[BACK]Return to Keyring.pm CVS log [TXT][DIR] Up to [local] / palm / Palm-Keyring / lib / Palm

Diff for /palm/Palm-Keyring/lib/Palm/Keyring.pm between version 1.15 and 1.30

version 1.15, 2007/01/29 02:49:41 version 1.30, 2007/02/19 01:37:10
Line 1 
Line 1 
 package Palm::Keyring;  package Palm::Keyring;
   # $RedRiver: Keyring.pm,v 1.29 2007/02/19 00:22:42 andrew Exp $
 # $RedRiver: Keyring.pm,v 1.14 2007/01/28 22:24:17 andrew Exp $  ########################################################################
   # Keyring.pm *** Perl class for Keyring for Palm OS databases.
 #  #
 # Perl class for dealing with Keyring for Palm OS databases.  
 #  
 #   This started as Memo.pm, I just made it work for Keyring.  #   This started as Memo.pm, I just made it work for Keyring.
   #
   # 2006.01.26 #*#*# andrew fresh <andrew@cpan.org>
   ########################################################################
   # Copyright (C) 2006, 2007 by Andrew Fresh
   #
   # This program is free software; you can redistribute it and/or modify
   # it under the same terms as Perl itself.
   ########################################################################
 use strict;  use strict;
 use warnings;  use warnings;
   
 use Carp;  use Carp;
   use Data::Dumper;
   
 use base qw/ Palm::StdAppInfo /;  use base qw/ Palm::StdAppInfo /;
   
   use Digest::HMAC_SHA1 qw(hmac_sha1);
   use Digest::SHA1 qw(sha1);
   use Crypt::CBC;
   
 use Digest::MD5 qw(md5);  use Digest::MD5 qw(md5);
 use Crypt::DES;  use Crypt::DES;
 use Readonly;  
   
 Readonly my $ENCRYPT    => 1;  my $ENCRYPT    = 1;
 Readonly my $DECRYPT    => 0;  my $DECRYPT    = 0;
 Readonly my $MD5_CBLOCK => 64;  my $MD5_CBLOCK = 64;
 Readonly my $kSalt_Size => 4;  my $kSalt_Size = 4;
 Readonly my $EMPTY      => q{};  my $EMPTY      = q{};
 Readonly my $SPACE      => q{ };  my $SPACE      = q{ };
 Readonly my $NULL       => chr 0;  my $NULL       = chr 0;
   
 # One liner, to allow MakeMaker to work.  my @CRYPTS = (
 our ($VERSION) = q$Revision$ =~ m{ Revision: \s+ (\S+) }xm;      { # None
           name      => 'None',
           keylen    => 8,
           blocksize => 1,
           default_iter => 500,
       },
       { # DES-EDE3
           name      => 'DES_EDE3',
           keylen    => 24,
           blocksize =>  8,
           DES_odd_parity => 1,
           default_iter => 1000,
       },
       { # AES128
           name      => 'Rijndael',
           keylen    => 16,
           blocksize => 16,
           default_iter => 100,
       },
       { # AES256
           name      => 'Rijndael',
           keylen    => 32,
           blocksize => 16,
           default_iter => 250,
       },
   );
   
 #@ISA = qw( Palm::StdAppInfo Palm::Raw );  
   
 sub new {  our $VERSION = 0.95;
   
   sub new
   {
     my $classname = shift;      my $classname = shift;
     my $pass      = shift;      my $options = {};
   
       # hashref arguments
       if (ref $_[0] eq 'HASH') {
         $options = shift;
       }
   
       # CGI style arguments
       elsif ($_[0] =~ /^-[a-zA-Z0-9_]{1,20}$/) {
         my %tmp = @_;
         while ( my($key,$value) = each %tmp) {
           $key =~ s/^-//;
           $options->{lc $key} = $value;
         }
       }
   
       else {
           $options->{password} = shift;
           $options->{version}  = shift;
       }
   
     # Create a generic PDB. No need to rebless it, though.      # Create a generic PDB. No need to rebless it, though.
     my $self = $classname->SUPER::new(@_);      my $self = $classname->SUPER::new();
   
     $self->{'name'}    = 'Keys-Gtkr';    # Default      $self->{name}    = 'Keys-Gtkr';    # Default
     $self->{'creator'} = 'Gtkr';      $self->{creator} = 'Gtkr';
     $self->{'type'}    = 'Gkyr';      $self->{type}    = 'Gkyr';
   
     # The PDB is not a resource database by      # The PDB is not a resource database by
     # default, but it's worth emphasizing,      # default, but it's worth emphasizing,
     # since MemoDB is explicitly not a PRC.      # since MemoDB is explicitly not a PRC.
     $self->{'attributes'}{'resource'} = 0;      $self->{attributes}{resource} = 0;
   
     # Initialize the AppInfo block      # Set the version
     $self->{'appinfo'} = {};      $self->{version} = $options->{version} || 4;
   
     # Add the standard AppInfo block stuff      # Set options
     Palm::StdAppInfo::seed_StdAppInfo( $self->{'appinfo'} );      $self->{options} = $options;
   
     # Set the version      # Set defaults
     $self->{'version'} = 4;      if ($self->{version} == 5) {
           $self->{options}->{cipher} ||= 0; # 'None'
           $self->{options}->{iterations} ||=
               $CRYPTS[ $self->{options}->{cipher} ]{default_iter};
   
     # Give the PDB the first record that will hold the encrypted password         $self->{appinfo}->{cipher} ||= $self->{options}->{cipher};
     $self->{'records'} = [ $self->new_Record ];         $self->{appinfo}->{iter}   ||= $self->{options}->{iterations};
       };
   
     if ( defined $pass ) {      if ( defined $options->{password} ) {
         $self->Encrypt($pass);          $self->Password($options->{password});
     }      }
   
     return $self;      return $self;
 }  }
   
 sub import {  sub import
   {
     Palm::PDB::RegisterPDBHandlers( __PACKAGE__, [ 'Gtkr', 'Gkyr' ], );      Palm::PDB::RegisterPDBHandlers( __PACKAGE__, [ 'Gtkr', 'Gkyr' ], );
     return 1;      return 1;
 }  }
   
 sub Load {  # ParseRecord
   
   sub ParseRecord
   {
     my $self     = shift;      my $self     = shift;
     my $filename = shift;  
     my $password = shift;  
   
