[BACK]Return to Keyring.pm CVS log [TXT][DIR] Up to [local] / palm / Palm-Keyring / lib / Palm

Diff for /palm/Palm-Keyring/lib/Palm/Keyring.pm between version 1.14 and 1.30

version 1.14, 2007/01/28 22:24:17 version 1.30, 2007/02/19 01:37:10
Line 1 
Line 1 
 package Palm::Keyring;  package Palm::Keyring;
   # $RedRiver: Keyring.pm,v 1.29 2007/02/19 00:22:42 andrew Exp $
 # $RedRiver: Keyring.pm,v 1.13 2007/01/28 18:13:28 andrew Exp $  ########################################################################
   # Keyring.pm *** Perl class for Keyring for Palm OS databases.
 #  #
 # Perl class for dealing with Keyring for Palm OS databases.  
 #  
 #   This started as Memo.pm, I just made it work for Keyring.  #   This started as Memo.pm, I just made it work for Keyring.
   #
   # 2006.01.26 #*#*# andrew fresh <andrew@cpan.org>
   ########################################################################
   # Copyright (C) 2006, 2007 by Andrew Fresh
   #
   # This program is free software; you can redistribute it and/or modify
   # it under the same terms as Perl itself.
   ########################################################################
 use strict;  use strict;
 use warnings;  use warnings;
   
 use Carp;  use Carp;
   use Data::Dumper;
   
 use base qw/ Palm::StdAppInfo /;  use base qw/ Palm::StdAppInfo /;
   
   use Digest::HMAC_SHA1 qw(hmac_sha1);
   use Digest::SHA1 qw(sha1);
   use Crypt::CBC;
   
 use Digest::MD5 qw(md5);  use Digest::MD5 qw(md5);
 use Crypt::DES;  use Crypt::DES;
 use Readonly;  
   
 Readonly my $ENCRYPT    => 1;  my $ENCRYPT    = 1;
 Readonly my $DECRYPT    => 0;  my $DECRYPT    = 0;
 Readonly my $MD5_CBLOCK => 64;  my $MD5_CBLOCK = 64;
 Readonly my $kSalt_Size => 4;  my $kSalt_Size = 4;
 Readonly my $EMPTY      => q{};  my $EMPTY      = q{};
 Readonly my $SPACE      => q{ };  my $SPACE      = q{ };
 Readonly my $NULL       => chr 0;  my $NULL       = chr 0;
   
 # One liner, to allow MakeMaker to work.  my @CRYPTS = (
 our ($VERSION) = q$Revision$ =~ m{ Revision: \s+ (\S+) }xm;      { # None
           name      => 'None',
           keylen    => 8,
           blocksize => 1,
           default_iter => 500,
       },
       { # DES-EDE3
           name      => 'DES_EDE3',
           keylen    => 24,
           blocksize =>  8,
           DES_odd_parity => 1,
           default_iter => 1000,
       },
       { # AES128
           name      => 'Rijndael',
           keylen    => 16,
           blocksize => 16,
           default_iter => 100,
       },
       { # AES256
           name      => 'Rijndael',
           keylen    => 32,
           blocksize => 16,
           default_iter => 250,
       },
   );
   
 #@ISA = qw( Palm::StdAppInfo Palm::Raw );  
   
 sub new {  our $VERSION = 0.95;
   
   sub new
   {
     my $classname = shift;      my $classname = shift;
     my $pass      = shift;      my $options = {};
   
       # hashref arguments
       if (ref $_[0] eq 'HASH') {
         $options = shift;
       }
   
       # CGI style arguments
       elsif ($_[0] =~ /^-[a-zA-Z0-9_]{1,20}$/) {
         my %tmp = @_;
         while ( my($key,$value) = each %tmp) {
           $key =~ s/^-//;
           $options->{lc $key} = $value;
         }
       }
   
       else {
           $options->{password} = shift;
           $options->{version}  = shift;
       }
   
     # Create a generic PDB. No need to rebless it, though.      # Create a generic PDB. No need to rebless it, though.
     my $self = $classname->SUPER::new(@_);      my $self = $classname->SUPER::new();
   
     $self->{'name'}    = 'Keys-Gtkr';    # Default      $self->{name}    = 'Keys-Gtkr';    # Default
     $self->{'creator'} = 'Gtkr';      $self->{creator} = 'Gtkr';
     $self->{'type'}    = 'Gkyr';      $self->{type}    = 'Gkyr';
   
     # The PDB is not a resource database by      # The PDB is not a resource database by
     # default, but it's worth emphasizing,      # default, but it's worth emphasizing,
     # since MemoDB is explicitly not a PRC.      # since MemoDB is explicitly not a PRC.
     $self->{'attributes'}{'resource'} = 0;      $self->{attributes}{resource} = 0;
   
     # Initialize the AppInfo block      # Set the version
     $self->{'appinfo'} = {};      $self->{version} = $options->{version} || 4;
   
     # Add the standard AppInfo block stuff      # Set options
     Palm::StdAppInfo::seed_StdAppInfo( $self->{'appinfo'} );      $self->{options} = $options;
   
     # Set the version      # Set defaults
     $self->{'version'} = 4;      if ($self->{version} == 5) {
           $self->{options}->{cipher} ||= 0; # 'None'
           $self->{options}->{iterations} ||=
               $CRYPTS[ $self->{options}->{cipher} ]{default_iter};
   
     # Give the PDB the first record that will hold the encrypted password         $self->{appinfo}->{cipher} ||= $self->{options}->{cipher};
     $self->{'records'} = [ $self->new_Record ];         $self->{appinfo}->{iter}   ||= $self->{options}->{iterations};
       };
   
     if ( defined $pass ) {      if ( defined $options->{password} ) {
         $self->Encrypt($pass);          $self->Password($options->{password});
     }      }
   
     return $self;      return $self;
 }  }
   
 sub import {  sub import
   {
     Palm::PDB::RegisterPDBHandlers( __PACKAGE__, [ 'Gtkr', 'Gkyr' ], );      Palm::PDB::RegisterPDBHandlers( __PACKAGE__, [ 'Gtkr', 'Gkyr' ], );
     return 1;      return 1;
 }  }
   
 sub Load {  # ParseRecord
   
   sub ParseRecord
   {
     my $self     = shift;      my $self     = shift;
     my $filename = shift;  
     my $password = shift;  
   
