michael@0: /* This Source Code Form is subject to the terms of the Mozilla Public michael@0: * License, v. 2.0. If a copy of the MPL was not distributed with this michael@0: * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ michael@0: const nsPK11TokenDB = "@mozilla.org/security/pk11tokendb;1"; michael@0: const nsIPK11TokenDB = Components.interfaces.nsIPK11TokenDB; michael@0: const nsIDialogParamBlock = Components.interfaces.nsIDialogParamBlock; michael@0: const nsPKCS11ModuleDB = "@mozilla.org/security/pkcs11moduledb;1"; michael@0: const nsIPKCS11ModuleDB = Components.interfaces.nsIPKCS11ModuleDB; michael@0: const nsIPKCS11Slot = Components.interfaces.nsIPKCS11Slot; michael@0: const nsIPK11Token = Components.interfaces.nsIPK11Token; michael@0: michael@0: var params; michael@0: var tokenName=""; michael@0: var pw1; michael@0: michael@0: function doPrompt(msg) michael@0: { michael@0: let prompts = Components.classes["@mozilla.org/embedcomp/prompt-service;1"]. michael@0: getService(Components.interfaces.nsIPromptService); michael@0: prompts.alert(window, null, msg); michael@0: } michael@0: michael@0: function onLoad() michael@0: { michael@0: document.documentElement.getButton("accept").disabled = true; michael@0: michael@0: pw1 = document.getElementById("pw1"); michael@0: try { michael@0: params = window.arguments[0].QueryInterface(nsIDialogParamBlock); michael@0: tokenName = params.GetString(1); michael@0: } catch(exception) { michael@0: // this should not happen. michael@0: // previously we had self.name, but self.name was a bad idea michael@0: // as window name must be a subset of ascii, and the code was michael@0: // previously trying to assign unicode to the window's name. michael@0: // I checked all the places where we get a password prompt and michael@0: // all of them pass an argument as part of this patch. michael@0: tokenName=""; michael@0: } michael@0: michael@0: michael@0: if(tokenName=="") { michael@0: var sectokdb = Components.classes[nsPK11TokenDB].getService(nsIPK11TokenDB); michael@0: var tokenList = sectokdb.listTokens(); michael@0: var enumElement; michael@0: var i=0; michael@0: var menu = document.getElementById("tokenMenu"); michael@0: try { michael@0: for ( ; !tokenList.isDone(); tokenList.next()) { michael@0: enumElement = tokenList.currentItem(); michael@0: var token = enumElement.QueryInterface(nsIPK11Token); michael@0: if(token.needsLogin() || !(token.needsUserInit)) { michael@0: var menuItemNode = document.createElement("menuitem"); michael@0: menuItemNode.setAttribute("value", token.tokenName); michael@0: menuItemNode.setAttribute("label", token.tokenName); michael@0: menu.firstChild.appendChild(menuItemNode); michael@0: if (i == 0) { michael@0: menu.selectedItem = menuItemNode; michael@0: tokenName = token.tokenName; michael@0: } michael@0: i++; michael@0: } michael@0: } michael@0: }catch(exception){} michael@0: } else { michael@0: var sel = document.getElementById("tokenMenu"); michael@0: sel.setAttribute("hidden", "true"); michael@0: var tag = document.getElementById("tokenName"); michael@0: tag.setAttribute("value",tokenName); michael@0: } michael@0: michael@0: process(); michael@0: } michael@0: michael@0: function onMenuChange() michael@0: { michael@0: //get the selected token michael@0: var list = document.getElementById("tokenMenu"); michael@0: tokenName = list.value; michael@0: michael@0: process(); michael@0: } michael@0: michael@0: michael@0: function process() michael@0: { michael@0: var secmoddb = Components.classes[nsPKCS11ModuleDB].getService(nsIPKCS11ModuleDB); michael@0: var bundle = document.getElementById("pippki_bundle"); michael@0: michael@0: // If the token is