     $self->{'appinfo'} = {};      my $rec = $self->SUPER::ParseRecord(@_);
     $self->{'records'} = [];      return $rec if ! exists $rec->{data};
     $self->SUPER::Load($filename);  
   
     foreach my $rec ( @{ $self->{'records'} } ) {      if ($self->{version} == 4) {
         if ( ! exists $rec->{'data'}) { next; };          # skip the first record because it contains the password.
         my ( $name, $encrypted ) = split /$NULL/xm, $rec->{'data'}, 2;          return $rec if ! exists $self->{records};
         if ( ! $encrypted ) { next };  
         $rec->{'plaintext'}->{'name'} = $name;          my ( $name, $encrypted ) = split /$NULL/xm, $rec->{data}, 2;
         $rec->{'encrypted'} = $encrypted;  
           return $rec if ! $encrypted;
           $rec->{name}      = $name;
           $rec->{encrypted} = $encrypted;
           delete $rec->{data};
   
       } elsif ($self->{version} == 5) {
           my $blocksize = $CRYPTS[ $self->{appinfo}->{cipher} ]{blocksize};
           my ($field, $extra) = _parse_field($rec->{data});
           my $ivec      = substr $extra, 0, $blocksize;
           my $encrypted = substr $extra, $blocksize;
   
           if ($self->{options}->{v4compatible}) {
               $rec->{name} = $field->{data};
           } else {
               $rec->{name} = $field;
           }
           $rec->{ivec}      = $ivec;
           $rec->{encrypted} = $encrypted;
   
       } else {
           die 'Unsupported Version';
           return;
     }      }
   
     return $self->Decrypt($password) if defined $password;      return $rec;
   }
   
     return 1;  # PackRecord
   
   sub PackRecord
   {
       my $self = shift;
       my $rec  = shift;
   
       if ($self->{version} == 4) {
           if ($rec->{encrypted}) {
               if (! defined $rec->{name}) {
                   $rec->{name} = $EMPTY;
               }
               $rec->{data} = join $NULL, $rec->{name}, $rec->{encrypted};
               delete $rec->{name};
               delete $rec->{encrypted};
           }
   
       } elsif ($self->{version} == 5) {
           my $field;
           if ($rec->{name}) {
               if ($self->{options}->{v4compatible}) {
                   $field = {
                       label    => 'name',
                       font     => 0,
                       data     => $rec->{'name'},
                   };
               } else {
                   $field = $rec->{name};
               }
           }
           my $packed = '';
           if ($field) {
               $packed = _pack_field($field);
           }
           my $len = length $packed;
           my $blocksize = $CRYPTS[ $self->{appinfo}->{cipher} ]{blocksize};
   
           $rec->{data} = join '', $packed, $rec->{ivec}, $rec->{encrypted};
   
       } else {
           die 'Unsupported Version';
       }
   
       return $self->SUPER::PackRecord($rec, @_);
 }  }
   
 sub Write {  # ParseAppInfoBlock
     my $self     = shift;  
     my $filename = shift;  
     my $password = shift;  
   
     $self->Encrypt($password) || return;  sub ParseAppInfoBlock
     return $self->SUPER::Write($filename);  {
       my $self = shift;
       my $data = shift;
       my $appinfo = {};
   
       &Palm::StdAppInfo::parse_StdAppInfo($appinfo, $data);
   
       # int8/uint8
       # - Signed or Unsigned Byte (8 bits). C types: char, unsigned char
       # int16/uint16
       # - Signed or Unsigned Word (16 bits). C types: short, unsigned short
       # int32/uint32
       # - Signed or Unsigned Doubleword (32 bits). C types: int, unsigned int
       # sz
       # - Zero-terminated C-style string
   
       if ($self->{version} == 4) {
           # Nothing extra for version 4
   
       } elsif ($self->{version} == 5) {
           _parse_appinfo_v5($appinfo) || return;
   
       } else {
           die "Unsupported Version";
           return;
       }
   
       return $appinfo;
 }  }
   
 sub Encrypt {  sub _parse_appinfo_v5
   {
       my $appinfo = shift;
   
       if (! exists $appinfo->{other}) {
           # XXX Corrupt appinfo?
           return;
       }
   
       my $unpackstr
           = ("C1" x 8)  # 8 uint8s in an array for the salt
           . ("S1" x 2)  # the iter (uint16) and the cipher (uint16)
           . ("C1" x 8); # and finally 8 more uint8s for the hash
   
       my (@salt, $iter, $cipher, @hash);
       (@salt[0..7], $iter, $cipher, @hash[0..7])
           = unpack $unpackstr, $appinfo->{other};
   
       $appinfo->{salt}           = sprintf "%02x" x 8, @salt;
       $appinfo->{iter}           = $iter;
       $appinfo->{cipher}         = $cipher;
       $appinfo->{masterhash}     = sprintf "%02x" x 8, @hash;
       delete $appinfo->{other};
   
       return $appinfo
   }
   
   # PackAppInfoBlock
   
   sub PackAppInfoBlock
   {
     my $self = shift;      my $self = shift;
     my $pass = shift;      my $retval;
   
     if ($pass) {      if ($self->{version} == 4) {
         if (          # Nothing to do for v4
             !( exists $self->{'records'}->[0]->{'data'}  
                 && $self->_keyring_verify($pass) )  
           )  
         {  
   
             # This would encrypt with a new password.      } elsif ($self->{version} == 5) {
             # First decrypting everything with the old password of course.          _pack_appinfo_v5($self->{appinfo});
             $self->_keyring_update($pass) || return;      } else {
             $self->_keyring_verify($pass) || return;          die "Unsupported Version";
           return;
       }
       return &Palm::StdAppInfo::pack_StdAppInfo($self->{appinfo});
   }
   
   sub _pack_appinfo_v5
   {
       my $appinfo = shift;
   
       my $packstr
           = ("C1" x 8)  # 8 uint8s in an array for the salt
           . ("S1" x 2)  # the iter (uint16) and the cipher (uint16)
           . ("C1" x 8); # and finally 8 more uint8s for the hash
   
       my @salt = map { hex $_ } $appinfo->{salt} =~ /../gxm;
       my @hash = map { hex $_ } $appinfo->{masterhash} =~ /../gxm;
   
       my $packed = pack($packstr,
           @salt,
           $appinfo->{iter},
           $appinfo->{cipher},
           @hash
       );
   
