc_pass) {

$seen_enc_pass = 1;

next;

}

foreach my $record (@{ $self->{records} }) {

next unless defined $record->{plaintext};

my $name = defined $record->{plaintext}->{name} ? $record->{plaintext}->{name} : '';

my $name = defined $record->{plaintext}->{name} ?

my $account = defined $record->{plaintext}->{account} ? $record->{plaintext}->{account} : '';

$record->{plaintext}->{name} : '';

my $password = defined $record->{plaintext}->{password} ? $record->{plaintext}->{password} : '';

my $account = defined $record->{plaintext}->{account} ?

my $description = defined $record->{plaintext}->{description} ? $record->{plaintext}->{description} : '';

$record->{plaintext}->{account} : '';

my $password = defined $record->{plaintext}->{password} ?

$record->{plaintext}->{password} : '';

my $description = defined $record->{plaintext}->{description} ?

$record->{plaintext}->{description} : '';

my $extra = '';

my $plaintext = join("\0", $account, $password, $description, $extra);

my $plaintext = join("\000", $account, $password, $description, $extra);

my $encrypted = $self->_crypt($plaintext, ENCRYPT);

my $encrypted = _crypt3des($plaintext, $self->{digest}, ENCRYPT);

$record->{data} = join("\0", $name, $encrypted);

$record->{data} = join("\000", $name, $encrypted);

}

return 1;

Line 161

Line 181

$self->_keyring_verify($pass) || return undef;

}

my $seen_enc_pass = 0;

$self->{digest} ||= _calc_keys($self->{password});

foreach my $record (@{ $self->{records} }) {

unless ($seen_enc_pass) {

# need to skip the first record because it is the encrypted password

$seen_enc_pass = 1;

next;

}

foreach my $record (@{ $self->{records} }) {

next unless defined $record->{data};

my ($name, $encrypted) = split /\0/, $record->{data};

my ($name, $encrypted) = split /\000/, $record->{data}, 2;

next unless $encrypted;

$record->{plaintext}->{name} = $name;

my $decrypted = $self->_crypt($encrypted, DECRYPT);

my $decrypted = _crypt3des($encrypted, $self->{digest}, DECRYPT);

my ($account, $password, $description, $extra)

= split /\0/, $decrypted, 4;

= split /\000/, $decrypted, 4;

$record->{plaintext}->{account} = defined $account ? $account : '';

$record->{plaintext}->{account} = defined $account ?

$record->{plaintext}->{password} = defined $password ? $password : '';

$account : '';

$record->{plaintext}->{description} = defined $description ? $description : '';

$record->{plaintext}->{password} = defined $password ?

$password : '';

$record->{plaintext}->{description} = defined $description ?

$description : '';

#print "Name: '$name'\n";

#print "Encrypted: '$encrypted' - Length: " . length($encrypted) . "\n";

#print " Hex: '" . unpack("H*", $encrypted) . "'\n";

#print " Binary:'" . unpack("b*", $encrypted) . "'\n";

#print "Decrypted: '$decrypted' - Length: " . length($decrypted) . "\n";

#print " Hex: '" . unpack("H*", $decrypted) . "'\n";

#print " Binary:'" . unpack("b*", $decrypted) . "'\n";

#print "\n";

#print "Extra: $extra\n";

#exit;

#--------------------------------------------------

# print "Account: $account\n";

# print "Password: $password\n";

Line 194

Line 223

return 1;

}

sub _crypt

{

my $self = shift;

my $original = shift;

my $flag = shift;

my $digest = $self->{digest} || $self->_calc_keys();

#print "DIGEST: $digest\n";

my $des = new Crypt::TripleDES;

if ($flag == ENCRYPT) {

return $des->encrypt3($original, $digest);

} else {

return $des->decrypt3($original, $digest);

}

sub _calc_keys

{

my $self = shift;

my $pass = shift;

my $pass = $self->{'password'};

die "No password defined!" unless defined $pass;

my $digest = md5($pass);

Line 233

Line 242

# print length $digest, "\n";

#--------------------------------------------------

$self->{digest} = $digest;

return $digest;

}

Line 242

Line 250

my $self = shift;

my $pass = shift;

die "No password specified!" unless defined $pass;

die "No password specified!" unless $pass;

$self->{password} = $pass;

# AFAIK the thing we use to test the password is

# always in the first entry

my $data = $self->{records}->[0]->{data};

my $data = $self->{records}->[1]->{data};

#die "No encrypted password in file!" unless defined $data;

return undef unless defined $data;

Line 263

Line 271

if ($data eq $salt . $digest) {

# May as well generate the keys we need now, since we know the password is right

if ($self->_calc_keys()) {

$self->{digest} = _calc_keys($self->{password});

if ($self->{digest}) {

return 1;

} else {

return undef;

Line 282

Line 291

my $self = shift;

my $pass = shift;

die "No password specified!" unless defined $pass;

die "No password specified!" unless $pass;

# if the database already has a password in it

if ($self->{records}->[0]->{data}) {

if ($self->{records}->[1]->{data}) {

# Make sure everything is decrypted before we update the keyring

$self->Decrypt() || return undef;

}

Line 305

Line 314

# AFAIK the thing we use to test the password is

# always in the first entry

$self->{records}->[0]->{data} = $data;

$self->{records}->[1]->{data} = $data;

$self->{password} = $pass;

$self->_calc_keys();

$self->{digest} = _calc_keys($self->{password});

return 1;

}

# XXX It looks like they are using des_ecb2_encrypt so I dunno if that is different

sub _crypt3des {

my ( $plaintext, $passphrase, $flag ) = @_;

$passphrase .= ' ' x (16*3);

my $cyphertext = "";

my $size = length ( $plaintext );

#print "STRING: '$plaintext' - Length: " . length($plaintext) . "\n";

my @C;

for ( 0..2 ) {

$C[$_] = new Crypt::DES( pack( "H*", substr($passphrase, 16*$_, 16 )));

}

# XXX From Crypt::TripleDES

# http://search.cpan.org/src/VIPUL/Crypt-TripleDES-0.24/lib/Crypt/TripleDES.pm

# for ( 0 .. (($size)/8) -1 ) {

# my $pt = substr( $plaintext, $_*8, 8 );

# $pt = Crypt::PPDES::des_ecb_encrypt( $flag ? $keyvecs{0} : $keyvecs{2}, $flag, $pt );

# $pt = Crypt::PPDES::des_ecb_encrypt( $keyvecs{1}, (not $flag), $pt );

# $pt = Crypt::PPDES::des_ecb_encrypt( $flag ? $keyvecs{2} : $keyvecs{0}, $flag, $pt );

# $cyphertext .= $pt;

# }

for ( 0 .. (($size)/8) - 1) {

my $pt = substr( $plaintext, $_*8, 8 );

#print "PT: '$pt' - Length: " . length($pt) . "\n";

if (length($pt) < 8) {

die "record not 8 byte padded" if $flag == DECRYPT;

my $len = 8 - length($pt);

#print "LENGTH: $len\n";

#print "Binary: '" . unpack("b*", $pt) . "'\n";

$pt .= (chr(0) x $len);# . $pt;

#print "Binary: '" . unpack("b*", $pt) . "'\n";

#print "PT: '$pt' - Length: " . length($pt) . "\n";

}

$pt = $C[0]->decrypt( $pt );

$pt = $C[1]->encrypt( $pt );

$pt = $C[2]->decrypt( $pt );

#print "PT: '$pt' - Length: " . length($pt) . "\n";

$cyphertext .= $pt;

}

return substr ( $cyphertext, 0, $size );

}

__END__

FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>