The Tor Browser / file revision

security/manager/pki/resources/content/password.js@b8a032363ba2

security/manager/pki/resources/content/password.js

Thu, 22 Jan 2015 13:21:57 +0100

author
Michael Schloh von Bennewitz <michael@schloh.com>
date
Thu, 22 Jan 2015 13:21:57 +0100
branch
TOR_BUG_9701
changeset 15
b8a032363ba2
permissions
-rw-r--r--

Incorporate requested changes from Mozilla in review:
https://bugzilla.mozilla.org/show_bug.cgi?id=1123480#c6

     1 /* This Source Code Form is subject to the terms of the Mozilla Public

     2  * License, v. 2.0. If a copy of the MPL was not distributed with this

     3  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */

     4 const nsPK11TokenDB = "@mozilla.org/security/pk11tokendb;1";

     5 const nsIPK11TokenDB = Components.interfaces.nsIPK11TokenDB;

     6 const nsIDialogParamBlock = Components.interfaces.nsIDialogParamBlock;

     7 const nsPKCS11ModuleDB = "@mozilla.org/security/pkcs11moduledb;1";

     8 const nsIPKCS11ModuleDB = Components.interfaces.nsIPKCS11ModuleDB;

     9 const nsIPKCS11Slot = Components.interfaces.nsIPKCS11Slot;

    10 const nsIPK11Token = Components.interfaces.nsIPK11Token;

    11 

    12 var params;

    13 var tokenName="";

    14 var pw1;

    15 

    16 function doPrompt(msg)

    17 {

    18   let prompts = Components.classes["@mozilla.org/embedcomp/prompt-service;1"].

    19     getService(Components.interfaces.nsIPromptService);

    20   prompts.alert(window, null, msg);

    21 }

    22 

    23 function onLoad()

    24 {

    25   document.documentElement.getButton("accept").disabled = true;

    26 

    27   pw1 = document.getElementById("pw1");

    28   try {

    29      params = window.arguments[0].QueryInterface(nsIDialogParamBlock);

    30      tokenName = params.GetString(1);

    31   } catch(exception) {

    32       // this should not happen.

    33       // previously we had self.name, but self.name was a bad idea

    34       // as window name must be a subset of ascii, and the code was

    35       // previously trying to assign unicode to the window's name.

    36       // I checked all the places where we get a password prompt and

    37       // all of them pass an argument as part of this patch.

    38       tokenName="";

    39   }

    40       

    41 

    42   if(tokenName=="") {

    43      var sectokdb = Components.classes[nsPK11TokenDB].getService(nsIPK11TokenDB);

    44      var tokenList = sectokdb.listTokens();

    45      var enumElement;

    46      var i=0;

    47      var menu = document.getElementById("tokenMenu");

    48      try {

    49         for ( ; !tokenList.isDone(); tokenList.next()) {

    50            enumElement = tokenList.currentItem();

    51            var token = enumElement.QueryInterface(nsIPK11Token);

    52            if(token.needsLogin() || !(token.needsUserInit)) {

    53               var menuItemNode = document.createElement("menuitem");

    54               menuItemNode.setAttribute("value", token.tokenName);

    55               menuItemNode.setAttribute("label", token.tokenName);

    56               menu.firstChild.appendChild(menuItemNode);

    57               if (i == 0) {

    58                  menu.selectedItem = menuItemNode;

    59                  tokenName = token.tokenName;

    60               }

    61               i++;

    62            }

    63         }

    64      }catch(exception){}

    65   } else {

    66     var sel = document.getElementById("tokenMenu");

    67     sel.setAttribute("hidden", "true");

    68     var tag = document.getElementById("tokenName");

    69     tag.setAttribute("value",tokenName);

    70   }

    71 	 	 

    72   process();

    73 }

    74 

    75 function onMenuChange()

    76 {

    77    //get the selected token

    78    var list = document.getElementById("tokenMenu");

    79    tokenName = list.value;

    80 

    81    process();

    82 }

    83 

    84 

    85 function process()

    86 {

    87    var secmoddb = Components.classes[nsPKCS11ModuleDB].getService(nsIPKCS11ModuleDB);

    88    var bundle = document.getElementById("pippki_bundle");

    89 

    90    // If the token is unitialized, don't use the old password box.