       $appinfo->{other}  = $packed;
   
       return $appinfo
   }
   
   # Encrypt
   
   sub Encrypt
   {
       my $self = shift;
       my $rec  = shift;
       my $data = shift;
       my $pass = shift || $self->{password};
   
       if ( ! $pass && ! $self->{appinfo}->{key}) {
           croak("password not set!\n");
       }
   
       if ( ! $rec) {
           croak("Needed parameter 'record' not passed!\n");
       }
   
       if ( ! $data) {
           croak("Needed parameter 'data' not passed!\n");
       }
   
       if ( $pass && ! $self->Password($pass)) {
           croak("Incorrect Password!\n");
       }
   
       my $acct;
       if ($rec->{encrypted}) {
           $acct = $self->Decrypt($rec, $pass);
       }
   
       my $encrypted;
       if ($self->{version} == 4) {
           $self->{digest} ||= _calc_keys( $pass );
           $encrypted = _encrypt_v4($data, $acct, $self->{digest});
           $rec->{name}    ||= $data->{name};
   
       } elsif ($self->{version} == 5) {
           my @recs = ($data, $acct);
           my $name;
           if ($self->{options}->{v4compatible}) {
               $rec->{name} ||= $data->{name};
               foreach my $rec (@recs) {
                   my @fields;
                   foreach my $k (sort keys %{ $rec }) {
                       my $field = {
                           label    => $k,
                           font     => 0,
                           data     => $rec->{$k},
                       };
                       push @fields, $field;
                   }
                   $rec = \@fields;
               }
         }          }
   
           my $ivec;
           ($encrypted, $ivec) = _encrypt_v5(
               @recs,
               $self->{appinfo}->{key},
               $self->{appinfo}->{cipher},
           );
           if ($ivec) {
               $rec->{ivec} = $ivec;
           }
   
       } else {
           die "Unsupported Version";
     }      }
   
     $self->{'digest'} ||= _calc_keys( $self->{'password'} );      if ($encrypted) {
           if ($encrypted eq '1') {
               return 1;
           }
   
     foreach my $rec ( @{ $self->{'records'} } ) {          $rec->{attributes}{Dirty} = 1;
         if (!defined $rec->{'plaintext'}) { next; };          $rec->{attributes}{dirty} = 1;
           $rec->{encrypted} = $encrypted;
   
         my $name =          return 1;
           defined $rec->{'plaintext'}->{'name'}      } else {
           ? $rec->{'plaintext'}->{'name'}          return;
           : $EMPTY;      }
         my $account =  }
           defined $rec->{'plaintext'}->{'account'}  
           ? $rec->{'plaintext'}->{'account'}  
           : $EMPTY;  
         my $password =  
           defined $rec->{'plaintext'}->{'password'}  
           ? $rec->{'plaintext'}->{'password'}  
           : $EMPTY;  
         my $description =  
           defined $rec->{'plaintext'}->{'description'}  
           ? $rec->{'plaintext'}->{'description'}  
           : $EMPTY;  
         my $extra = $EMPTY;  
   
         my $plaintext = join "$NULL", $account, $password, $description, $extra;  sub _encrypt_v4
   {
       my $new    = shift;
       my $old    = shift;
       my $digest = shift;
   
         my $encrypted = _crypt3des( $plaintext, $self->{'digest'}, $ENCRYPT );      $new->{account}  ||= $EMPTY;
       $new->{password} ||= $EMPTY;
       $new->{notes}    ||= $EMPTY;
   
         $rec->{'data'} = join "$NULL", $name, $encrypted;      my $changed      = 0;
       my $need_newdate = 0;
       if ($old && %{ $old }) {
           foreach my $key (keys %{ $new }) {
               next if $key eq 'lastchange';
               if ($new->{$key} ne $old->{$key}) {
                   $changed = 1;
                   last;
               }
           }
           if ( exists $new->{lastchange} && exists $old->{lastchange} && (
               $new->{lastchange}->{day}   != $old->{lastchange}->{day}   ||
               $new->{lastchange}->{month} != $old->{lastchange}->{month} ||
               $new->{lastchange}->{year}  != $old->{lastchange}->{year}
           )) {
               $changed = 1;
               $need_newdate = 0;
           } else {
               $need_newdate = 1;
           }
   
       } else {
           $changed = 1;
     }      }
   
     return 1;      # no need to re-encrypt if it has not changed.
       return 1 if ! $changed;
   
       my ($day, $month, $year);
   
       if ($new->{lastchange} && ! $need_newdate ) {
           $day   = $new->{lastchange}->{day}   || 1;
           $month = $new->{lastchange}->{month} || 0;
           $year  = $new->{lastchange}->{year}  || 0;
   
           # XXX Need to actually validate the above information somehow
           if ($year >= 1900) {
               $year -= 1900;
           }
       } else {
           $need_newdate = 1;
       }
   
       if ($need_newdate) {
           ($day, $month, $year) = (localtime)[3,4,5];
       }
   
       my $packed_date = _pack_keyring_date( {
               year  => $year,
               month => $month,
               day   => $day,
       });
   
       my $plaintext = join $NULL,
           $new->{account}, $new->{password}, $new->{notes}, $packed_date;
   
       return _crypt3des( $plaintext, $digest, $ENCRYPT );
 }  }
   
 sub Decrypt {  sub _encrypt_v5
   {
       my $new    = shift;
       my $old    = shift;
       my $key    = shift;
       my $cipher = shift;
       my $length = $CRYPTS[ $cipher ]{blocksize};
       my $ivec   = shift || pack("C*",map {rand(256)} 1..$length);
   
       my $keylen      = $CRYPTS[ $cipher ]{keylen};
       my $cipher_name = $CRYPTS[ $cipher ]{name};
   
       my $changed = 0;
       my $need_newdate = 1;
       my $date_index;
       for (my $i = 0; $i < @{ $new }; $i++) {
           if (
               (exists $new->[$i]->{label_id} && $new->[$i]->{label_id} == 3) ||
               (exists $new->[$i]->{label}    && $new->[$i]->{label}    eq 'lastchange')
           ) {
               $date_index   = $i;
               if ( $old && $#{ $new } == $#{ $old } && (
                       $new->[$i]->{data}->{day}   != $old->[$i]->{data}->{day}   ||
                       $new->[$i]->{data}->{month} != $old->[$i]->{data}->{month} ||
                       $new->[$i]->{data}->{year}  != $old->[$i]->{data}->{year}
                   )) {
                   $changed      = 1;
                   $need_newdate = 0;
                   last;
               }
   
