Source code

Revision control

Copy as Markdown

Other Tools

/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
"use strict";
const { XPCOMUtils } = ChromeUtils.importESModule(
"resource://gre/modules/XPCOMUtils.sys.mjs"
);
ChromeUtils.defineLazyGetter(
this,
"l10n",
() => new Localization(["security/pippki/pippki.ftl"], true)
);
var params;
var token;
var pw1;
function doPrompt(messageL10nId) {
let msg = l10n.formatValueSync(messageL10nId);
Services.prompt.alert(window, null, msg);
}
function onLoad() {
document.getElementById("set_password").getButton("accept").disabled = true;
document.addEventListener("dialogaccept", setPassword);
pw1 = document.getElementById("pw1");
params = window.arguments[0].QueryInterface(Ci.nsIDialogParamBlock);
token = params.objects.GetElementAt(0).QueryInterface(Ci.nsIPK11Token);
document.l10n.setAttributes(
document.getElementById("tokenName"),
"change-password-token",
{ tokenName: token.tokenName }
);
process();
}
function process() {
let bundle = document.getElementById("pippki_bundle");
let oldpwbox = document.getElementById("oldpw");
let msgBox = document.getElementById("message");
// If the token is unitialized, don't use the old password box.
// Otherwise, do.
if ((token.needsLogin() && token.needsUserInit) || !token.needsLogin()) {
oldpwbox.hidden = true;
msgBox.setAttribute("value", bundle.getString("password_not_set"));
msgBox.hidden = false;
if (!token.needsLogin()) {
oldpwbox.setAttribute("inited", "empty");
} else {
oldpwbox.setAttribute("inited", "true");
}
// Select first password field
document.getElementById("pw1").focus();
} else {
// Select old password field
oldpwbox.hidden = false;
msgBox.hidden = true;
oldpwbox.setAttribute("inited", "false");
oldpwbox.focus();
}
// Return value 0 means "canceled"
params.SetInt(1, 0);
checkPasswords();
}
function setPassword(event) {
var oldpwbox = document.getElementById("oldpw");
var initpw = oldpwbox.getAttribute("inited");
var success = false;
if (initpw == "false" || initpw == "empty") {
try {
var oldpw = "";
var passok = 0;
if (initpw == "empty") {
passok = 1;
} else {
oldpw = oldpwbox.value;
passok = token.checkPassword(oldpw);
}
if (passok) {
if (initpw == "empty" && pw1.value == "") {
// checkPasswords() should have prevented this path from being reached.
} else {
if (pw1.value == "") {
var secmoddb = Cc[
"@mozilla.org/security/pkcs11moduledb;1"
].getService(Ci.nsIPKCS11ModuleDB);
if (secmoddb.isFIPSEnabled) {
// empty passwords are not allowed in FIPS mode
doPrompt("pippki-pw-change2empty-in-fips-mode");
passok = 0;
}
}
if (passok) {
token.changePassword(oldpw, pw1.value);
if (pw1.value == "") {
doPrompt("pippki-pw-erased-ok");
} else {
doPrompt("pippki-pw-change-ok");
}
success = true;
}
}
} else {
oldpwbox.focus();
oldpwbox.setAttribute("value", "");
doPrompt("pippki-incorrect-pw");
}
} catch (e) {
doPrompt("pippki-failed-pw-change");
}
} else {
token.initPassword(pw1.value);
if (pw1.value == "") {
doPrompt("pippki-pw-not-wanted");
}
success = true;
}
if (success && params) {
// Return value 1 means "successfully executed ok"
params.SetInt(1, 1);
}
// Terminate dialog
if (!success) {
event.preventDefault();
}
}
function setPasswordStrength() {
// We weigh the quality of the password by checking the number of:
// - Characters
// - Numbers
// - Non-alphanumeric chars
// - Upper and lower case characters
let pw = document.getElementById("pw1").value;
let pwlength = pw.length;
if (pwlength > 5) {
pwlength = 5;
}
let numnumeric = pw.replace(/[0-9]/g, "");
let numeric = pw.length - numnumeric.length;
if (numeric > 3) {
numeric = 3;
}
let symbols = pw.replace(/\W/g, "");
let numsymbols = pw.length - symbols.length;
if (numsymbols > 3) {
numsymbols = 3;
}
let numupper = pw.replace(/[A-Z]/g, "");
let upper = pw.length - numupper.length;
if (upper > 3) {
upper = 3;
}
let pwstrength =
pwlength * 10 - 20 + numeric * 10 + numsymbols * 15 + upper * 10;
// Clamp strength to [0, 100].
if (pwstrength < 0) {
pwstrength = 0;
}
if (pwstrength > 100) {
pwstrength = 100;
}
let meter = document.getElementById("pwmeter");
meter.setAttribute("value", pwstrength);
}
function checkPasswords() {
let pw1 = document.getElementById("pw1").value;
let pw2 = document.getElementById("pw2").value;
var oldpwbox = document.getElementById("oldpw");
if (oldpwbox) {
var initpw = oldpwbox.getAttribute("inited");
if (initpw == "empty" && pw1 == "") {
// The token has already been initialized, therefore this dialog
// was called with the intention to change the password.
// The token currently uses an empty password.
// We will not allow changing the password from empty to empty.
document.getElementById("set_password").getButton("accept").disabled =
true;
return;
}
}
document.getElementById("set_password").getButton("accept").disabled =
pw1 != pw2;
}