[BACK]Return to Keyring.pm CVS log [TXT][DIR] Up to [local] / palm / Palm-Keyring / lib / Palm

Diff for /palm/Palm-Keyring/lib/Palm/Keyring.pm between version 1.48 and 1.58

version 1.48, 2007/09/12 03:44:36 version 1.58, 2008/09/19 03:50:05
Line 1 
Line 1 
 package Palm::Keyring;  package Palm::Keyring;
 # $RedRiver: Keyring.pm,v 1.47 2007/09/12 00:30:10 andrew Exp $  # $RedRiver: Keyring.pm,v 1.57 2008/09/19 02:04:34 andrew Exp $
 ########################################################################  ########################################################################
 # Keyring.pm *** Perl class for Keyring for Palm OS databases.  # Keyring.pm *** Perl class for Keyring for Palm OS databases.
 #  #
Line 15 
Line 15 
 use strict;  use strict;
 use warnings;  use warnings;
   
   require 5.006_001;
   
 use Carp;  use Carp;
   
 use base qw/ Palm::StdAppInfo /;  use base qw/ Palm::StdAppInfo /;
Line 83 
Line 85 
 );  );
   
   
 our $VERSION = '0.96_01';  our $VERSION = '0.96_07';
   
 sub new  sub new
 {  {
Line 108 
Line 110 
         else {          else {
             $options->{password} = shift;              $options->{password} = shift;
             $options->{version}  = shift;              $options->{version}  = shift;
               $options->{cipher}   = shift;
         }          }
     }      }
   
Line 139 
Line 142 
         $self->{appinfo}->{iter}   ||= $self->{options}->{iterations};          $self->{appinfo}->{iter}   ||= $self->{options}->{iterations};
     };      };
   
       if ( defined $options->{file} ) {
           $self->Load($options->{file});
       }
   
     if ( defined $options->{password} ) {      if ( defined $options->{password} ) {
         $self->Password($options->{password});          $self->Password($options->{password});
     }      }
Line 217 
Line 224 
         }          }
     }      }
   
     my $rc = $self->SUPER::Write(@_);      my @rc = $self->SUPER::Write(@_);
   
     if ($self->{version} == 4) {      if ($self->{version} == 4) {
         shift @{ $self->{records} };          shift @{ $self->{records} };
     }      }
   
     return $rc;      return @rc;
 }  }
   
 # ParseRecord  # ParseRecord
Line 233 
Line 240 
     my $self     = shift;      my $self     = shift;
   
     my $rec = $self->SUPER::ParseRecord(@_);      my $rec = $self->SUPER::ParseRecord(@_);
     return $rec if ! exists $rec->{data};      return $rec if !(defined $rec->{data} && length $rec->{data} );
   
     if ($self->{version} == 4) {      if ($self->{version} == 4) {
         # skip the first record because it contains the password.          # skip the first record because it contains the password.
Line 241 
Line 248 
             $self->{encpassword} = $rec->{data};              $self->{encpassword} = $rec->{data};
             return '__DELETE_ME__';              return '__DELETE_ME__';
         }          }
   
         if ($self->{records}->[0] eq '__DELETE_ME__') {          if ($self->{records}->[0] eq '__DELETE_ME__') {
             shift @{ $self->{records} };              shift @{ $self->{records} };
         }          }
Line 270 
Line 277 
         $rec->{encrypted} = substr $extra, $blocksize;          $rec->{encrypted} = substr $extra, $blocksize;
   
     } else {      } else {
           # XXX Can never get here to test, ParseAppInfoBlock is always run
           # XXX first by Load().
         croak "Unsupported Version $self->{version}";          croak "Unsupported Version $self->{version}";
         return;  
     }      }
   
     return $rec;      return $rec;
Line 288 
Line 296 
         if ($rec->{encrypted}) {          if ($rec->{encrypted}) {
             my $name = $rec->{plaintext}->{0}->{data} || $EMPTY;              my $name = $rec->{plaintext}->{0}->{data} || $EMPTY;
             $rec->{data} = join $NULL, $name, $rec->{encrypted};              $rec->{data} = join $NULL, $name, $rec->{encrypted};
             delete $rec->{plaintext};  
             delete $rec->{encrypted};  
         }          }
   