           } elsif ($old && $#{ $new } == $#{ $old }) {
               my $n = join ':', %{ $new->[$i] };
               my $o = join ':', %{ $old->[$i] };
               if ($n ne $o) {
                   $changed = 1;
               }
           } elsif ($#{ $new } != $#{ $old }) {
               $changed = 1;
           }
       }
       if ($old && (! @{ $old }) && $date_index) {
           $need_newdate = 0;
       }
   
       return 1, 0 if $changed == 0;
   
       if ($need_newdate || ! defined $date_index) {
           my ($day, $month, $year) = (localtime)[3,4,5];
           my $date = {
               year  => $year,
               month => $month,
               day   => $day,
           };
           if (defined $date_index) {
               $new->[$date_index]->{data} = $date;
           } else {
               push @{ $new }, {
                   label => 'lastchange',
                   font  => 0,
                   data  => $date,
               };
           }
       } else {
           # XXX Need to actually validate the above information somehow
           if ($new->[$date_index]->{data}->{year} >= 1900) {
               $new->[$date_index]->{data}->{year} -= 1900;
           }
       }
   
       my $decrypted;
       foreach my $field (@{ $new }) {
           $decrypted .= _pack_field($field);
       }
   
       my $encrypted;
       if ($cipher_name eq 'None') {
           # do nothing
           $encrypted = $decrypted;
   
       } elsif ($cipher_name eq 'DES_EDE3' or $cipher_name eq 'Rijndael') {
           my $c = Crypt::CBC->new(
               -literal_key => 1,
               -key         => $key,
               -iv          => $ivec,
               -cipher      => $cipher_name,
               -keysize     => $keylen,
               -header      => 'none',
               -padding     => 'oneandzeroes',
           );
   
           if (! $c) {
               croak("Unable to set up encryption!");
           }
   
           $encrypted = $c->encrypt($decrypted);
   
       } else {
           die "Unsupported Version";
       }
   
       return $encrypted, $ivec;
   }
   
   # Decrypt
   
   sub Decrypt
   {
     my $self = shift;      my $self = shift;
     my $pass = shift;      my $rec  = shift;
       my $pass = shift || $self->{password};
   
     if ($pass) {      if ( ! $pass && ! $self->{appinfo}->{key}) {
         $self->_keyring_verify($pass) || return;          croak("password not set!\n");
     }      }
   
     $self->{'digest'} ||= _calc_keys( $self->{'password'} );      if ( ! $rec) {
           croak("Needed parameter 'record' not passed!\n");
       }
   
     my $reccount = 0;      if ( $pass && ! $self->Password($pass)) {
     foreach my $rec ( @{ $self->{'records'} } ) {          croak("Invalid Password!\n");
         $reccount++;      }
   
         # always skip the first record that has the password in it.      if ( ! $rec->{encrypted} ) {
         next if $reccount <= 1;          croak("No encrypted content!");
         if ( ! defined $rec->{'data'} ) {      }
             warn 'Invalid record ' . ( $reccount - 1 ) . "\n";  
             next;      if ($self->{version} == 4) {
           $self->{digest} ||= _calc_keys( $pass );
           my $acct = _decrypt_v4($rec->{encrypted}, $self->{digest});
           $acct->{name} ||= $rec->{name};
           return $acct;
   
       } elsif ($self->{version} == 5) {
           my $fields = _decrypt_v5(
               $rec->{encrypted}, $self->{appinfo}->{key},
               $self->{appinfo}->{cipher}, $rec->{ivec},
           );
           if ($self->{options}->{v4compatible}) {
               my %acct;
               foreach my $f (@{ $fields }) {
                   $acct{ $f->{label} } = $f->{data};
               }
               $acct{name} ||= $rec->{name};
               return \%acct;
           } else {
               return $fields;
         }          }
   
         my ( $name, $encrypted ) = split /$NULL/xm, $rec->{'data'}, 2;      } else {
         if (! $encrypted) { next; };          die "Unsupported Version";
       }
       return;
   }
   
         $rec->{'plaintext'}->{'name'} = $name;  sub _decrypt_v4
   {
       my $encrypted = shift;
       my $digest    = shift;
   
         my $decrypted = _crypt3des( $encrypted, $self->{'digest'}, $DECRYPT );      my $decrypted = _crypt3des( $encrypted, $digest, $DECRYPT );
         my ( $account, $password, $description, $extra ) = split /$NULL/xm,      my ( $account, $password, $notes, $packed_date )
           $decrypted, 4;          = split /$NULL/xm, $decrypted, 4;
   
         $rec->{'plaintext'}->{'account'} = defined $account ? $account : $EMPTY;      my $modified;
         $rec->{'plaintext'}->{'password'} =      if ($packed_date) {
           defined $password ? $password : $EMPTY;          $modified = _parse_keyring_date($packed_date);
         $rec->{'plaintext'}->{'description'} =      }
           defined $description ? $description : $EMPTY;  
   
         #print "Name:      '$name'\n";      return {
         #print "Encrypted: '$encrypted' - Length: " . length($encrypted) . "\n";          account    => $account,
         #print "    Hex:   '" . unpack("H*", $encrypted) . "'\n";          password   => $password,
         #print "    Binary:'" . unpack("b*", $encrypted) . "'\n";          notes      => $notes,
         #print "Decrypted: '$decrypted' - Length: " . length($decrypted) . "\n";          lastchange => $modified,
         #print "    Hex:   '" . unpack("H*", $decrypted) . "'\n";      };
         #print "    Binary:'" . unpack("b*", $decrypted) . "'\n";  }
         #print "\n";  
         #print "Extra: $extra\n";  
         #exit;  
         #--------------------------------------------------  
         # print "Account:     $account\n";  
         # print "Password:    $password\n";  
         # print "Description: $description\n";  
         #--------------------------------------------------  
   
   sub _decrypt_v5
   {
       my $encrypted = shift;
       my $key       = shift;
       my $cipher    = shift;
       my $ivec      = shift;
   
       my $keylen       = $CRYPTS[ $cipher ]{keylen};
       my $cipher_name  = $CRYPTS[ $cipher ]{name};
   
       my $decrypted;
   
       if ($cipher_name eq 'None') {
           # do nothing
           $decrypted = $encrypted;
   
       } elsif ($cipher_name eq 'DES_EDE3' or $cipher_name eq 'Rijndael') {
           my $c = Crypt::CBC->new(
               -literal_key => 1,
               -key         => $key,
               -iv          => $ivec,
               -cipher      => $cipher_name,
               -keysize     => $keylen,
               -header      => 'none',
               -padding     => 'oneandzeroes',
           );
   
           if (! $c) {
               croak("Unable to set up encryption!");
           }
           $encrypted .= $NULL x $keylen; # pad out a keylen
           $decrypted  = $c->decrypt($encrypted);
   