     $self->{'appinfo'} = {};      my $rec = $self->SUPER::ParseRecord(@_);
     $self->{'records'} = [];      return $rec if ! exists $rec->{data};
     $self->SUPER::Load($filename);  
   
     foreach my $rec ( @{ $self->{'records'} } ) {      if ($self->{version} == 4) {
         if ( ! exists $rec->{'data'}) { next; };          # skip the first record because it contains the password.
         my ( $name, $encrypted ) = split /$NULL/xm, $rec->{'data'}, 2;          return $rec if ! exists $self->{records};
         if ( ! $encrypted ) { next };  
         $rec->{'plaintext'}->{'name'} = $name;          my ( $name, $encrypted ) = split /$NULL/xm, $rec->{data}, 2;
         $rec->{'encrypted'} = $encrypted;  
           return $rec if ! $encrypted;
           $rec->{name}      = $name;
           $rec->{encrypted} = $encrypted;
           delete $rec->{data};
   
       } elsif ($self->{version} == 5) {
           my $blocksize = $CRYPTS[ $self->{appinfo}->{cipher} ]{blocksize};
           my ($field, $extra) = _parse_field($rec->{data});
           my $ivec      = substr $extra, 0, $blocksize;
           my $encrypted = substr $extra, $blocksize;
   
           if ($self->{options}->{v4compatible}) {
               $rec->{name} = $field->{data};
           } else {
               $rec->{name} = $field;
           }
           $rec->{ivec}      = $ivec;
           $rec->{encrypted} = $encrypted;
   
       } else {
           die 'Unsupported Version';
           return;
     }      }
   
     return $self->Decrypt($password) if defined $password;      return $rec;
   }
   
     return 1;  # PackRecord
   
   sub PackRecord
   {
       my $self = shift;
       my $rec  = shift;
   
       if ($self->{version} == 4) {
           if ($rec->{encrypted}) {
               if (! defined $rec->{name}) {
                   $rec->{name} = $EMPTY;
               }
               $rec->{data} = join $NULL, $rec->{name}, $rec->{encrypted};
               delete $rec->{name};
               delete $rec->{encrypted};
           }
   
       } elsif ($self->{version} == 5) {
           my $field;
           if ($rec->{name}) {
               if ($self->{options}->{v4compatible}) {
                   $field = {
                       label    => 'name',
                       font     => 0,
                       data     => $rec->{'name'},
                   };
               } else {
                   $field = $rec->{name};
               }
           }
           my $packed = '';
           if ($field) {
               $packed = _pack_field($field);
           }
           my $len = length $packed;
           my $blocksize = $CRYPTS[ $self->{appinfo}->{cipher} ]{blocksize};
   
           $rec->{data} = join '', $packed, $rec->{ivec}, $rec->{encrypted};
   
       } else {
           die 'Unsupported Version';
       }
   
       return $self->SUPER::PackRecord($rec, @_);
 }  }
   
 sub Write {  # ParseAppInfoBlock
     my $self     = shift;  
     my $filename = shift;  
     my $password = shift;  
   
     $self->Encrypt($password) || return;  sub ParseAppInfoBlock
     return $self->SUPER::Write($filename);  {
       my $self = shift;
       my $data = shift;
       my $appinfo = {};
   
       &Palm::StdAppInfo::parse_StdAppInfo($appinfo, $data);
   
       # int8/uint8
       # - Signed or Unsigned Byte (8 bits). C types: char, unsigned char
       # int16/uint16
       # - Signed or Unsigned Word (16 bits). C types: short, unsigned short
       # int32/uint32
       # - Signed or Unsigned Doubleword (32 bits). C types: int, unsigned int
       # sz
       # - Zero-terminated C-style string
   
       if ($self->{version} == 4) {
           # Nothing extra for version 4
   
       } elsif ($self->{version} == 5) {
           _parse_appinfo_v5($appinfo) || return;
   
       } else {
           die "Unsupported Version";
           return;
       }
   
       return $appinfo;
 }  }
   
 sub Encrypt {  sub _parse_appinfo_v5
   {
       my $appinfo = shift;
   
       if (! exists $appinfo->{other}) {
           # XXX Corrupt appinfo?
           return;
       }
   
       my $unpackstr
           = ("C1" x 8)  # 8 uint8s in an array for the salt
           . ("S1" x 2)  # the iter (uint16) and the cipher (uint16)
           . ("C1" x 8); # and finally 8 more uint8s for the hash
   
       my (@salt, $iter, $cipher, @hash);
       (@salt[0..7], $iter, $cipher, @hash[0..7])
           = unpack $unpackstr, $appinfo->{other};
   
       $appinfo->{salt}           = sprintf "%02x" x 8, @salt;
       $appinfo->{iter}           = $iter;
       $appinfo->{cipher}         = $cipher;
       $appinfo->{masterhash}     = sprintf "%02x" x 8, @hash;
       delete $appinfo->{other};
   
       return $appinfo
   }
   
   # PackAppInfoBlock
   
   sub PackAppInfoBlock
   {
     my $self = shift;      my $self = shift;
     my $pass = shift;      my $retval;
   
     if ($pass) {      if ($self->{version} == 4) {
         if (          # Nothing to do for v4
             !( exists $self->{'records'}->[0]->{'data'}  
                 && $self->_keyring_verify($pass) )  
           )  
         {  
   
             # This would encrypt with a new password.      } elsif ($self->{version} == 5) {
             # First decrypting everything with the old password of course.          _pack_appinfo_v5($self->{appinfo});
             $self->_keyring_update($pass) || return;      } else {
             $self->_keyring_verify($pass) || return;          die "Unsupported Version";
           return;
       }
       return &Palm::StdAppInfo::pack_StdAppInfo($self->{appinfo});
   }
   
   sub _pack_appinfo_v5
   {
       my $appinfo = shift;
   
       my $packstr
           = ("C1" x 8)  # 8 uint8s in an array for the salt
           . ("S1" x 2)  # the iter (uint16) and the cipher (uint16)
           . ("C1" x 8); # and finally 8 more uint8s for the hash
   
       my @salt = map { hex $_ } $appinfo->{salt} =~ /../gxm;
       my @hash = map { hex $_ } $appinfo->{masterhash} =~ /../gxm;
   
       my $packed = pack($packstr,
           @salt,
           $appinfo->{iter},
           $appinfo->{cipher},
           @hash
       );
   