     } elsif ($self->{version} == 5) {      } elsif ($self->{version} == 5) {
           croak 'No encrypted data in record' if !defined $rec->{encrypted};
           croak 'No ivec!' if !$rec->{ivec};
   
         my $field;          my $field;
         if ($rec->{plaintext}->{0}) {          if ($rec->{plaintext}->{0}) {
             $field = $rec->{plaintext}->{0};              $field = $rec->{plaintext}->{0};
Line 311 
Line 320 
     } else {      } else {
         croak "Unsupported Version $self->{version}";          croak "Unsupported Version $self->{version}";
     }      }
       # XXX Should I?
       delete $rec->{plaintext};
       delete $rec->{encrypted};
   
       croak 'No data in record to pack' if !$rec->{data};
   
     return $self->SUPER::PackRecord($rec, @_);      return $self->SUPER::PackRecord($rec, @_);
 }  }
   
Line 631 
Line 645 
   
     my $plaintext;      my $plaintext;
     foreach my $k (keys %{ $new }) {      foreach my $k (keys %{ $new }) {
           next if $new->{$k}->{label_id} == 0;
         $plaintext .= _pack_field($new->{$k});          $plaintext .= _pack_field($new->{$k});
     }      }
       $plaintext .= chr(0xff) x 2;
   
     my $encrypted;      my $encrypted;
     if ($c->{name} eq 'None') {      if ($c->{name} eq 'None') {
Line 1176 
Line 1192 
   
     my ($len) = unpack "n", $field;      my ($len) = unpack "n", $field;
     if ($len + 4 > length $field) {      if ($len + 4 > length $field) {
         return undef, $field;          return (undef, $field);
     }      }
     my $unpackstr = "x2 C1 C1 A$len";      my $unpackstr = "x2 C1 C1 A$len";
     my $offset    =   2 +1 +1 +$len;      my $offset    =   2 +1 +1 +$len;
Line 1285 
Line 1301 
     my $maxlines = shift; # Max # of lines to dump      my $maxlines = shift; # Max # of lines to dump
     my $offset;           # Offset of current chunk      my $offset;           # Offset of current chunk
   
       my @lines;
   
     for ($offset = 0; $offset < length($data); $offset += 16)      for ($offset = 0; $offset < length($data); $offset += 16)
     {      {
         my $hex;   # Hex values of the data          my $hex;   # Hex values of the data
Line 1299 
Line 1317 
   
         ($ascii = $chunk) =~ y/\040-\176/./c;          ($ascii = $chunk) =~ y/\040-\176/./c;
   
         printf "%s %-48s|%-16s|\n", $prefix, $hex, $ascii;          push @lines, sprintf "%s %-48s|%-16s|\n", $prefix, $hex, $ascii;
     }      }
       return wantarray ? @lines : \@lines;
 }  }
   
 sub _bindump  sub _bindump
Line 1310 
Line 1329 
     my $maxlines = shift; # Max # of lines to dump      my $maxlines = shift; # Max # of lines to dump
     my $offset;           # Offset of current chunk      my $offset;           # Offset of current chunk
   
       my @lines;
   
     for ($offset = 0; $offset < length($data); $offset += 8)      for ($offset = 0; $offset < length($data); $offset += 8)
     {      {
         my $bin;   # binary values of the data          my $bin;   # binary values of the data
Line 1324 
Line 1345 
   
         ($ascii = $chunk) =~ y/\040-\176/./c;          ($ascii = $chunk) =~ y/\040-\176/./c;
   
         printf "%s %-72s|%-8s|\n", $prefix, $bin, $ascii;          push @lines, sprintf "%s %-72s|%-8s|\n", $prefix, $bin, $ascii;
     }      }
       return wantarray ? @lines : \@lines;
 }  }
   