       } else {
           die "Unsupported Version";
           return;
       }
   
       my @fields;
       while ($decrypted) {
           my $field;
           ($field, $decrypted) = _parse_field($decrypted);
           if (! $field) {
               last;
           }
           push @fields, $field;
     }      }
   
     return 1;      return \@fields;
 }  }
   
 sub _calc_keys {  # Password
   
   sub Password
   {
       my $self = shift;
     my $pass = shift;      my $pass = shift;
     if (! defined $pass) { croak('No password defined!'); };      my $new_pass = shift;
   
     my $digest = md5($pass);      if (! $pass) {
           delete $self->{password};
           delete $self->{appinfo}->{key};
           return 1;
       }
   
     my ( $key1, $key2 ) = unpack 'a8a8', $digest;      if (
           ($self->{version} == 4 && ! exists $self->{records}) ||
           ($self->{version} == 5 && ! exists $self->{appinfo}->{masterhash})
       ) {
           if ($self->{version} == 4) {
               # Give the PDB the first record that will hold the encrypted password
               $self->{records} = [ $self->new_Record ];
           }
   
     #--------------------------------------------------          return $self->_password_update($pass);
     # print "key1: $key1: ", length $key1, "\n";      }
     # print "key2: $key2: ", length $key2, "\n";  
     #--------------------------------------------------  
   
     $digest = unpack 'H*', $key1 . $key2 . $key1;      if ($new_pass) {
           my $v4compat = $self->{options}->{v4compatible};
           $self->{options}->{v4compatible} = 0;
   
     #--------------------------------------------------          my @accts = ();
     # print "Digest: ", $digest, "\n";          foreach my $i (0..$#{ $self->{records} }) {
     # print length $digest, "\n";              if ($self->{version} == 4 && $i == 0) {
     #--------------------------------------------------                  push @accts, undef;
                   next;
               }
               my $acct = $self->Decrypt($self->{records}->[$i], $pass);
               if ( ! $acct ) {
                   croak("Couldn't decrypt $self->{records}->[$i]->{name}");
               }
               push @accts, $acct;
           }
   
     return $digest;          if ( ! $self->_password_update($new_pass)) {
               croak("Couldn't set new password!");
           }
           $pass = $new_pass;
   
           foreach my $i (0..$#accts) {
               if ($self->{version} == 4 && $i == 0) {
                   next;
               }
               delete $self->{records}->[$i]->{encrypted};
               $self->Encrypt($self->{records}->[$i], $accts[$i], $pass);
           }
   
           $self->{options}->{v4compatible} = $v4compat;
       }
   
       if (defined $self->{password} && $pass eq $self->{password}) {
           # already verified this password
           return 1;
       }
   
       if ($self->{version} == 4) {
           # AFAIK the thing we use to test the password is
           #     always in the first entry
           my $valid = _password_verify_v4($pass, $self->{records}->[0]->{data});
   
           # May as well generate the keys we need now, since we know the password is right
           if ($valid) {
               $self->{digest} = _calc_keys($pass);
               if ($self->{digest} ) {
                   $self->{password} = $pass;
                   return 1;
               }
           }
       } elsif ($self->{version} == 5) {
           return _password_verify_v5($pass, $self->{appinfo});
       } else {
           # XXX unsupported version
       }
   
       return;
 }  }
   
 sub _keyring_verify {  sub _password_verify_v4
     my $self = shift;  {
     my $pass = shift;      my $pass = shift;
       my $data = shift;
   
     if (! $pass) { croak('No password specified!'); };      if (! $pass) { croak('No password specified!'); };
   
     # AFAIK the thing we use to test the password is      # XXX die "No encrypted password in file!" unless defined $data;
     #     always in the first entry      if ( ! defined $data) { return; };
     my $data = $self->{'records'}->[0]->{'data'};  
   
     #die "No encrypted password in file!" unless defined $data;  
     if (! defined $data) { return; };  
   
     $data =~ s/$NULL$//xm;      $data =~ s/$NULL$//xm;
   
     my $salt = substr $data, 0, $kSalt_Size;      my $salt = substr $data, 0, $kSalt_Size;
   
     my $msg = $salt . $pass;      my $msg = $salt . $pass;
   
     $msg .= "\0" x ( $MD5_CBLOCK - length $msg );      $msg .= "\0" x ( $MD5_CBLOCK - length $msg );
   
     my $digest = md5($msg);      my $digest = md5($msg);
   
     if ( $data eq $salt . $digest ) {      if (! $data eq $salt . $digest ) {
           return;
       }
   
 # May as well generate the keys we need now, since we know the password is right      return 1;
         $self->{'digest'} = _calc_keys($pass);  }
         if ( $self->{'digest'} ) {  
             $self->{'password'} = $pass;  sub _password_verify_v5
             return 1;  {
         }      my $pass    = shift;
       my $appinfo = shift;
   
       my $salt = pack("H*", $appinfo->{salt});
   
       my ($key, $hash) = _calc_key_v5(
           $pass, $salt, $appinfo->{iter},
           $CRYPTS[ $appinfo->{cipher} ]{keylen},
           $CRYPTS[ $appinfo->{cipher} ]{DES_odd_parity},
       );
   
       #print "Key:  '". unpack("H*", $key) . "'\n";
       #print "Hash: '". $hash . "'\n";
       #print "Hash: '". $appinfo->{masterhash} . "'\n";
   
       if ($appinfo->{masterhash} eq $hash) {
           $appinfo->{key} = $key;
       } else {
           return;
     }      }
     return;  
       return $key;
 }  }
   
 sub _keyring_update {  
   
   sub _password_update
   {
     # It is very important to Encrypt after calling this      # It is very important to Encrypt after calling this
     #     (Although it is generally only called by Encrypt)      #     (Although it is generally only called by Encrypt)
     # because otherwise the data will be out of sync with the      # because otherwise the data will be out of sync with the
     # password, and that would suck!      # password, and that would suck!
     my $self = shift;      my $self   = shift;
     my $pass = shift;      my $pass   = shift;
   
     if (! $pass) { croak('No password specified!'); };      if ($self->{version} == 4) {
           my $data = _password_update_v4($pass, @_);
   