       $appinfo->{other}  = $packed;
   
       return $appinfo
   }
   
   # Encrypt
   
   sub Encrypt
   {
       my $self = shift;
       my $rec  = shift;
       my $data = shift;
       my $pass = shift || $self->{password};
   
       if ( ! $pass && ! $self->{appinfo}->{key}) {
           croak("password not set!\n");
       }
   
       if ( ! $rec) {
           croak("Needed parameter 'record' not passed!\n");
       }
   
       if ( ! $data) {
           croak("Needed parameter 'data' not passed!\n");
       }
   
       if ( $pass && ! $self->Password($pass)) {
           croak("Incorrect Password!\n");
       }
   
       my $acct;
       if ($rec->{encrypted}) {
           $acct = $self->Decrypt($rec, $pass);
       }
   
       my $encrypted;
       if ($self->{version} == 4) {
           $self->{digest} ||= _calc_keys( $pass );
           $encrypted = _encrypt_v4($data, $acct, $self->{digest});
           $rec->{name}    ||= $data->{name};
   
       } elsif ($self->{version} == 5) {
           my @recs = ($data, $acct);
           my $name;
           if ($self->{options}->{v4compatible}) {
               $rec->{name} ||= $data->{name};
               foreach my $rec (@recs) {
                   my @fields;
                   foreach my $k (sort keys %{ $rec }) {
                       my $field = {
                           label    => $k,
                           font     => 0,
                           data     => $rec->{$k},
                       };
                       push @fields, $field;
                   }
                   $rec = \@fields;
               }
         }          }
   
           my $ivec;
           ($encrypted, $ivec) = _encrypt_v5(
               @recs,
               $self->{appinfo}->{key},
               $self->{appinfo}->{cipher},
           );
           if ($ivec) {
               $rec->{ivec} = $ivec;
           }
   
       } else {
           die "Unsupported Version";
     }      }
   
     $self->{'digest'} ||= _calc_keys( $self->{'password'} );      if ($encrypted) {
           if ($encrypted eq '1') {
               return 1;
           }
   
     foreach my $rec ( @{ $self->{'records'} } ) {          $rec->{attributes}{Dirty} = 1;
         if (!defined $rec->{'plaintext'}) { next; };          $rec->{attributes}{dirty} = 1;
           $rec->{encrypted} = $encrypted;
   
         my $name =          return 1;
           defined $rec->{'plaintext'}->{'name'}      } else {
           ? $rec->{'plaintext'}->{'name'}          return;
           : $EMPTY;      }
         my $account =  }
           defined $rec->{'plaintext'}->{'account'}  
           ? $rec->{'plaintext'}->{'account'}  
           : $EMPTY;  
         my $password =  
           defined $rec->{'plaintext'}->{'password'}  
           ? $rec->{'plaintext'}->{'password'}  
           : $EMPTY;  
         my $description =  
           defined $rec->{'plaintext'}->{'description'}  
           ? $rec->{'plaintext'}->{'description'}  
           : $EMPTY;  
         my $extra = $EMPTY;  
   
         my $plaintext = join "$NULL", $account, $password, $description, $extra;  sub _encrypt_v4
   {
       my $new    = shift;
       my $old    = shift;
       my $digest = shift;
   
         my $encrypted = _crypt3des( $plaintext, $self->{'digest'}, $ENCRYPT );      $new->{account}  ||= $EMPTY;
       $new->{password} ||= $EMPTY;
       $new->{notes}    ||= $EMPTY;
   
         $rec->{'data'} = join "$NULL", $name, $encrypted;      my $changed      = 0;
       my $need_newdate = 0;
       if ($old && %{ $old }) {
           foreach my $key (keys %{ $new }) {
               next if $key eq 'lastchange';
               if ($new->{$key} ne $old->{$key}) {
                   $changed = 1;
                   last;
               }
           }
           if ( exists $new->{lastchange} && exists $old->{lastchange} && (
               $new->{lastchange}->{day}   != $old->{lastchange}->{day}   ||
               $new->{lastchange}->{month} != $old->{lastchange}->{month} ||
               $new->{lastchange}->{year}  != $old->{lastchange}->{year}
           )) {
               $changed = 1;
               $need_newdate = 0;
           } else {
               $need_newdate = 1;
           }
   
       } else {
           $changed = 1;
     }      }
   
     return 1;      # no need to re-encrypt if it has not changed.
       return 1 if ! $changed;
   
       my ($day, $month, $year);
   
       if ($new->{lastchange} && ! $need_newdate ) {
           $day   = $new->{lastchange}->{day}   || 1;
           $month = $new->{lastchange}->{month} || 0;
           $year  = $new->{lastchange}->{year}  || 0;
   
           # XXX Need to actually validate the above information somehow
           if ($year >= 1900) {
               $year -= 1900;
           }
       } else {
           $need_newdate = 1;
       }
   
       if ($need_newdate) {
           ($day, $month, $year) = (localtime)[3,4,5];
       }
   
       my $packed_date = _pack_keyring_date( {
               year  => $year,
               month => $month,
               day   => $day,
       });
   
       my $plaintext = join $NULL,
           $new->{account}, $new->{password}, $new->{notes}, $packed_date;
   
       return _crypt3des( $plaintext, $digest, $ENCRYPT );
 }  }
   
 sub Decrypt {  sub _encrypt_v5
   {
       my $new    = shift;
       my $old    = shift;
       my $key    = shift;
       my $cipher = shift;
       my $length = $CRYPTS[ $cipher ]{blocksize};
       my $ivec   = shift || pack("C*",map {rand(256)} 1..$length);
   
       my $keylen      = $CRYPTS[ $cipher ]{keylen};
       my $cipher_name = $CRYPTS[ $cipher ]{name};
   
       my $changed = 0;
       my $need_newdate = 1;
       my $date_index;
       for (my $i = 0; $i < @{ $new }; $i++) {
           if (
               (exists $new->[$i]->{label_id} && $new->[$i]->{label_id} == 3) ||
               (exists $new->[$i]->{label}    && $new->[$i]->{label}    eq 'lastchange')
           ) {
               $date_index   = $i;
               if ( $old && $#{ $new } == $#{ $old } && (
                       $new->[$i]->{data}->{day}   != $old->[$i]->{data}->{day}   ||
                       $new->[$i]->{data}->{month} != $old->[$i]->{data}->{month} ||
                       $new->[$i]->{data}->{year}  != $old->[$i]->{data}->{year}
                   )) {
                   $changed      = 1;
                   $need_newdate = 0;
                   last;
               }
   
