=================================================================== RCS file: /cvs/palm/Palm-Keyring/lib/Palm/Keyring.pm,v retrieving revision 1.48 retrieving revision 1.52 diff -u -r1.48 -r1.52 --- palm/Palm-Keyring/lib/Palm/Keyring.pm 2007/09/12 03:44:36 1.48 +++ palm/Palm-Keyring/lib/Palm/Keyring.pm 2007/12/04 03:33:34 1.52 @@ -1,5 +1,5 @@ package Palm::Keyring; -# $RedRiver: Keyring.pm,v 1.47 2007/09/12 00:30:10 andrew Exp $ +# $RedRiver: Keyring.pm,v 1.51 2007/09/13 15:46:09 andrew Exp $ ######################################################################## # Keyring.pm *** Perl class for Keyring for Palm OS databases. # @@ -83,7 +83,7 @@ ); -our $VERSION = '0.96_01'; +our $VERSION = '0.96_06'; sub new { @@ -631,8 +631,10 @@ my $plaintext; foreach my $k (keys %{ $new }) { + next if $new->{$k}->{label_id} == 0; $plaintext .= _pack_field($new->{$k}); } + #$plaintext .= chr(0xff) x 2; my $encrypted; if ($c->{name} eq 'None') { @@ -1391,17 +1393,12 @@ parses Keyring for Palm OS databases. See L. -It has the standard Palm::PDB methods with 2 additional public methods. -Decrypt and Encrypt. +It has the standard Palm::PDB methods with 4 additional public methods. +Unlock, Lock, Decrypt and Encrypt. It currently supports the v4 Keyring databases as well as -the pre-release v5 databases. I am not completely happy with the interface -for accessing v5 databases, so any suggestions on improvements on -the interface are appreciated. +the pre-release v5 databases. -This module doesn't store the plaintext content. It only keeps it until it -returns it to you or encrypts it. - =head1 SYNOPSIS use Palm::PDB; @@ -1412,10 +1409,12 @@ my $pdb = new Palm::PDB; $pdb->Load($file); + $pdb->Unlock($pass); foreach my $rec (@{ $pdb->{records} }) { - my $plaintext = $pdb->Decrypt($rec, $pass); - print $plaintext->{0}->{data}, ' - ', $plaintext->{1}->{data}, "\n"; + print $rec->{plaintext}->{0}->{data}, ' - ', + $rec->{plaintext}->{1}->{data}, "\n"; } + $pdb->Lock(); =head1 SUBROUTINES/METHODS @@ -1429,7 +1428,7 @@ Use this method if you're creating a Keyring PDB from scratch otherwise you can just use Palm::PDB::new() before calling Load(). -If you pass in a password, it will initalize the first record with the encrypted +If you pass in a password, it will initalize the database with the encrypted password. new() now also takes options in other formats @@ -1453,7 +1452,7 @@ =item cipher -The cipher to use. Either the number or the name. +The cipher to use. Either the number or the name. Only used by v5 datbases. 0 => None 1 => DES_EDE3 @@ -1462,12 +1461,8 @@ =item iterations -The number of iterations to encrypt with. +The number of iterations to encrypt with. Only used by somy crypts in v5 databases. -=item options - -A hashref of the options that are set - =back =back @@ -1507,7 +1502,9 @@ =head2 labels -Pass in the id or the name of the label; +Pass in the id or the name of the label. The label id is used as a key +to the different parts of the records. +See Encrypt() for details on where the label is used. This is a function, not a method. @@ -1531,6 +1528,11 @@ =head2 Encrypt +=head3 B The order of the arguments to Encrypt has +changed. $password and $plaintext used to be swapped. They changed +because you can now set $rec->{plaintext} and not pass in $plaintext so +$password is more important. + $pdb->Encrypt($rec[, $password[, $plaintext[, $ivec]]]); Encrypts an account into a record, either with the password previously @@ -1565,7 +1567,11 @@ label => 'lastchange', label_id => 3, font => 0, - data => $lastchange, + data => { + year => $year, # usually the year - 1900 + mon => $mon, # range 0-11 + day => $day, # range 1-31 + }, }, 255 => { label => 'notes', @@ -1575,8 +1581,8 @@ }, }; -The account name is also stored in $rec->{plaintext}->{0}->{data} for both v4 -and v5 databases. +The account name is stored in $rec->{plaintext}->{0}->{data} for both v4 +and v5 databases even when the record has not been Decrypt()ed. $rec->{plaintext}->{0} => { label => 'name', @@ -1600,9 +1606,9 @@ my $plaintext = $pdb->Decrypt($rec[, $password]); Decrypts the record and returns a reference for the plaintext account as -described under L. +described under Encrypt(). Also sets $rec->{plaintext} with the same information as $plaintext as -described in L. +described in Encrypt(). foreach my $rec (@{ $pdb->{records} }) { my $plaintext = $pdb->Decrypt($rec); @@ -1668,7 +1674,7 @@ Unsets $rec->{plaintext} for all records and unsets the saved password. -This does NOT L any of the records before clearing them, so if +This does NOT Encrypt() any of the records before clearing them, so if you are not careful you will lose information. B This only does "delete $rec->{plaintext}" and the same for the @@ -1774,15 +1780,17 @@ I am not sure I am 'require module' the best way, but I don't want to depend on modules that you don't need to use. -I am not very happy with the data structures used by Encrypt() and -Decrypt() for v5 databases, but I am not sure of a better way. - The date validation for packing new dates is very poor. I have not gone through and standardized on how the module fails. Some things fail with croak, some return undef, some may even fail silently. -Nothing initializes a lasterr method or anything like that. I need -to fix all that before it is a 1.0 candidate. +Nothing initializes a lasterr method or anything like that. + +This module does not do anything special with the plaintext data. It SHOULD +treat it somehow special so that it can't be found in RAM or in a swap file +anywhere. I don't have a clue how to do this. + +I need to fix all this before it is a 1.0 candidate. Please report any bugs or feature requests to C, or through the web interface at