palm/Palm-Keyring/lib/Palm/Keyring.pm - diff

Return to Keyring.pm CVS log

Up to [local] / palm / Palm-Keyring / lib / Palm

Diff for /palm/Palm-Keyring/lib/Palm/Keyring.pm between version 1.35 and 1.40

version 1.35, 2007/02/22 04:11:35

version 1.40, 2007/02/23 03:32:46

Line 1

package Palm::Keyring;

# $RedRiver: Keyring.pm,v 1.34 2007/02/21 05:24:14 andrew Exp $

# $RedRiver: Keyring.pm,v 1.39 2007/02/23 03:24:09 andrew Exp $

########################################################################

# Keyring.pm *** Perl class for Keyring for Palm OS databases.

Line 16

use warnings;

use Carp;

$Carp::Verbose = 1;

use base qw/ Palm::StdAppInfo /;

Line 108

Line 107

# Set defaults

if ($self->{version} == 5) {

$self->{options}->{cipher} ||= 0; # 'None'

$self->{options}->{iterations} ||=

my $c = crypts($self->{options}->{cipher})

$CRYPTS[ $self->{options}->{cipher} ]{default_iter};

or croak('Unknown cipher ' . $self->{options}->{cipher});

$self->{options}->{iterations} ||= $c->{default_iter};

$self->{appinfo}->{cipher} ||= $self->{options}->{cipher};

$self->{appinfo}->{iter} ||= $self->{options}->{iterations};

};

if ( defined $options->{password} ) {

Line 133

Line 132

sub crypts

{

my $crypt = shift;

if ($crypt =~ /\D/) {

if (! defined $crypt || ! length $crypt) {

return;

} elsif ($crypt =~ /\D/) {

foreach my $c (@CRYPTS) {

if ($c->{alias} eq $crypt) {

return $c;

Line 167

Line 168

delete $rec->{data};

} elsif ($self->{version} == 5) {

my $blocksize = $CRYPTS[ $self->{appinfo}->{cipher} ]{blocksize};

my $c = crypts( $self->{appinfo}->{cipher} )

or croak('Unknown cipher ' . $self->{appinfo}->{cipher});

my $blocksize = $c->{blocksize};

my ($field, $extra) = _parse_field($rec->{data});

my $ivec = substr $extra, 0, $blocksize;

delete $rec->{data};

my $encrypted = substr $extra, $blocksize;

$rec->{name} = $field->{data};

$rec->{ivec} = $ivec;

$rec->{ivec} = substr $extra, 0, $blocksize;

$rec->{encrypted} = $encrypted;

$rec->{encrypted} = substr $extra, $blocksize;

delete $rec->{data};

} else {

die 'Unsupported Version';

Line 203

Line 204

}

} elsif ($self->{version} == 5) {

my $field = {

my $field;

'label_id' => 1,

if ($rec->{name}) {

'data' => $rec->{name},

$field = {

'font' => 0,

'label_id' => 1,

};

'data' => $rec->{name},

my $packed .= _pack_field($field);

'font' => 0,

};

} else {

$field = {

'label_id' => $EMPTY,

'data' => $EMPTY,

'font' => 0,

};

}

my $packed = _pack_field($field);

$rec->{data} = join '', $packed, $rec->{ivec}, $rec->{encrypted};

Line 482

Line 492

my $key = shift;

my $cipher = shift;

my $ivec = shift;

my $blocksize = $CRYPTS[ $cipher ]{blocksize};

my $c = crypts($cipher) or croak('Unknown cipher ' . $cipher);

my $keylen = $CRYPTS[ $cipher ]{keylen};

my $cipher_name = $CRYPTS[ $cipher ]{name};

if (! defined $ivec) {

$ivec = pack("C*",map {rand(256)} 1..$blocksize);

$ivec = pack("C*",map {rand(256)} 1..$c->{blocksize});

}

my $changed = 0;

Line 495

Line 503

my $date_index;

for (my $i = 0; $i < @{ $new }; $i++) {

if (

(exists $new->[$i]->{label_id} && $new->[$i]->{label_id} == 3) ||

($new->[$i]->{label_id} && $new->[$i]->{label_id} == 3) ||

(exists $new->[$i]->{label} && $new->[$i]->{label} eq 'lastchange')

($new->[$i]->{label} && $new->[$i]->{label} eq 'lastchange')

) {

$date_index = $i;

if ( $old && $#{ $new } == $#{ $old } && (

$new->[$i]->{data}->{day} != $old->[$i]->{data}->{day} ||

$new->[$i]{data}{day} != $old->[$i]{data}{day} ||

$new->[$i]->{data}->{month} != $old->[$i]->{data}->{month} ||

$new->[$i]{data}{month} != $old->[$i]{data}{month} ||

$new->[$i]->{data}->{year} != $old->[$i]->{data}->{year}

$new->[$i]{data}{year} != $old->[$i]{data}{year}

)) {

$changed = 1;