           } elsif ($old && $#{ $new } == $#{ $old }) {
               my $n = join ':', %{ $new->[$i] };
               my $o = join ':', %{ $old->[$i] };
               if ($n ne $o) {
                   $changed = 1;
               }
           } elsif ($#{ $new } != $#{ $old }) {
               $changed = 1;
           }
       }
       if ($old && (! @{ $old }) && $date_index) {
           $need_newdate = 0;
       }
   
       return 1, 0 if $changed == 0;
   
       if ($need_newdate || ! defined $date_index) {
           my ($day, $month, $year) = (localtime)[3,4,5];
           my $date = {
               year  => $year,
               month => $month,
               day   => $day,
           };
           if (defined $date_index) {
               $new->[$date_index]->{data} = $date;
           } else {
               push @{ $new }, {
                   label => 'lastchange',
                   font  => 0,
                   data  => $date,
               };
           }
       } else {
           # XXX Need to actually validate the above information somehow
           if ($new->[$date_index]->{data}->{year} >= 1900) {
               $new->[$date_index]->{data}->{year} -= 1900;
           }
       }
   
       my $decrypted;
       foreach my $field (@{ $new }) {
           $decrypted .= _pack_field($field);
       }
   
       my $encrypted;
       if ($cipher_name eq 'None') {
           # do nothing
           $encrypted = $decrypted;
   
       } elsif ($cipher_name eq 'DES_EDE3' or $cipher_name eq 'Rijndael') {
           my $c = Crypt::CBC->new(
               -literal_key => 1,
               -key         => $key,
               -iv          => $ivec,
               -cipher      => $cipher_name,
               -keysize     => $keylen,
               -header      => 'none',
               -padding     => 'oneandzeroes',
           );
   
           if (! $c) {
               croak("Unable to set up encryption!");
           }
   
           $encrypted = $c->encrypt($decrypted);
   
       } else {
           die "Unsupported Version";
       }
   
       return $encrypted, $ivec;
   }
   
   # Decrypt
   
   sub Decrypt
   {
     my $self = shift;      my $self = shift;
     my $pass = shift;      my $rec  = shift;
       my $pass = shift || $self->{password};
   
     if ($pass) {      if ( ! $pass && ! $self->{appinfo}->{key}) {
         $self->_keyring_verify($pass) || return;          croak("password not set!\n");
     }      }
   
     $self->{'digest'} ||= _calc_keys( $self->{'password'} );      if ( ! $rec) {
           croak("Needed parameter 'record' not passed!\n");
       }
   
     my $reccount = 0;      if ( $pass && ! $self->Password($pass)) {
     foreach my $rec ( @{ $self->{'records'} } ) {          croak("Invalid Password!\n");
         $reccount++;      }
   
         # always skip the first record that has the password in it.      if ( ! $rec->{encrypted} ) {
         next if $reccount <= 1;          croak("No encrypted content!");
         if ( ! defined $rec->{'data'} ) {      }
             warn 'Invalid record ' . ( $reccount - 1 ) . "\n";  
             next;      if ($self->{version} == 4) {
           $self->{digest} ||= _calc_keys( $pass );
           my $acct = _decrypt_v4($rec->{encrypted}, $self->{digest});
           $acct->{name} ||= $rec->{name};
           return $acct;
   
       } elsif ($self->{version} == 5) {
           my $fields = _decrypt_v5(
               $rec->{encrypted}, $self->{appinfo}->{key},
               $self->{appinfo}->{cipher}, $rec->{ivec},
           );
           if ($self->{options}->{v4compatible}) {
               my %acct;
               foreach my $f (@{ $fields }) {
                   $acct{ $f->{label} } = $f->{data};
               }
               $acct{name} ||= $rec->{name};
               return \%acct;
           } else {
               return $fields;
         }          }
   
         my ( $name, $encrypted ) = split /$NULL/xm, $rec->{'data'}, 2;      } else {
         if (! $encrypted) { next; };          die "Unsupported Version";
       }
       return;
   }
   
         $rec->{'plaintext'}->{'name'} = $name;  sub _decrypt_v4
   {
       my $encrypted = shift;
       my $digest    = shift;
   
         my $decrypted = _crypt3des( $encrypted, $self->{'digest'}, $DECRYPT );      my $decrypted = _crypt3des( $encrypted, $digest, $DECRYPT );
         my ( $account, $password, $description, $extra ) = split /$NULL/xm,      my ( $account, $password, $notes, $packed_date )
           $decrypted, 4;          = split /$NULL/xm, $decrypted, 4;
   
         $rec->{'plaintext'}->{'account'} = defined $account ? $account : $EMPTY;      my $modified;
         $rec->{'plaintext'}->{'password'} =      if ($packed_date) {
           defined $password ? $password : $EMPTY;          $modified = _parse_keyring_date($packed_date);
         $rec->{'plaintext'}->{'description'} =      }
           defined $description ? $description : $EMPTY;  
   
         #print "Name:      '$name'\n";      return {
         #print "Encrypted: '$encrypted' - Length: " . length($encrypted) . "\n";          account    => $account,
         #print "    Hex:   '" . unpack("H*", $encrypted) . "'\n";          password   => $password,
         #print "    Binary:'" . unpack("b*", $encrypted) . "'\n";          notes      => $notes,
         #print "Decrypted: '$decrypted' - Length: " . length($decrypted) . "\n";          lastchange => $modified,
         #print "    Hex:   '" . unpack("H*", $decrypted) . "'\n";      };
         #print "    Binary:'" . unpack("b*", $decrypted) . "'\n";  }
         #print "\n";  
         #print "Extra: $extra\n";  
         #exit;  
         #--------------------------------------------------  
         # print "Account:     $account\n";  
         # print "Password:    $password\n";  
         # print "Description: $description\n";  
         #--------------------------------------------------  
   
   sub _decrypt_v5
   {
       my $encrypted = shift;
       my $key       = shift;
       my $cipher    = shift;
       my $ivec      = shift;
   
       my $keylen       = $CRYPTS[ $cipher ]{keylen};
       my $cipher_name  = $CRYPTS[ $cipher ]{name};
   
       my $decrypted;
   
       if ($cipher_name eq 'None') {
           # do nothing
           $decrypted = $encrypted;
   
       } elsif ($cipher_name eq 'DES_EDE3' or $cipher_name eq 'Rijndael') {
           my $c = Crypt::CBC->new(
               -literal_key => 1,
               -key         => $key,
               -iv          => $ivec,
               -cipher      => $cipher_name,
               -keysize     => $keylen,
               -header      => 'none',
               -padding     => 'oneandzeroes',
           );
   
           if (! $c) {
               croak("Unable to set up encryption!");
           }
           $encrypted .= $NULL x $keylen; # pad out a keylen
           $decrypted  = $c->decrypt($encrypted);
   