     # if the database already has a password in it          if (! $data) {
     if ( $self->{'records'}->[0]->{'data'} ) {              carp("Failed  to update password!");
               return;
           }
   
         # Make sure everything is decrypted before we update the keyring          # AFAIK the thing we use to test the password is
         $self->Decrypt() || return;          #     always in the first entry
           $self->{records}->[0]->{data} = $data;
           $self->{password} = $pass;
           $self->{digest}   = _calc_keys( $self->{password} );
   
           return 1;
   
       } elsif ($self->{version} == 5) {
           my $cipher  = shift || $self->{appinfo}->{cipher};
           my $iter    = shift || $self->{appinfo}->{iter};
           my $salt    = shift || 0;
   
           my $hash = _password_update_v5(
               $self->{appinfo}, $pass, $cipher, $iter, $salt
           );
   
           if (! $hash) {
               carp("Failed  to update password!");
               return;
           }
   
           return 1;
       } else {
           croak("Unsupported version ($self->{version})");
     }      }
   
       return;
   }
   
   sub _password_update_v4
   {
       my $pass = shift;
   
       if (! defined $pass) { croak('No password specified!'); };
   
     my $salt;      my $salt;
     for ( 1 .. $kSalt_Size ) {      for ( 1 .. $kSalt_Size ) {
         $salt .= chr int rand 255;          $salt .= chr int rand 255;
Line 297 
Line 909 
   
     my $data = $salt . $digest;    # . "\0";      my $data = $salt . $digest;    # . "\0";
   
     # AFAIK the thing we use to test the password is      return $data;
     #     always in the first entry  }
     $self->{'records'}->[0]->{'data'} = $data;  
   
     $self->{'password'} = $pass;  sub _password_update_v5
     $self->{'digest'}   = _calc_keys( $self->{'password'} );  {
       my $appinfo = shift;
       my $pass    = shift;
       my $cipher  = shift;
       my $iter    = shift;
   
     return 1;      # I thought this needed to be 'blocksize', but apparently not.
       #my $length  = $CRYPTS[ $cipher ]{blocksize};
       my $length  = 8;
       my $salt    = shift || pack("C*",map {rand(256)} 1..$length);
   
       my ($key, $hash) = _calc_key_v5(
           $pass, $salt, $iter,
           $CRYPTS[ $cipher ]->{keylen},
           $CRYPTS[ $cipher ]->{DES_odd_parity},
       );
   
       $appinfo->{salt}           = unpack "H*", $salt;
       $appinfo->{iter}           = $iter;
       $appinfo->{cipher}         = $cipher;
   
       $appinfo->{key}            = $key;
       $appinfo->{masterhash}     = $hash;
   
       return $key;
 }  }
   
 sub _crypt3des {  
   sub _calc_keys
   {
       my $pass = shift;
       if (! defined $pass) { croak('No password defined!'); };
   
       my $digest = md5($pass);
   
       my ( $key1, $key2 ) = unpack 'a8a8', $digest;
   
       #--------------------------------------------------
       # print "key1: $key1: ", length $key1, "\n";
       # print "key2: $key2: ", length $key2, "\n";
       #--------------------------------------------------
   
       $digest = unpack 'H*', $key1 . $key2 . $key1;
   
       #--------------------------------------------------
       # print "Digest: ", $digest, "\n";
       # print length $digest, "\n";
       #--------------------------------------------------
   
       return $digest;
   }
   
   sub _calc_key_v5
   {
       my ($pass, $salt, $iter, $keylen, $dop) = @_;
   
       my $key = _pbkdf2( $pass, $salt, $iter, $keylen, \&hmac_sha1 );
       if ($dop) { $key = DES_odd_parity($key); }
   
       my $hash = unpack("H*", substr(sha1($key.$salt),0, 8));
   
       return $key, $hash;
   }
   
   sub _crypt3des
   {
     my ( $plaintext, $passphrase, $flag ) = @_;      my ( $plaintext, $passphrase, $flag ) = @_;
   
     $passphrase   .= $SPACE x ( 16 * 3 );      $passphrase   .= $SPACE x ( 16 * 3 );
Line 329 
Line 1000 
         #print "PT: '$pt' - Length: " . length($pt) . "\n";          #print "PT: '$pt' - Length: " . length($pt) . "\n";
         if (! length $pt) { next; };          if (! length $pt) { next; };
         if ( (length $pt) < 8 ) {          if ( (length $pt) < 8 ) {
                         if ($flag == $DECRYPT) { croak('record not 8 byte padded'); };              if ($flag == $DECRYPT) { croak('record not 8 byte padded'); };
             my $len = 8 - (length $pt);              my $len = 8 - (length $pt);
   
             #print "LENGTH: $len\n";  
             #print "Binary:    '" . unpack("b*", $pt) . "'\n";  
             $pt .= ($NULL x $len);              $pt .= ($NULL x $len);
   
             #print "PT: '$pt' - Length: " . length($pt) . "\n";  
             #print "Binary:    '" . unpack("b*", $pt) . "'\n";  
         }          }
         if ( $flag == $ENCRYPT ) {          if ( $flag == $ENCRYPT ) {
             $pt = $C[0]->encrypt($pt);              $pt = $C[0]->encrypt($pt);
Line 361 
Line 1026 
     return $cyphertext;      return $cyphertext;
 }  }
   
   sub _parse_field
   {
       my $field = shift;
   
       my @labels;
       $labels[0]   = 'name';
       $labels[1]   = 'account';
       $labels[2]   = 'password';
       $labels[3]   = 'lastchange';
       $labels[255] = 'notes';
   
       my ($len) = unpack "S1", $field;
       if ($len + 4 > length $field) {
           return undef, $field;
       }
       my $unpackstr = "S1 C1 C1 A$len";
       if ($len % 2 && $len + 4 < length $field) {
           # trim the 0/1 byte padding for next even address.
           $unpackstr .= ' x'
       }
       $unpackstr .= ' A*';
   
       my (undef, $label, $font, $data, $leftover)
           = unpack $unpackstr, $field;
   
       if ($label == 3) {
           $data = _parse_keyring_date($data);
       }
       return {
           #len      => $len,
           label    => $labels[ $label ] || $label,
           label_id => $label,
           font     => $font,
           data     => $data,
       }, $leftover;
   }
   
   sub _pack_field
   {
       my $field = shift;
   
       my %labels = (
           name       =>   0,
           account    =>   1,
           password   =>   2,
           lastchange =>   3,
           notes      => 255,
       );
   