$need_newdate = 0;

last;

}

} elsif ($old && $#{ $new } == $#{ $old }) {

Line 553

Line 560

$decrypted .= _pack_field($field);

}

my $encrypted;

if ($cipher_name eq 'None') {

if ($c->{name} eq 'None') {

# do nothing

$encrypted = $decrypted;

} elsif ($cipher_name eq 'DES_EDE3' or $cipher_name eq 'Rijndael') {

} elsif ($c->{name} eq 'DES_EDE3' or $c->{name} eq 'Rijndael') {

require Crypt::CBC;

my $c = Crypt::CBC->new(

my $cbc = Crypt::CBC->new(

-key => $key,

-literal_key => 1,

-iv => $ivec,

-cipher => $cipher_name,

-cipher => $c->{name},

-keysize => $keylen,

-keysize => $c->{keylen},

-blocksize => $blocksize,

-blocksize => $c->{blocksize},

-header => 'none',

-padding => 'oneandzeroes',

);

Line 574

Line 581

croak("Unable to set up encryption!");

}

$encrypted = $c->encrypt($decrypted);

$encrypted = $cbc->encrypt($decrypted);

} else {

die "Unsupported Version";

Line 665

Line 672

my $cipher = shift;

my $ivec = shift;

my $keylen = $CRYPTS[ $cipher ]{keylen};

my $c = crypts($cipher) or croak('Unknown cipher ' . $cipher);

my $cipher_name = $CRYPTS[ $cipher ]{name};

my $blocksize = $CRYPTS[ $cipher ]{blocksize};

my $decrypted;

if ($cipher_name eq 'None') {

if ($c->{name} eq 'None') {

# do nothing

$decrypted = $encrypted;

} elsif ($cipher_name eq 'DES_EDE3' or $cipher_name eq 'Rijndael') {

} elsif ($c->{name} eq 'DES_EDE3' or $c->{name} eq 'Rijndael') {

require Crypt::CBC;

my $c = Crypt::CBC->new(

my $cbc = Crypt::CBC->new(

-key => $key,

-literal_key => 1,

-iv => $ivec,

-cipher => $cipher_name,

-cipher => $c->{name},

-keysize => $keylen,

-keysize => $c->{keylen},

-blocksize => $blocksize,

-blocksize => $c->{blocksize},

-header => 'none',

-padding => 'oneandzeroes',

);

Line 691

Line 696

if (! $c) {

croak("Unable to set up encryption!");

}

my $len = $blocksize - length($encrypted) % $blocksize;

my $len = $c->{blocksize} - length($encrypted) % $c->{blocksize};

$encrypted .= $NULL x $len;

$decrypted = $c->decrypt($encrypted);

$decrypted = $cbc->decrypt($encrypted);

} else {

die "Unsupported Version";

Line 835

Line 840

my $salt = pack("H*", $appinfo->{salt});

my $c = crypts($appinfo->{cipher})

or croak('Unknown cipher ' . $appinfo->{cipher});

my ($key, $hash) = _calc_key_v5(

$pass, $salt, $appinfo->{iter},

$CRYPTS[ $appinfo->{cipher} ]{keylen},

$c->{keylen},

$CRYPTS[ $appinfo->{cipher} ]{DES_odd_parity},

$c->{DES_odd_parity},

);

#print "Iter: '" . $appinfo->{iter} . "'\n";

Line 941

Line 948

my $length = 8;

my $salt = shift || pack("C*",map {rand(256)} 1..$length);

my $c = crypts($cipher) or croak('Unknown cipher ' . $cipher);

my ($key, $hash) = _calc_key_v5(

$pass, $salt, $iter,

$CRYPTS[ $cipher ]->{keylen},

$c->{keylen},

$CRYPTS[ $cipher ]->{DES_odd_parity},

$c->{DES_odd_parity},

);

$appinfo->{salt} = unpack "H*", $salt;

$appinfo->{iter} = $iter;

$appinfo->{cipher} = $cipher;

$appinfo->{key} = $key;

$appinfo->{masterhash} = $hash;

$appinfo->{key} = $key;

return $key;

}

Line 1077

Line 1084

my ($label, $font, $data) = unpack $unpackstr, $field;

my $leftover = substr $field, $offset;

if ($label == 3) {

if ($label && $label == 3) {

$data = _parse_keyring_date($data);