       } else {
           die "Unsupported Version";
           return;
       }
   
       my @fields;
       while ($decrypted) {
           my $field;
           ($field, $decrypted) = _parse_field($decrypted);
           if (! $field) {
               last;
           }
           push @fields, $field;
     }      }
   
     return 1;      return \@fields;
 }  }
   
 sub _calc_keys {  # Password
   
   sub Password
   {
       my $self = shift;
     my $pass = shift;      my $pass = shift;
     if (! defined $pass) { croak('No password defined!'); };      my $new_pass = shift;
   
     my $digest = md5($pass);      if (! $pass) {
           delete $self->{password};
           delete $self->{appinfo}->{key};
           return 1;
       }
   
     my ( $key1, $key2 ) = unpack 'a8a8', $digest;      if (
           ($self->{version} == 4 && ! exists $self->{records}) ||
           ($self->{version} == 5 && ! exists $self->{appinfo}->{masterhash})
       ) {
           if ($self->{version} == 4) {
               # Give the PDB the first record that will hold the encrypted password
               $self->{records} = [ $self->new_Record ];
           }
   
     #--------------------------------------------------          return $self->_password_update($pass);
     # print "key1: $key1: ", length $key1, "\n";      }
     # print "key2: $key2: ", length $key2, "\n";  
     #--------------------------------------------------  
   
     $digest = unpack 'H*', $key1 . $key2 . $key1;      if ($new_pass) {
           my $v4compat = $self->{options}->{v4compatible};
           $self->{options}->{v4compatible} = 0;
   
     #--------------------------------------------------          my @accts = ();
     # print "Digest: ", $digest, "\n";          foreach my $i (0..$#{ $self->{records} }) {
     # print length $digest, "\n";              if ($self->{version} == 4 && $i == 0) {
     #--------------------------------------------------                  push @accts, undef;
                   next;
               }
               my $acct = $self->Decrypt($self->{records}->[$i], $pass);
               if ( ! $acct ) {
                   croak("Couldn't decrypt $self->{records}->[$i]->{name}");
               }
               push @accts, $acct;
           }
   
     return $digest;          if ( ! $self->_password_update($new_pass)) {
               croak("Couldn't set new password!");
           }
           $pass = $new_pass;
   
           foreach my $i (0..$#accts) {
               if ($self->{version} == 4 && $i == 0) {
                   next;
               }
               delete $self->{records}->[$i]->{encrypted};
               $self->Encrypt($self->{records}->[$i], $accts[$i], $pass);
           }
   
           $self->{options}->{v4compatible} = $v4compat;
       }
   
       if (defined $self->{password} && $pass eq $self->{password}) {
           # already verified this password
           return 1;
       }
   
       if ($self->{version} == 4) {
           # AFAIK the thing we use to test the password is
           #     always in the first entry
           my $valid = _password_verify_v4($pass, $self->{records}->[0]->{data});
   
           # May as well generate the keys we need now, since we know the password is right
           if ($valid) {
               $self->{digest} = _calc_keys($pass);
               if ($self->{digest} ) {
                   $self->{password} = $pass;
                   return 1;
               }
           }
       } elsif ($self->{version} == 5) {
           return _password_verify_v5($pass, $self->{appinfo});
       } else {
           # XXX unsupported version
       }
   
       return;
 }  }
   
 sub _keyring_verify {  sub _password_verify_v4
     my $self = shift;  {
     my $pass = shift;      my $pass = shift;
       my $data = shift;
   
     if (! $pass) { croak('No password specified!'); };      if (! $pass) { croak('No password specified!'); };
   
     # AFAIK the thing we use to test the password is      # XXX die "No encrypted password in file!" unless defined $data;
     #     always in the first entry      if ( ! defined $data) { return; };
     my $data = $self->{'records'}->[0]->{'data'};  
   
     #die "No encrypted password in file!" unless defined $data;  
     if (! defined $data) { return; };  
   
     $data =~ s/$NULL$//xm;      $data =~ s/$NULL$//xm;
   
     my $salt = substr $data, 0, $kSalt_Size;      my $salt = substr $data, 0, $kSalt_Size;
   
     my $msg = $salt . $pass;      my $msg = $salt . $pass;
   
     $msg .= "\0" x ( $MD5_CBLOCK - length $msg );      $msg .= "\0" x ( $MD5_CBLOCK - length $msg );
   
     my $digest = md5($msg);      my $digest = md5($msg);
   
     if ( $data eq $salt . $digest ) {      if (! $data eq $salt . $digest ) {
           return;
       }
   
 # May as well generate the keys we need now, since we know the password is right      return 1;
         $self->{'digest'} = _calc_keys($pass);  }
         if ( $self->{'digest'} ) {  
             $self->{'password'} = $pass;  sub _password_verify_v5
             return 1;  {
         }      my $pass    = shift;
       my $appinfo = shift;
   
       my $salt = pack("H*", $appinfo->{salt});
   
       my ($key, $hash) = _calc_key_v5(
           $pass, $salt, $appinfo->{iter},
           $CRYPTS[ $appinfo->{cipher} ]{keylen},
           $CRYPTS[ $appinfo->{cipher} ]{DES_odd_parity},
       );
   
       #print "Key:  '". unpack("H*", $key) . "'\n";
       #print "Hash: '". $hash . "'\n";
       #print "Hash: '". $appinfo->{masterhash} . "'\n";
   
       if ($appinfo->{masterhash} eq $hash) {
           $appinfo->{key} = $key;
       } else {
           return;
     }      }
     return;  
       return $key;
 }  }
   
 sub _keyring_update {  
   
   sub _password_update
   {
     # It is very important to Encrypt after calling this      # It is very important to Encrypt after calling this
     #     (Although it is generally only called by Encrypt)      #     (Although it is generally only called by Encrypt)
     # because otherwise the data will be out of sync with the      # because otherwise the data will be out of sync with the
     # password, and that would suck!      # password, and that would suck!
     my $self = shift;      my $self   = shift;
     my $pass = shift;      my $pass   = shift;
   
     if (! $pass) { croak('No password specified!'); };      if ($self->{version} == 4) {
           my $data = _password_update_v4($pass, @_);
   
     # if the database already has a password in it          if (! $data) {
     if ( $self->{'records'}->[0]->{'data'} ) {              carp("Failed  to update password!");
               return;
           }
   
         # Make sure everything is decrypted before we update the keyring          # AFAIK the thing we use to test the password is
         $self->Decrypt() || return;          #     always in the first entry
           $self->{records}->[0]->{data} = $data;
           $self->{password} = $pass;
           $self->{digest}   = _calc_keys( $self->{password} );
   
           return 1;
   