unitialized, don't use the old password box. michael@0: // Otherwise, do. michael@0: michael@0: var slot = secmoddb.findSlotByName(tokenName); michael@0: if (slot) { michael@0: var oldpwbox = document.getElementById("oldpw"); michael@0: var msgBox = document.getElementById("message"); michael@0: var status = slot.status; michael@0: if (status == nsIPKCS11Slot.SLOT_UNINITIALIZED michael@0: || status == nsIPKCS11Slot.SLOT_READY) { michael@0: michael@0: oldpwbox.setAttribute("hidden", "true"); michael@0: msgBox.setAttribute("value", bundle.getString("password_not_set")); michael@0: msgBox.setAttribute("hidden", "false"); michael@0: michael@0: if (status == nsIPKCS11Slot.SLOT_READY) { michael@0: oldpwbox.setAttribute("inited", "empty"); michael@0: } else { michael@0: oldpwbox.setAttribute("inited", "true"); michael@0: } michael@0: michael@0: // Select first password field michael@0: document.getElementById('pw1').focus(); michael@0: michael@0: } else { michael@0: // Select old password field michael@0: oldpwbox.setAttribute("hidden", "false"); michael@0: msgBox.setAttribute("hidden", "true"); michael@0: oldpwbox.setAttribute("inited", "false"); michael@0: oldpwbox.focus(); michael@0: } michael@0: } michael@0: michael@0: if (params) { michael@0: // Return value 0 means "canceled" michael@0: params.SetInt(1, 0); michael@0: } michael@0: michael@0: checkPasswords(); michael@0: } michael@0: michael@0: function onP12Load(disableOkButton) michael@0: { michael@0: document.documentElement.getButton("accept").disabled = disableOkButton; michael@0: pw1 = document.getElementById("pw1"); michael@0: params = window.arguments[0].QueryInterface(nsIDialogParamBlock); michael@0: // Select first password field michael@0: document.getElementById('pw1').focus(); michael@0: } michael@0: michael@0: function setPassword() michael@0: { michael@0: var pk11db = Components.classes[nsPK11TokenDB].getService(nsIPK11TokenDB); michael@0: var token = pk11db.findTokenByName(tokenName); michael@0: michael@0: var oldpwbox = document.getElementById("oldpw"); michael@0: var initpw = oldpwbox.getAttribute("inited"); michael@0: var bundle = document.getElementById("pippki_bundle"); michael@0: michael@0: var success = false; michael@0: michael@0: if (initpw == "false" || initpw == "empty") { michael@0: try { michael@0: var oldpw = ""; michael@0: var passok = 0; michael@0: michael@0: if (initpw == "empty") { michael@0: passok = 1; michael@0: } else { michael@0: oldpw = oldpwbox.value; michael@0: passok = token.checkPassword(oldpw); michael@0: } michael@0: michael@0: if (passok) { michael@0: if (initpw == "empty" && pw1.value == "") { michael@0: // This makes no sense that we arrive here, michael@0: // we reached a case that should have been prevented by checkPasswords. michael@0: } else { michael@0: if (pw1.value == "") { michael@0: var secmoddb = Components.classes[nsPKCS11ModuleDB].getService(nsIPKCS11ModuleDB); michael@0: if (secmoddb.isFIPSEnabled) { michael@0: // empty passwords are not allowed in FIPS mode michael@0: doPrompt(bundle.getString("pw_change2empty_in_fips_mode")); michael@0: passok = 0; michael@0: } michael@0: } michael@0: if (passok) { michael@0: token.changePassword(oldpw, pw1.value); michael@0: if (pw1.value == "") { michael@0: doPrompt(bundle.getString("pw_erased_ok") michael@0: + " " michael@0: + bundle.getString("pw_empty_warning")); michael@0: } else { michael@0: doPrompt(bundle.getString("pw_change_ok")); michael@0: } michael@0: success = true; michael@0: } michael@0: } michael@0: } else { michael@0: oldpwbox.focus(); michael@0: oldpwbox.setAttribute("value", ""); michael@0: doPrompt(bundle.getString("incorrect_pw")); michael@0: } michael@0: } catch (e) { michael@0: doPrompt(bundle.getString("failed_pw_change")); michael@0: } michael@0: } else { michael@0: token.initPassword(pw1.value); michael@0: if (pw1.value == "") { michael@0: doPrompt(bundle.getString("pw_not_wanted") michael@0: + " " michael@0: + bundle.getString("pw_empty_warning")); michael@0: } michael@0: success = true; michael@0: } michael@0: michael@0: if (success && params) michael@0: // Return value 1 means "successfully executed ok" michael@0: params.SetInt(1, 1); michael@0: michael@0: // Terminate dialog michael@0: return success; michael@0: } michael@0: michael@0: function getPassword() michael@0: { michael@0: // grab what was entered michael@0: params.SetString(2, pw1.value); michael@0: // Return value michael@0: params.SetInt(1, 1); michael@0: // Terminate dialog michael@0: return true; michael@0: } michael@0: michael@0: function setP12Password() michael@0: { michael@0: // grab what was entered michael@0: params.SetString(2, pw1.value); michael@0: // Return value michael@0: params.SetInt(1, 1); michael@0: // Terminate dialog michael@0: return true; michael@0: } michael@0: michael@0: function setPasswordStrength() michael@0: { michael@0: // Here is how we weigh the quality of the password michael@0: // number of characters michael@0: // numbers michael@0: // non-alpha-numeric chars michael@0: // upper and lower case characters michael@0: michael@0: var pw=document.getElementById('pw1').value; michael@0: // doPrompt("password='" + pw +"'"); michael@0: michael@0: //length of the password michael@0: var pwlength=(pw.length); michael@0: if (pwlength>5) michael@0: pwlength=5; michael@0: michael@0: michael@0: //use of numbers in the password michael@0: var numnumeric = pw.replace (/[0-9]/g, ""); michael@0: var numeric=(pw.length - numnumeric.length); michael@0: if (numeric>3) michael@0: numeric=3; michael@0: michael@0: //use of symbols in the password michael@0: var symbols = pw.replace (/\W/g, ""); michael@0: var numsymbols=(pw.length - symbols.length); michael@0: if (numsymbols>3) michael@0: numsymbols=3; michael@0: michael@0: //use of uppercase in the password michael@0: var numupper = pw.replace (/[A-Z]/g, ""); michael@0: var upper=(pw.length - numupper.length); michael@0: if (upper>3) michael@0: upper=3; michael@0: michael@0: michael@0: var pwstrength=((pwlength*10)-20) + (numeric*10) + (numsymbols*15) + (upper*10); michael@0: michael@0: // make sure we're give a value between 0 and 100 michael@0: if ( pwstrength < 0 ) { michael@0: pwstrength = 0; michael@0: } michael@0: michael@0: if ( pwstrength > 100 ) { michael@0: pwstrength = 100; michael@0: } michael@0: michael@0: var mymeter=document.getElementById('pwmeter'); michael@0: mymeter.setAttribute("value",pwstrength); michael@0: michael@0: return; michael@0: } michael@0: michael@0: function checkPasswords() michael@0: { michael@0: var pw1=document.getElementById('pw1').value; michael@0: var pw2=document.getElementById('pw2').value; michael@0: michael@0: var oldpwbox = document.getElementById("oldpw"); michael@0: if (oldpwbox) { michael@0: var initpw = oldpwbox.getAttribute("inited"); michael@0: michael@0: if (initpw == "empty" && pw1 == "") { michael@0: // The token has already been initialized, therefore this dialog michael@0: // was called with the intention to change the password. michael@0: // The token currently uses an empty password. michael@0: // We will not allow changing the password from empty to empty. michael@0: document.documentElement.getButton("accept").disabled = true; michael@0: return; michael@0: } michael@0: } michael@0: michael@0: document.documentElement.getButton("accept").disabled = (pw1 != pw2); michael@0: }