    91    // Otherwise, do.

    92 

    93    var slot = secmoddb.findSlotByName(tokenName);

    94    if (slot) {

    95      var oldpwbox = document.getElementById("oldpw");

    96      var msgBox = document.getElementById("message");

    97      var status = slot.status;

    98      if (status == nsIPKCS11Slot.SLOT_UNINITIALIZED

    99          || status == nsIPKCS11Slot.SLOT_READY) {

   100       

   101        oldpwbox.setAttribute("hidden", "true");

   102        msgBox.setAttribute("value", bundle.getString("password_not_set"));

   103        msgBox.setAttribute("hidden", "false");

   104 

   105        if (status == nsIPKCS11Slot.SLOT_READY) {

   106          oldpwbox.setAttribute("inited", "empty");

   107        } else {

   108          oldpwbox.setAttribute("inited", "true");

   109        }

   110       

   111        // Select first password field

   112        document.getElementById('pw1').focus();

   113     

   114      } else {

   115        // Select old password field

   116        oldpwbox.setAttribute("hidden", "false");

   117        msgBox.setAttribute("hidden", "true");

   118        oldpwbox.setAttribute("inited", "false");

   119        oldpwbox.focus();

   120      }

   121    }

   122 

   123   if (params) {

   124     // Return value 0 means "canceled"

   125     params.SetInt(1, 0);

   126   }

   127   

   128   checkPasswords();

   129 }

   130 

   131 function onP12Load(disableOkButton)

   132 {

   133   document.documentElement.getButton("accept").disabled = disableOkButton;

   134   pw1 = document.getElementById("pw1");

   135   params = window.arguments[0].QueryInterface(nsIDialogParamBlock);

   136   // Select first password field

   137   document.getElementById('pw1').focus();

   138 }

   139 

   140 function setPassword()

   141 {

   142   var pk11db = Components.classes[nsPK11TokenDB].getService(nsIPK11TokenDB);

   143   var token = pk11db.findTokenByName(tokenName);

   144 

   145   var oldpwbox = document.getElementById("oldpw");

   146   var initpw = oldpwbox.getAttribute("inited");

   147   var bundle = document.getElementById("pippki_bundle");

   148 

   149   var success = false;

   150   

   151   if (initpw == "false" || initpw == "empty") {

   152     try {

   153       var oldpw = "";

   154       var passok = 0;

   155       

   156       if (initpw == "empty") {

   157         passok = 1;

   158       } else {

   159         oldpw = oldpwbox.value;

   160         passok = token.checkPassword(oldpw);

   161       }

   162       

   163       if (passok) {

   164         if (initpw == "empty" && pw1.value == "") {

   165           // This makes no sense that we arrive here, 

   166           // we reached a case that should have been prevented by checkPasswords.

   167         } else {

   168           if (pw1.value == "") {

   169             var secmoddb = Components.classes[nsPKCS11ModuleDB].getService(nsIPKCS11ModuleDB);

   170             if (secmoddb.isFIPSEnabled) {

   171               // empty passwords are not allowed in FIPS mode

   172               doPrompt(bundle.getString("pw_change2empty_in_fips_mode"));

   173               passok = 0;

   174             }

   175           }

   176           if (passok) {

   177             token.changePassword(oldpw, pw1.value);

   178             if (pw1.value == "") {

   179               doPrompt(bundle.getString("pw_erased_ok")

   180                     + " "

   181                     + bundle.getString("pw_empty_warning"));

   182             } else {

   183               doPrompt(bundle.getString("pw_change_ok"));