       } elsif ($self->{version} == 5) {
           my $cipher  = shift || $self->{appinfo}->{cipher};
           my $iter    = shift || $self->{appinfo}->{iter};
           my $salt    = shift || 0;
   
           my $hash = _password_update_v5(
               $self->{appinfo}, $pass, $cipher, $iter, $salt
           );
   
           if (! $hash) {
               carp("Failed  to update password!");
               return;
           }
   
           return 1;
       } else {
           croak("Unsupported version ($self->{version})");
     }      }
   
       return;
   }
   
   sub _password_update_v4
   {
       my $pass = shift;
   
       if (! defined $pass) { croak('No password specified!'); };
   
     my $salt;      my $salt;
     for ( 1 .. $kSalt_Size ) {      for ( 1 .. $kSalt_Size ) {
         $salt .= chr int rand 255;          $salt .= chr int rand 255;
Line 297 
Line 909 
   
     my $data = $salt . $digest;    # . "\0";      my $data = $salt . $digest;    # . "\0";
   
     # AFAIK the thing we use to test the password is      return $data;
     #     always in the first entry  }
     $self->{'records'}->[0]->{'data'} = $data;  
   
     $self->{'password'} = $pass;  sub _password_update_v5
     $self->{'digest'}   = _calc_keys( $self->{'password'} );  {
       my $appinfo = shift;
       my $pass    = shift;
       my $cipher  = shift;
       my $iter    = shift;
   
     return 1;      # I thought this needed to be 'blocksize', but apparently not.
       #my $length  = $CRYPTS[ $cipher ]{blocksize};
       my $length  = 8;
       my $salt    = shift || pack("C*",map {rand(256)} 1..$length);
   
       my ($key, $hash) = _calc_key_v5(
           $pass, $salt, $iter,
           $CRYPTS[ $cipher ]->{keylen},
           $CRYPTS[ $cipher ]->{DES_odd_parity},
       );
   
       $appinfo->{salt}           = unpack "H*", $salt;
       $appinfo->{iter}           = $iter;
       $appinfo->{cipher}         = $cipher;
   
       $appinfo->{key}            = $key;
       $appinfo->{masterhash}     = $hash;
   
       return $key;
 }  }
   
 sub _crypt3des {  
   sub _calc_keys
   {
       my $pass = shift;
       if (! defined $pass) { croak('No password defined!'); };
   
       my $digest = md5($pass);
   
       my ( $key1, $key2 ) = unpack 'a8a8', $digest;
   
       #--------------------------------------------------
       # print "key1: $key1: ", length $key1, "\n";
       # print "key2: $key2: ", length $key2, "\n";
       #--------------------------------------------------
   
       $digest = unpack 'H*', $key1 . $key2 . $key1;
   
       #--------------------------------------------------
       # print "Digest: ", $digest, "\n";
       # print length $digest, "\n";
       #--------------------------------------------------
   
       return $digest;
   }
   
   sub _calc_key_v5
   {
       my ($pass, $salt, $iter, $keylen, $dop) = @_;
   
       my $key = _pbkdf2( $pass, $salt, $iter, $keylen, \&hmac_sha1 );
       if ($dop) { $key = DES_odd_parity($key); }
   
       my $hash = unpack("H*", substr(sha1($key.$salt),0, 8));
   
       return $key, $hash;
   }
   
   sub _crypt3des
   {
     my ( $plaintext, $passphrase, $flag ) = @_;      my ( $plaintext, $passphrase, $flag ) = @_;
   
     $passphrase   .= $SPACE x ( 16 * 3 );      $passphrase   .= $SPACE x ( 16 * 3 );
Line 329 
Line 1000 
         #print "PT: '$pt' - Length: " . length($pt) . "\n";          #print "PT: '$pt' - Length: " . length($pt) . "\n";
         if (! length $pt) { next; };          if (! length $pt) { next; };
         if ( (length $pt) < 8 ) {          if ( (length $pt) < 8 ) {
                         if ($flag == $DECRYPT) { croak('record not 8 byte padded'); };              if ($flag == $DECRYPT) { croak('record not 8 byte padded'); };
             my $len = 8 - (length $pt);              my $len = 8 - (length $pt);
   
             #print "LENGTH: $len\n";  
             #print "Binary:    '" . unpack("b*", $pt) . "'\n";  
             $pt .= ($NULL x $len);              $pt .= ($NULL x $len);
   
             #print "PT: '$pt' - Length: " . length($pt) . "\n";  
             #print "Binary:    '" . unpack("b*", $pt) . "'\n";  
         }          }
         if ( $flag == $ENCRYPT ) {          if ( $flag == $ENCRYPT ) {
             $pt = $C[0]->encrypt($pt);              $pt = $C[0]->encrypt($pt);
Line 361 
Line 1026 
     return $cyphertext;      return $cyphertext;
 }  }
   
   sub _parse_field
   {
       my $field = shift;
   
       my @labels;
       $labels[0]   = 'name';
       $labels[1]   = 'account';
       $labels[2]   = 'password';
       $labels[3]   = 'lastchange';
       $labels[255] = 'notes';
   
       my ($len) = unpack "S1", $field;
       if ($len + 4 > length $field) {
           return undef, $field;
       }
       my $unpackstr = "S1 C1 C1 A$len";
       if ($len % 2 && $len + 4 < length $field) {
           # trim the 0/1 byte padding for next even address.
           $unpackstr .= ' x'
       }
       $unpackstr .= ' A*';
   
       my (undef, $label, $font, $data, $leftover)
           = unpack $unpackstr, $field;
   
       if ($label == 3) {
           $data = _parse_keyring_date($data);
       }
       return {
           #len      => $len,
           label    => $labels[ $label ] || $label,
           label_id => $label,
           font     => $font,
           data     => $data,
       }, $leftover;
   }
   
   sub _pack_field
   {
       my $field = shift;
   
       my %labels = (
           name       =>   0,
           account    =>   1,
           password   =>   2,
           lastchange =>   3,
           notes      => 255,
       );
   
       my $label = $field->{label_id} || $labels{ $field->{label} };
       my $font  = $field->{font}     || 0;
       my $data  = $field->{data}     || '';
   
       if ($label == 3) {
           $data = _pack_keyring_date($data);
       }
       my $len = length $data;
       my $packstr = "S1 C1 C1 A*";
   
       my $packed = pack $packstr, ($len, $label, $font, $data);
   
       if ($len % 2) {
           # add byte padding for next even address.
           $packed .= $NULL;
       }
   
       return $packed;
   }
   
   sub _parse_keyring_date
   {
       my $data = shift;
   
       my $u = unpack 'n', $data;
       my $year  = (($u & 0xFE00) >> 9) + 4; # since 1900
       my $month = (($u & 0x01E0) >> 5) - 1; # 0-11
       my $day   = (($u & 0x001F) >> 0);     # 1-31
   
       return {
           year   => $year,
           month  => $month || 0,
           day    => $day   || 1,
       };
   }
   
   sub _pack_keyring_date
   {
       my $d = shift;
       my $year  = $d->{year};
       my $month = $d->{month};
       my $day   = $d->{day};
   