       my $label = $field->{label_id} || $labels{ $field->{label} };
       my $font  = $field->{font}     || 0;
       my $data  = $field->{data}     || '';
   
       if ($label == 3) {
           $data = _pack_keyring_date($data);
       }
       my $len = length $data;
       my $packstr = "S1 C1 C1 A*";
   
       my $packed = pack $packstr, ($len, $label, $font, $data);
   
       if ($len % 2) {
           # add byte padding for next even address.
           $packed .= $NULL;
       }
   
       return $packed;
   }
   
   sub _parse_keyring_date
   {
       my $data = shift;
   
       my $u = unpack 'n', $data;
       my $year  = (($u & 0xFE00) >> 9) + 4; # since 1900
       my $month = (($u & 0x01E0) >> 5) - 1; # 0-11
       my $day   = (($u & 0x001F) >> 0);     # 1-31
   
       return {
           year   => $year,
           month  => $month || 0,
           day    => $day   || 1,
       };
   }
   
   sub _pack_keyring_date
   {
       my $d = shift;
       my $year  = $d->{year};
       my $month = $d->{month};
       my $day   = $d->{day};
   
       $year -= 4;
       $month++;
   
       return pack 'n', $day | ($month << 5) | ($year << 9);
   }
   
   
   sub _hexdump
   {
       my $prefix = shift;   # What to print in front of each line
       my $data = shift;     # The data to dump
       my $maxlines = shift; # Max # of lines to dump
       my $offset;           # Offset of current chunk
   
       for ($offset = 0; $offset < length($data); $offset += 16)
       {
           my $hex;   # Hex values of the data
           my $ascii; # ASCII values of the data
           my $chunk; # Current chunk of data
   
           last if defined($maxlines) && ($offset >= ($maxlines * 16));
   
           $chunk = substr($data, $offset, 16);
   
           ($hex = $chunk) =~ s/./sprintf "%02x ", ord($&)/ges;
   
           ($ascii = $chunk) =~ y/\040-\176/./c;
   
           printf "%s %-48s|%-16s|\n", $prefix, $hex, $ascii;
       }
   }
   
   sub _bindump
   {
       my $prefix = shift;   # What to print in front of each line
       my $data = shift;     # The data to dump
       my $maxlines = shift; # Max # of lines to dump
       my $offset;           # Offset of current chunk
   
       for ($offset = 0; $offset < length($data); $offset += 8)
       {
           my $bin;   # binary values of the data
           my $ascii; # ASCII values of the data
           my $chunk; # Current chunk of data
   
           last if defined($maxlines) && ($offset >= ($maxlines * 8));
   
           $chunk = substr($data, $offset, 8);
   
           ($bin = $chunk) =~ s/./sprintf "%08b ", ord($&)/ges;
   
           ($ascii = $chunk) =~ y/\040-\176/./c;
   
           printf "%s %-72s|%-8s|\n", $prefix, $bin, $ascii;
       }
   }
   
   # Thanks to Jochen Hoenicke <hoenicke@gmail.com>
   # (one of the authors of Palm Keyring)
   # for these next two subs.
   
   # Usage pbkdf2(password, salt, iter, keylen, prf)
   # iter is number of iterations
   # keylen is length of generated key in bytes
   # prf is the pseudo random function (e.g. hmac_sha1)
   # returns the key.
   sub _pbkdf2($$$$$)
   {
       my ($password, $salt, $iter, $keylen, $prf) = @_;
       my ($k, $t, $u, $ui, $i);
       $t = "";
       for ($k = 1; length($t) <  $keylen; $k++) {
       $u = $ui = &$prf($salt.pack('N', $k), $password);
       for ($i = 1; $i < $iter; $i++) {
           $ui = &$prf($ui, $password);
           $u ^= $ui;
       }
       $t .= $u;
       }
       return substr($t, 0, $keylen);
   }
   
   sub DES_odd_parity($) {
       my $key = $_[0];
       my ($r, $i);
       my @odd_parity = (
     1,  1,  2,  2,  4,  4,  7,  7,  8,  8, 11, 11, 13, 13, 14, 14,
    16, 16, 19, 19, 21, 21, 22, 22, 25, 25, 26, 26, 28, 28, 31, 31,
    32, 32, 35, 35, 37, 37, 38, 38, 41, 41, 42, 42, 44, 44, 47, 47,
    49, 49, 50, 50, 52, 52, 55, 55, 56, 56, 59, 59, 61, 61, 62, 62,
    64, 64, 67, 67, 69, 69, 70, 70, 73, 73, 74, 74, 76, 76, 79, 79,
    81, 81, 82, 82, 84, 84, 87, 87, 88, 88, 91, 91, 93, 93, 94, 94,
    97, 97, 98, 98,100,100,103,103,104,104,107,107,109,109,110,110,
   112,112,115,115,117,117,118,118,121,121,122,122,124,124,127,127,
   128,128,131,131,133,133,134,134,137,137,138,138,140,140,143,143,
   145,145,146,146,148,148,151,151,152,152,155,155,157,157,158,158,
   161,161,162,162,164,164,167,167,168,168,171,171,173,173,174,174,
   176,176,179,179,181,181,182,182,185,185,186,186,188,188,191,191,
   193,193,194,194,196,196,199,199,200,200,203,203,205,205,206,206,
   208,208,211,211,213,213,214,214,217,217,218,218,220,220,223,223,
   224,224,227,227,229,229,230,230,233,233,234,234,236,236,239,239,
   241,241,242,242,244,244,247,247,248,248,251,251,253,253,254,254);
       for ($i = 0; $i< length($key); $i++) {
       $r .= chr($odd_parity[ord(substr($key, $i, 1))]);
       }
       return $r;
   }
   
 1;  1;
 __END__  __END__
   
Line 377 
Line 1242 
 It has the standard Palm::PDB methods with 2 additional public methods.  It has the standard Palm::PDB methods with 2 additional public methods.
 Decrypt and Encrypt.  Decrypt and Encrypt.
   
 It currently supports the v4 Keyring databases.  The v5 databases from the pre-release keyring-2.0 are not supported.  It currently supports the v4 Keyring databases.  The v5 databases from
   the pre-release keyring-2.0 are not supported.
   
   This module doesn't store the decrypted content.  It only keeps it until it
   returns it to you or encrypts it.
   