 # Thanks to Jochen Hoenicke <hoenicke@gmail.com>  # Thanks to Jochen Hoenicke <hoenicke@gmail.com>
Line 1337 
Line 1359 
 # keylen is length of generated key in bytes  # keylen is length of generated key in bytes
 # prf is the pseudo random function (e.g. hmac_sha1)  # prf is the pseudo random function (e.g. hmac_sha1)
 # returns the key.  # returns the key.
 sub _pbkdf2($$$$$)  sub _pbkdf2
 {  {
     my ($password, $salt, $iter, $keylen, $prf) = @_;      my ($password, $salt, $iter, $keylen, $prf) = @_;
     my ($k, $t, $u, $ui, $i);      my ($k, $t, $u, $ui, $i);
Line 1353 
Line 1375 
     return substr($t, 0, $keylen);      return substr($t, 0, $keylen);
 }  }
   
 sub _DES_odd_parity($) {  sub _DES_odd_parity {
     my $key = $_[0];      my $key = $_[0];
     my ($r, $i);      my ($r, $i);
     my @odd_parity = (      my @odd_parity = (
Line 1391 
Line 1413 
 parses Keyring for Palm OS databases.  See  parses Keyring for Palm OS databases.  See
 L<http://gnukeyring.sourceforge.net/>.  L<http://gnukeyring.sourceforge.net/>.
   
 It has the standard Palm::PDB methods with 2 additional public methods.  It has the standard Palm::PDB methods with 4 additional public methods.
 Decrypt and Encrypt.  Unlock, Lock, Decrypt and Encrypt.
   
 It currently supports the v4 Keyring databases as well as  It currently supports the v4 Keyring databases as well as
 the pre-release v5 databases.  I am not completely happy with the interface  the pre-release v5 databases.
 for accessing v5 databases, so any suggestions on improvements on  
 the interface are appreciated.  
   
 This module doesn't store the plaintext content.  It only keeps it until it  
 returns it to you or encrypts it.  
   
 =head1 SYNOPSIS  =head1 SYNOPSIS
   
     use Palm::PDB;      use Palm::PDB;
Line 1412 
Line 1429 
     my $pdb  = new Palm::PDB;      my $pdb  = new Palm::PDB;
     $pdb->Load($file);      $pdb->Load($file);
   
       $pdb->Unlock($pass);
     foreach my $rec (@{ $pdb->{records} }) {      foreach my $rec (@{ $pdb->{records} }) {
         my $plaintext = $pdb->Decrypt($rec, $pass);          print $rec->{plaintext}->{0}->{data}, ' - ',
         print $plaintext->{0}->{data}, ' - ', $plaintext->{1}->{data}, "\n";                $rec->{plaintext}->{1}->{data}, "\n";
     }      }
       $pdb->Lock();
   
 =head1 SUBROUTINES/METHODS  =head1 SUBROUTINES/METHODS
   
 =head2 new  =head2 new
   
     $pdb = new Palm::Keyring([$password[, $version]]);      $pdb = new Palm::Keyring([$password[, $version[, $cipher]]]);
   
 Create a new PDB, initialized with the various Palm::Keyring fields  Create a new PDB, initialized with the various Palm::Keyring fields
 and an empty record list.  and an empty record list.
Line 1429 
Line 1448 
 Use this method if you're creating a Keyring PDB from scratch otherwise you  Use this method if you're creating a Keyring PDB from scratch otherwise you
 can just use Palm::PDB::new() before calling Load().  can just use Palm::PDB::new() before calling Load().
   
 If you pass in a password, it will initalize the first record with the encrypted  If you pass in a password, it will initalize the database with the encrypted
 password.  password.
   
 new() now also takes options in other formats  new() now also takes options in other formats
Line 1453 
Line 1472 
   
 =item cipher  =item cipher
   
 The cipher to use.  Either the number or the name.  The cipher to use.  Either the number or the name.  Only used by v5 datbases.
   
     0 => None      0 => None
     1 => DES_EDE3      1 => DES_EDE3
Line 1462 
Line 1481 
   
 =item iterations  =item iterations
   
 The number of iterations to encrypt with.  The number of iterations to encrypt with.  Only used by somy crypts in v5 databases.
   
 =item options  =item file
   
 A hashref of the options that are set  The name of a file to Load().  This will override many of the other options.
   
 =back  =back
   
Line 1507 
Line 1526 
   
 =head2 labels  =head2 labels
   
 Pass in the id or the name of the label;  Pass in the id or the name of the label.  The label id is used as a key
   to the different parts of the records.
   See Encrypt() for details on where the label is used.
   
 This is a function, not a method.  This is a function, not a method.
   