}

return {

Line 1101

Line 1108

notes => 255,

);

my $label = $field->{label_id} || $labels{ $field->{label} };

my $packed;

my $font = $field->{font} || 0;

if (defined $field) {

my $data = $field->{data} || '';

my $label = $field->{label_id} || 0;

if (defined $field->{label} && ! $label) {

$label = $labels{ $field->{label} };

}

my $font = $field->{font} || 0;

my $data = defined $field->{data} ? $field->{data} : $EMPTY;

if ($label == 3) {

if ($label && $label == 3) {

$data = _pack_keyring_date($data);

}

my $len = length $data;

my $packstr = "n1 C1 C1 A*";

my $packed = pack $packstr, ($len, $label, $font, $data);

$packed = pack $packstr, ($len, $label, $font, $data);

if ($len % 2) {

# add byte padding for next even address.

$packed .= $NULL;

}

} else {

my $packstr = "n1 C1 C1 x1";

$packed = pack $packstr, 0, 0, 0;

}

return $packed;

Line 1267

Line 1283

It has the standard Palm::PDB methods with 2 additional public methods.

Decrypt and Encrypt.

It currently supports the v4 Keyring databases.

It currently supports the v4 Keyring databases as well as

The pre-release v5 databases are mostly supported. There are definitely some

the pre-release v5 databases. I am not completely happy with the interface

bugs, For example, t/keyring5.t sometimes fails. I am not sure why yet.

for accessing v5 databases, so any suggestions on improvements on

the interface are appreciated.

This module doesn't store the decrypted content. It only keeps it until it

returns it to you or encrypts it.

Line 1289

Line 1306

next if $_ == 0 && $pdb->{version} == 4;

my $rec = $pdb->{records}->[$_];

my $acct = $pdb->Decrypt($rec, $pass);

print $rec->{name}, ' - ', $acct->{account}, "\n";

print $rec->{name}, ' - ';

if ($pdb->{version} == 4 || $pdb->{options}->{v4compatible}) {

print ' - ', $acct->{account};

} else {

foreach my $a (@{ $acct }) {

if ($a->{label} eq 'account') {

print ' - ', $a->{data};

last;

}

print "\n";

}

=head1 SUBROUTINES/METHODS

Line 1312

Line 1340

$pdb = new Palm::Keyring({ key1 => value1, key2 => value2 });

$pdb = new Palm::Keyring( -key1 => value1, -key2 => value2);

=head3 Supported options are:

=over

=item Supported options

=over

=item password

Line 1331

Line 1361

=item cipher

The cipher to use. 0, 1, 2 or 3.

The cipher to use. Either the number or the name.

0 => None

1 => DES_EDE3

Line 1342

Line 1372

The number of iterations to encrypt with.

=item options

A hashref of the options that are set

=back

For v5 databases there are some additional appinfo fields set.

These are set either on new() or Load().

$pdb->{appinfo} = {

# normal appinfo stuff described in L<Palm::StdAppInfo>

cipher => The index number of the cipher being used

iter => Number of iterations for the cipher

};

=head2 crypt

Pass in the alias of the crypt to use, or the index.

These only make sense for v5 databases.

This is a function, not a method.

$cipher can be 0, 1, 2, 3, None, DES_EDE3, AES128 or AES256.

my $c = Palm::Keyring::crypt($cipher);

$c is now:

Line 1362

Line 1411

default_iter => <default iterations for the cipher>,

};

=head2 Encrypt

$pdb->Encrypt($rec, $acct[, $password[, $ivec]]);

Line 1418

Line 1466

The account name is stored in $rec->{name} for both v4 and v5 databases.

It is not returned in the decrypted information for v5.

$rec->{name} = 'account name';

Line 1437

Line 1485

Decrypts the record and returns a reference for the account as described

under Encrypt().

foreach (0..$#{ $pdb->{records}) {

foreach (0..$#{ $pdb->{records} }) {

next if $_ == 0 && $pdb->{version} == 4;

my $rec = $pdb->{records}->[$_];

my $acct = $pdb->Decrypt($rec);

Line 1457

Line 1505

the password.

If nothing is passed, it forgets the password that it was remembering.

After a successful password verification the following fields are set

For v4

$pdb->{digest} = the calculated digest used from the key;

$pdb->{password} = the password that was passed in;

For v5

$pdb->{appinfo} = {

# As described under new() with these additional fields

cipher => The index number of the cipher being used

iter => Number of iterations for the cipher

key => The key that is calculated from the password

and salt and is used to decrypt the records.

masterhash => the hash of the key that is stored in the

database. Either set when Loading the database

or when setting a new password.

salt => the salt that is either read out of the database

or calculated when setting a new password.

};

=head1 DEPENDENCIES

FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>