       $year -= 4;
       $month++;
   
       return pack 'n', $day | ($month << 5) | ($year << 9);
   }
   
   
   sub _hexdump
   {
       my $prefix = shift;   # What to print in front of each line
       my $data = shift;     # The data to dump
       my $maxlines = shift; # Max # of lines to dump
       my $offset;           # Offset of current chunk
   
       for ($offset = 0; $offset < length($data); $offset += 16)
       {
           my $hex;   # Hex values of the data
           my $ascii; # ASCII values of the data
           my $chunk; # Current chunk of data
   
           last if defined($maxlines) && ($offset >= ($maxlines * 16));
   
           $chunk = substr($data, $offset, 16);
   
           ($hex = $chunk) =~ s/./sprintf "%02x ", ord($&)/ges;
   
           ($ascii = $chunk) =~ y/\040-\176/./c;
   
           printf "%s %-48s|%-16s|\n", $prefix, $hex, $ascii;
       }
   }
   
   sub _bindump
   {
       my $prefix = shift;   # What to print in front of each line
       my $data = shift;     # The data to dump
       my $maxlines = shift; # Max # of lines to dump
       my $offset;           # Offset of current chunk
   
       for ($offset = 0; $offset < length($data); $offset += 8)
       {
           my $bin;   # binary values of the data
           my $ascii; # ASCII values of the data
           my $chunk; # Current chunk of data
   
           last if defined($maxlines) && ($offset >= ($maxlines * 8));
   
           $chunk = substr($data, $offset, 8);
   
           ($bin = $chunk) =~ s/./sprintf "%08b ", ord($&)/ges;
   
           ($ascii = $chunk) =~ y/\040-\176/./c;
   
           printf "%s %-72s|%-8s|\n", $prefix, $bin, $ascii;
       }
   }
   
   # Thanks to Jochen Hoenicke <hoenicke@gmail.com>
   # (one of the authors of Palm Keyring)
   # for these next two subs.
   
   # Usage pbkdf2(password, salt, iter, keylen, prf)
   # iter is number of iterations
   # keylen is length of generated key in bytes
   # prf is the pseudo random function (e.g. hmac_sha1)
   # returns the key.
   sub _pbkdf2($$$$$)
   {
       my ($password, $salt, $iter, $keylen, $prf) = @_;
       my ($k, $t, $u, $ui, $i);
       $t = "";
       for ($k = 1; length($t) <  $keylen; $k++) {
       $u = $ui = &$prf($salt.pack('N', $k), $password);
       for ($i = 1; $i < $iter; $i++) {
           $ui = &$prf($ui, $password);
           $u ^= $ui;
       }
       $t .= $u;
       }
       return substr($t, 0, $keylen);
   }
   
   sub DES_odd_parity($) {
       my $key = $_[0];
       my ($r, $i);
       my @odd_parity = (
     1,  1,  2,  2,  4,  4,  7,  7,  8,  8, 11, 11, 13, 13, 14, 14,
    16, 16, 19, 19, 21, 21, 22, 22, 25, 25, 26, 26, 28, 28, 31, 31,
    32, 32, 35, 35, 37, 37, 38, 38, 41, 41, 42, 42, 44, 44, 47, 47,
    49, 49, 50, 50, 52, 52, 55, 55, 56, 56, 59, 59, 61, 61, 62, 62,
    64, 64, 67, 67, 69, 69, 70, 70, 73, 73, 74, 74, 76, 76, 79, 79,
    81, 81, 82, 82, 84, 84, 87, 87, 88, 88, 91, 91, 93, 93, 94, 94,
    97, 97, 98, 98,100,100,103,103,104,104,107,107,109,109,110,110,
   112,112,115,115,117,117,118,118,121,121,122,122,124,124,127,127,
   128,128,131,131,133,133,134,134,137,137,138,138,140,140,143,143,
   145,145,146,146,148,148,151,151,152,152,155,155,157,157,158,158,
   161,161,162,162,164,164,167,167,168,168,171,171,173,173,174,174,
   176,176,179,179,181,181,182,182,185,185,186,186,188,188,191,191,
   193,193,194,194,196,196,199,199,200,200,203,203,205,205,206,206,
   208,208,211,211,213,213,214,214,217,217,218,218,220,220,223,223,
   224,224,227,227,229,229,230,230,233,233,234,234,236,236,239,239,
   241,241,242,242,244,244,247,247,248,248,251,251,253,253,254,254);
       for ($i = 0; $i< length($key); $i++) {
       $r .= chr($odd_parity[ord(substr($key, $i, 1))]);
       }
       return $r;
   }
   
 1;  1;
 __END__  __END__
   
Line 377 
Line 1242 
 It has the standard Palm::PDB methods with 2 additional public methods.  It has the standard Palm::PDB methods with 2 additional public methods.
 Decrypt and Encrypt.  Decrypt and Encrypt.
   
 It currently supports the v4 Keyring databases.  The v5 databases from the pre-release keyring-2.0 are not supported.  It currently supports the v4 Keyring databases.  The v5 databases from
   the pre-release keyring-2.0 are not supported.
   
   This module doesn't store the decrypted content.  It only keeps it until it
   returns it to you or encrypts it.
   
 =head1 SYNOPSIS  =head1 SYNOPSIS
   
         use Palm::PDB;      use Palm::PDB;
         use Palm::Keyring;      use Palm::Keyring;
         my $pdb = new Palm::PDB;  
         $pdb->Load($file);      my $pass = 'password';
         foreach my $rec (@{ $pdb->{'records'} }) {      my $file = 'Keys-Gtkr.pdb';
                 print "$rec->{'plaintext'}->{'name'}\n";      my $pdb  = new Palm::PDB;
         }      $pdb->Load($file);
         $pdb->Decrypt($password);  
         # do something with the decrypted parts      foreach (0..$#{ $pdb->{records} }) {
           next if $_ = 0; # skip the password record
           my $rec  = $pdb->{records}->[$_];
           my $acct = $pdb->Decrypt($rec, $pass);
           print $rec->{name}, ' - ', $acct->{account}, "\n";
       }
   
 =head1 SUBROUTINES/METHODS  =head1 SUBROUTINES/METHODS
   
 =head2 new  =head2 new
   
         $pdb = new Palm::Keyring([$password]);      $pdb = new Palm::Keyring([$password]);
   
 Create a new PDB, initialized with the various Palm::Keyring fields  Create a new PDB, initialized with the various Palm::Keyring fields
 and an empty record list.  and an empty record list.
   