   184             }

   185             success = true;

   186           }

   187         }

   188       } else {

   189         oldpwbox.focus();

   190         oldpwbox.setAttribute("value", "");

   191         doPrompt(bundle.getString("incorrect_pw"));

   192       }

   193     } catch (e) {

   194       doPrompt(bundle.getString("failed_pw_change"));

   195     }

   196   } else {

   197     token.initPassword(pw1.value);

   198     if (pw1.value == "") {

   199       doPrompt(bundle.getString("pw_not_wanted")

   200             + " " 

   201             + bundle.getString("pw_empty_warning"));

   202     }

   203     success = true;

   204   }

   205 

   206   if (success && params)

   207     // Return value 1 means "successfully executed ok"

   208     params.SetInt(1, 1);

   209 

   210   // Terminate dialog

   211   return success;

   212 }

   213 

   214 function getPassword()

   215 {

   216   // grab what was entered

   217   params.SetString(2, pw1.value);

   218   // Return value

   219   params.SetInt(1, 1);

   220   // Terminate dialog

   221   return true;

   222 }

   223 

   224 function setP12Password()

   225 {

   226   // grab what was entered

   227   params.SetString(2, pw1.value);

   228   // Return value

   229   params.SetInt(1, 1);

   230   // Terminate dialog

   231   return true;

   232 }

   233 

   234 function setPasswordStrength()

   235 {

   236 // Here is how we weigh the quality of the password

   237 // number of characters

   238 // numbers

   239 // non-alpha-numeric chars

   240 // upper and lower case characters

   241 

   242   var pw=document.getElementById('pw1').value;

   243 //  doPrompt("password='" + pw +"'");

   244 

   245 //length of the password

   246   var pwlength=(pw.length);

   247   if (pwlength>5)

   248     pwlength=5;

   249 

   250 

   251 //use of numbers in the password

   252   var numnumeric = pw.replace (/[0-9]/g, "");

   253   var numeric=(pw.length - numnumeric.length);

   254   if (numeric>3)

   255     numeric=3;

   256 

   257 //use of symbols in the password

   258   var symbols = pw.replace (/\W/g, "");

   259   var numsymbols=(pw.length - symbols.length);

   260   if (numsymbols>3)

   261     numsymbols=3;

   262 

   263 //use of uppercase in the password

   264   var numupper = pw.replace (/[A-Z]/g, "");

   265   var upper=(pw.length - numupper.length);

   266   if (upper>3)

   267     upper=3;

   268 

   269 

   270   var pwstrength=((pwlength*10)-20) + (numeric*10) + (numsymbols*15) + (upper*10);

   271 

   272   // make sure we're give a value between 0 and 100

   273   if ( pwstrength < 0 ) {

   274     pwstrength = 0;

   275   }

   276   

   277   if ( pwstrength > 100 ) {

   278     pwstrength = 100;

   279   }

   280 

   281   var mymeter=document.getElementById('pwmeter');

   282   mymeter.setAttribute("value",pwstrength);

   283 

   284   return;

   285 }

   286 

   287 function checkPasswords()

   288 {

   289   var pw1=document.getElementById('pw1').value;

   290   var pw2=document.getElementById('pw2').value;

   291 

   292   var oldpwbox = document.getElementById("oldpw");

   293   if (oldpwbox) {

   294     var initpw = oldpwbox.getAttribute("inited");

   295 

   296     if (initpw == "empty" && pw1 == "") {

   297       // The token has already been initialized, therefore this dialog

   298       // was called with the intention to change the password.

   299       // The token currently uses an empty password.

   300       // We will not allow changing the password from empty to empty.

   301       document.documentElement.getButton("accept").disabled = true;

   302       return;

   303     }

   304   }

   305 

   306   document.documentElement.getButton("accept").disabled = (pw1 != pw2);

   307 }

Mercurial Repository: The Tor Browser

Europalab SCM Repository Server

mercurial