Line 1531 
Line 1552 
   
 =head2 Encrypt  =head2 Encrypt
   
   =head3 B<!!! IMPORTANT !!!>  The order of the arguments to Encrypt has
   changed.  $password and $plaintext used to be swapped.  They changed
   because you can now set $rec->{plaintext} and not pass in $plaintext so
   $password is more important.
   
     $pdb->Encrypt($rec[, $password[, $plaintext[, $ivec]]]);      $pdb->Encrypt($rec[, $password[, $plaintext[, $ivec]]]);
   
 Encrypts an account into a record, either with the password previously  Encrypts an account into a record, either with the password previously
Line 1565 
Line 1591 
             label    => 'lastchange',              label    => 'lastchange',
             label_id => 3,              label_id => 3,
             font     => 0,              font     => 0,
             data     => $lastchange,              data     => {
                   year => $year, # usually the year - 1900
                   mon  => $mon,  # range 0-11
                   day  => $day,  # range 1-31
               },
         },          },
         255 => {          255 => {
             label    => 'notes',              label    => 'notes',
Line 1575 
Line 1605 
         },          },
     };      };
   
 The account name is also stored in $rec->{plaintext}->{0}->{data} for both v4  The account name is stored in $rec->{plaintext}->{0}->{data} for both v4
 and v5 databases.  and v5 databases even when the record has not been Decrypt()ed.
   
     $rec->{plaintext}->{0} => {      $rec->{plaintext}->{0} => {
         label    => 'name',          label    => 'name',
Line 1600 
Line 1630 
     my $plaintext = $pdb->Decrypt($rec[, $password]);      my $plaintext = $pdb->Decrypt($rec[, $password]);
   
 Decrypts the record and returns a reference for the plaintext account as  Decrypts the record and returns a reference for the plaintext account as
 described under L<Encrypt>.  described under Encrypt().
 Also sets $rec->{plaintext} with the same information as $plaintext as  Also sets $rec->{plaintext} with the same information as $plaintext as
 described in L<Encrypt>.  described in Encrypt().
   
     foreach my $rec (@{ $pdb->{records} }) {      foreach my $rec (@{ $pdb->{records} }) {
         my $plaintext = $pdb->Decrypt($rec);          my $plaintext = $pdb->Decrypt($rec);
Line 1668 
Line 1698 
   
 Unsets $rec->{plaintext} for all records and unsets the saved password.  Unsets $rec->{plaintext} for all records and unsets the saved password.
   
 This does NOT L<Encrypt> any of the records before clearing them, so if  This does NOT Encrypt() any of the records before clearing them, so if
 you are not careful you will lose information.  you are not careful you will lose information.
   
 B<CAVEAT!> This only does "delete $rec->{plaintext}" and the same for the  B<CAVEAT!> This only does "delete $rec->{plaintext}" and the same for the
Line 1774 
Line 1804 
 I am not sure I am 'require module' the best way, but I don't want to  I am not sure I am 'require module' the best way, but I don't want to
 depend on modules that you don't need to use.  depend on modules that you don't need to use.
   
 I am not very happy with the data structures used by Encrypt() and  
 Decrypt() for v5 databases, but I am not sure of a better way.  
   
 The date validation for packing new dates is very poor.  The date validation for packing new dates is very poor.
   
 I have not gone through and standardized on how the module fails.  Some  I have not gone through and standardized on how the module fails.  Some
 things fail with croak, some return undef, some may even fail silently.  things fail with croak, some return undef, some may even fail silently.
 Nothing initializes a lasterr method or anything like that.  I need  Nothing initializes a lasterr method or anything like that.
 to fix all that before it is a 1.0 candidate.  
   This module does not do anything special with the plaintext data.  It SHOULD
   treat it somehow special so that it can't be found in RAM or in a swap file
   anywhere.  I don't have a clue how to do this.
   
   I need to fix all this before it is a 1.0 candidate.
   
 Please report any bugs or feature requests to  Please report any bugs or feature requests to
 C<bug-palm-keyring at rt.cpan.org>, or through the web interface at  C<bug-palm-keyring at rt.cpan.org>, or through the web interface at
Legend:
Removed from v.1.48  
changed lines
  Added in v.1.58
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>