 Use this method if you're creating a Keyring PDB from scratch otherwise you  Use this method if you're creating a Keyring PDB from scratch otherwise you
 can just use Palm::PDB::new().  can just use Palm::PDB::new() before calling Load().
   
 =head2 Load  If you pass in a password, it will initalize the first record with the encrypted
   password.
   
         $pdb->Load($filename[, $password]);  =head2 Encrypt
   
 Overrides the standard Palm::Raw Load() to add      $pdb->Encrypt($rec, $acct[, $password]);
 $rec->{'plaintext'}->{'name'} and  
 $rec->{'encrypted'} fields.  
 $rec->{'plaintext'}->{'name'} holds the name of the record,  
 $rec->{'encrypted'} is the encrypted information in the PDB.  
   
 It also takes an additional optional parameter, which is the password to use to  Encrypts an account into a record, either with the password previously
 decrypt the database.  used, or with a password that is passed.
   
 See Decrypt() for the additional fields that are available after decryption.  $rec is a record from $pdb->{records} or a new_Record().
   $acct is a hashref in the format below.
   
 =head2 Write      my $acct = {
           name       => $rec->{name},
           account    => $account,
           password   => $password,
           notes      => $notes,
           lastchange => {
               year  => 107, # years since 1900
               month =>   0, # 0-11, 0 = January, 11 = December
               day   =>  30, # 1-31, same as localtime
           },
       };
   
         $pdb->Write($filename[, $password]);  If you have changed anything other than the lastchange, or don't pass in a
   lastchange key, Encrypt() will generate a new lastchange date for you.
   
 Just like the Palm::Raw::Write() but encrypts everything before saving.  If you pass in a lastchange field that is different than the one in the
   record, it will honor what you passed in.
   
 Also takes an optional password to encrypt with a new password, not needed  Encrypt() only uses the $acct->{name} if there is not already a $rec->{name}.
 unless you are changing the password.  
   
 =head2 Encrypt  =head2 Decrypt
   
         $pdb->Encrypt([$password]);      my $acct = $pdb->Decrypt($rec[, $password]);
   
 Encrypts the PDB, either with the password used to decrypt or create it, or  Decrypts the record and returns a hashref for the account as described
 optionally with a password that is passed.  under Encrypt().
   
 See Decrypt() for an what plaintext fields are available to be encrypted.      foreach (0..$#{ $pdb->{records}) {
           next if $_ == 0;
           my $rec = $pdb->{records}->[$_];
           my $acct = $pdb->Decrypt($rec[, $password]);
           # do something with $acct
       }
   
 =head2 Decrypt  =head2 Password
   
         $pdb->Decrypt([$password]);      $pdb->Password([$password[, $new_password]]);
   
 Decrypts the PDB and fills out the rest of the fields available in  Either sets the password to be used to crypt, or if you pass $new_password,
 $rec->{'plaintext'}.  changes the password on the database.
   
 The plaintext should now be this, before encryption or after decryption:  If you have created a new $pdb, and you didn't set a password when you
   called new(), you only need to pass one password and it will set that as
   the password.
   
         $rec->{'plaintext'} = {  If nothing is passed, it forgets the password that it was remembering.
                 name        => $name,  
                 account     => $account,  
                 password    => $account_password,  
                 description => $description,  
         };  
   
 =head1 DEPENDENCIES  =head1 DEPENDENCIES
   
Line 462 
Line 1347 
   
 Readonly  Readonly
   
   =head1 THANKS
   
   I would like to thank the helpful Perlmonk shigetsu who gave me some great advice
   and helped me get my first module posted.  L<http://perlmonks.org/?node_id=596998>
   
   I would also like to thank
   Johan Vromans
   E<lt>jvromans@squirrel.nlE<gt> --
   L<http://www.squirrel.nl/people/jvromans>.
   He had his own Palm::KeyRing module that he posted a couple of days before
   mine was ready and he was kind enough to let me have the namespace as well
   as giving me some very helpful hints about doing a few things that I was
   unsure of.  He is really great.
   
 =head1 BUGS AND LIMITATIONS  =head1 BUGS AND LIMITATIONS
   
 Once this module is uploaded, you can  
 Please report any bugs or feature requests to  Please report any bugs or feature requests to
 C<bug-palm-keyring at rt.cpan.org>, or through the web interface at  C<bug-palm-keyring at rt.cpan.org>, or through the web interface at
 L<http://rt.cpan.org>.  I will be notified, and then you'll automatically be  L<http://rt.cpan.org>.  I will be notified, and then you'll automatically be
Line 472 
Line 1370 
   
 =head1 AUTHOR  =head1 AUTHOR
   
 Andrew Fresh E<lt>andrew@mad-techies.orgE<gt>  Andrew Fresh E<lt>andrew@cpan.orgE<gt>
   
 =head1 LICENSE AND COPYRIGHT  =head1 LICENSE AND COPYRIGHT
   
 You may distribute this file under the terms of perl itself  
 as specified in the LICENSE file.  
   
 Copyright 2004, 2005, 2006, 2007 Andrew Fresh, All Rights Reserved.  Copyright 2004, 2005, 2006, 2007 Andrew Fresh, All Rights Reserved.
   
 This program is free software; you can redistribute it and/or modify it  This program is free software; you can redistribute it and/or
 under the same terms as Perl itself.  modify it under the same terms as Perl itself.
   
 =head1 SEE ALSO  =head1 SEE ALSO
   
Line 492 
Line 1387 
   
 The Keyring for Palm OS website:  The Keyring for Palm OS website:
 L<http://gnukeyring.sourceforge.net/>  L<http://gnukeyring.sourceforge.net/>
   
   Johan Vromans also has a wxkeyring app that now uses this module, available
   from his website at L<http://www.vromans.org/johan/software/sw_palmkeyring.html>
Legend:
Removed from v.1.14  
changed lines
  Added in v.1.30
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>