 =head1 SYNOPSIS  =head1 SYNOPSIS
   
         use Palm::PDB;      use Palm::PDB;
         use Palm::Keyring;      use Palm::Keyring;
         my $pdb = new Palm::PDB;  
         $pdb->Load($file);      my $pass = 'password';
         foreach my $rec (@{ $pdb->{'records'} }) {      my $file = 'Keys-Gtkr.pdb';
                 print "$rec->{'plaintext'}->{'name'}\n";      my $pdb  = new Palm::PDB;
         }      $pdb->Load($file);
         $pdb->Decrypt($password);  
         # do something with the decrypted parts      foreach (0..$#{ $pdb->{records} }) {
           next if $_ = 0; # skip the password record
           my $rec  = $pdb->{records}->[$_];
           my $acct = $pdb->Decrypt($rec, $pass);
           print $rec->{name}, ' - ', $acct->{account}, "\n";
       }
   
 =head1 SUBROUTINES/METHODS  =head1 SUBROUTINES/METHODS
   
 =head2 new  =head2 new
   
         $pdb = new Palm::Keyring([$password]);      $pdb = new Palm::Keyring([$password]);
   
 Create a new PDB, initialized with the various Palm::Keyring fields  Create a new PDB, initialized with the various Palm::Keyring fields
 and an empty record list.  and an empty record list.
   
 Use this method if you're creating a Keyring PDB from scratch otherwise you  Use this method if you're creating a Keyring PDB from scratch otherwise you
 can just use Palm::PDB::new().  can just use Palm::PDB::new() before calling Load().
   
 =head2 Load  If you pass in a password, it will initalize the first record with the encrypted
   password.
   
         $pdb->Load($filename[, $password]);  =head2 Encrypt
   
 Overrides the standard Palm::Raw Load() to add      $pdb->Encrypt($rec, $acct[, $password]);
 $rec->{'plaintext'}->{'name'} and  
 $rec->{'encrypted'} fields.  
 $rec->{'plaintext'}->{'name'} holds the name of the record,  
 $rec->{'encrypted'} is the encrypted information in the PDB.  
   
 It also takes an additional optional parameter, which is the password to use to  Encrypts an account into a record, either with the password previously
 decrypt the database.  used, or with a password that is passed.
   
 See Decrypt() for the additional fields that are available after decryption.  $rec is a record from $pdb->{records} or a new_Record().
   $acct is a hashref in the format below.
   
 =head2 Write      my $acct = {
           name       => $rec->{name},
           account    => $account,
           password   => $password,
           notes      => $notes,
           lastchange => {
               year  => 107, # years since 1900
               month =>   0, # 0-11, 0 = January, 11 = December
               day   =>  30, # 1-31, same as localtime
           },
       };
   
         $pdb->Write($filename[, $password]);  If you have changed anything other than the lastchange, or don't pass in a
   lastchange key, Encrypt() will generate a new lastchange date for you.
   
 Just like the Palm::Raw::Write() but encrypts everything before saving.  If you pass in a lastchange field that is different than the one in the
   record, it will honor what you passed in.
   
 Also takes an optional password to encrypt with a new password, not needed  Encrypt() only uses the $acct->{name} if there is not already a $rec->{name}.
 unless you are changing the password.  
   
 =head2 Encrypt  =head2 Decrypt
   
         $pdb->Encrypt([$password]);      my $acct = $pdb->Decrypt($rec[, $password]);
   
 Encrypts the PDB, either with the password used to decrypt or create it, or  Decrypts the record and returns a hashref for the account as described
 optionally with a password that is passed.  under Encrypt().
   
 See Decrypt() for an what plaintext fields are available to be encrypted.      foreach (0..$#{ $pdb->{records}) {
           next if $_ == 0;
           my $rec = $pdb->{records}->[$_];
           my $acct = $pdb->Decrypt($rec[, $password]);
           # do something with $acct
       }
   
 =head2 Decrypt  =head2 Password
   
         $pdb->Decrypt([$password]);      $pdb->Password([$password[, $new_password]]);
   
 Decrypts the PDB and fills out the rest of the fields available in  Either sets the password to be used to crypt, or if you pass $new_password,
 $rec->{'plaintext'}.  changes the password on the database.
   
 The plaintext should now be this, before encryption or after decryption:  If you have created a new $pdb, and you didn't set a password when you
   called new(), you only need to pass one password and it will set that as
   the password.
   
         $rec->{'plaintext'} = {  If nothing is passed, it forgets the password that it was remembering.
                 name        => $name,  
                 account     => $account,  
                 password    => $account_password,  
                 description => $description,  
         };  
   
 =head1 DEPENDENCIES  =head1 DEPENDENCIES
   
Line 462 
Line 1347 
   
 Readonly  Readonly
   
   =head1 THANKS
   
   I would like to thank the helpful Perlmonk shigetsu who gave me some great advice
   and helped me get my first module posted.  L<http://perlmonks.org/?node_id=596998>
   
   I would also like to thank
   Johan Vromans
   E<lt>jvromans@squirrel.nlE<gt> --
   L<http://www.squirrel.nl/people/jvromans>.
   He had his own Palm::KeyRing module that he posted a couple of days before
   mine was ready and he was kind enough to let me have the namespace as well
   as giving me some very helpful hints about doing a few things that I was
   unsure of.  He is really great.
   
 =head1 BUGS AND LIMITATIONS  =head1 BUGS AND LIMITATIONS
   
 Once this module is uploaded, you can  
 Please report any bugs or feature requests to  Please report any bugs or feature requests to
 C<bug-palm-keyring at rt.cpan.org>, or through the web interface at  C<bug-palm-keyring at rt.cpan.org>, or through the web interface at
 L<http://rt.cpan.org>.  I will be notified, and then you'll automatically be  L<http://rt.cpan.org>.  I will be notified, and then you'll automatically be
Line 472 
Line 1370 
   
 =head1 AUTHOR  =head1 AUTHOR
   
 Andrew Fresh E<lt>andrew@mad-techies.orgE<gt>  Andrew Fresh E<lt>andrew@cpan.orgE<gt>
   
 =head1 LICENSE AND COPYRIGHT  =head1 LICENSE AND COPYRIGHT
   
Line 489 
Line 1387 
   
 The Keyring for Palm OS website:  The Keyring for Palm OS website:
 L<http://gnukeyring.sourceforge.net/>  L<http://gnukeyring.sourceforge.net/>
   
   Johan Vromans also has a wxkeyring app that now uses this module, available
   from his website at L<http://www.vromans.org/johan/software/sw_palmkeyring.html>
Legend:
Removed from v.1.15  
changed lines
  Added in v.1.30
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>