1 files changed, 243 insertions, 0 deletions

diff --git a/components/preferences/content/changemp.js b/components/preferences/content/changemp.js
new file mode 100644
index 000000000..71664b3e1
--- /dev/null
+++ b/components/preferences/content/changemp.js
@@ -0,0 +1,243 @@
+// -*- tab-width: 2; indent-tabs-mode: nil; js-indent-level: 2 -*-
+
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+const nsPK11TokenDB = "@mozilla.org/security/pk11tokendb;1";
+const nsIPK11TokenDB = Components.interfaces.nsIPK11TokenDB;
+const nsIDialogParamBlock = Components.interfaces.nsIDialogParamBlock;
+const nsPKCS11ModuleDB = "@mozilla.org/security/pkcs11moduledb;1";
+const nsIPKCS11ModuleDB = Components.interfaces.nsIPKCS11ModuleDB;
+const nsIPKCS11Slot = Components.interfaces.nsIPKCS11Slot;
+const nsIPK11Token = Components.interfaces.nsIPK11Token;
+
+
+var params;
+var tokenName="";
+var pw1;
+
+function init()
+{
+  pw1 = document.getElementById("pw1");
+
+  process();
+}
+
+
+function process()
+{
+   var secmoddb = Components.classes[nsPKCS11ModuleDB].getService(nsIPKCS11ModuleDB);
+   var bundle = document.getElementById("bundlePreferences");
+
+   // If the token is unitialized, don't use the old password box.
+   // Otherwise, do.
+
+   var slot = secmoddb.findSlotByName(tokenName);
+   if (slot) {
+     var oldpwbox = document.getElementById("oldpw");
+     var msgBox = document.getElementById("message");
+     var status = slot.status;
+     if (status == nsIPKCS11Slot.SLOT_UNINITIALIZED
+         || status == nsIPKCS11Slot.SLOT_READY) {
+
+       oldpwbox.setAttribute("hidden", "true");
+       msgBox.setAttribute("value", bundle.getString("password_not_set"));
+       msgBox.setAttribute("hidden", "false");
+
+       if (status == nsIPKCS11Slot.SLOT_READY) {
+         oldpwbox.setAttribute("inited", "empty");
+       } else {
+         oldpwbox.setAttribute("inited", "true");
+       }
+
+       // Select first password field
+       document.getElementById('pw1').focus();
+
+     } else {
+       // Select old password field
+       oldpwbox.setAttribute("hidden", "false");
+       msgBox.setAttribute("hidden", "true");
+       oldpwbox.setAttribute("inited", "false");
+       oldpwbox.focus();
+     }
+   }
+
+  if (params) {
+    // Return value 0 means "canceled"
+    params.SetInt(1, 0);
+  }
+
+  checkPasswords();
+}
+
+function setPassword()
+{
+  var pk11db = Components.classes[nsPK11TokenDB].getService(nsIPK11TokenDB);
+  var promptService = Components.classes["@mozilla.org/embedcomp/prompt-service;1"]
+                                .getService(Components.interfaces.nsIPromptService);
+  var token = pk11db.findTokenByName(tokenName);
+  dump("*** TOKEN!!!! (name = |" + token + "|\n");
+
+  var oldpwbox = document.getElementById("oldpw");
+  var initpw = oldpwbox.getAttribute("inited");
+  var bundle = document.getElementById("bundlePreferences");
+
+  var success = false;
+
+  if (initpw == "false" || initpw == "empty") {
+    try {
+      var oldpw = "";
+      var passok = 0;
+
+      if (initpw == "empty") {
+        passok = 1;
+      } else {
+        oldpw = oldpwbox.value;
+        passok = token.checkPassword(oldpw);
+      }
+
+      if (passok) {
+        if (initpw == "empty" && pw1.value == "") {
+          // This makes no sense that we arrive here,
+          // we reached a case that should have been prevented by checkPasswords.
+        } else {
+          if (pw1.value == "") {
+            var secmoddb = Components.classes[nsPKCS11ModuleDB].getService(nsIPKCS11ModuleDB);
+            if (secmoddb.isFIPSEnabled) {
+              // empty passwords are not allowed in FIPS mode
+              promptService.alert(window,
+                                  bundle.getString("pw_change_failed_title"),
+                                  bundle.getString("pw_change2empty_in_fips_mode"));
+              passok = 0;
+            }
+          }
+          if (passok) {
+            token.changePassword(oldpw, pw1.value);
+            if (pw1.value == "") {
+              promptService.alert(window,
+                                  bundle.getString("pw_change_success_title"),
+                                  bundle.getString("pw_erased_ok")
+                                  + " " + bundle.getString("pw_empty_warning"));
+            } else {
+              promptService.alert(window,
+                                  bundle.getString("pw_change_success_title"),
+                                  bundle.getString("pw_change_ok"));
+            }
+            success = true;
+          }
+        }
+      } else {
+        oldpwbox.focus();
+        oldpwbox.setAttribute("value", "");
+        promptService.alert(window,
+                            bundle.getString("pw_change_failed_title"),
+                            bundle.getString("incorrect_pw"));
+      }
+    } catch (e) {
+      promptService.alert(window,
+                          bundle.getString("pw_change_failed_title"),
+                          bundle.getString("failed_pw_change"));
+    }
+  } else {
+    token.initPassword(pw1.value);
+    if (pw1.value == "") {
+      promptService.alert(window,
+                          bundle.getString("pw_change_success_title"),
+                          bundle.getString("pw_not_wanted")
+                          + " " + bundle.getString("pw_empty_warning"));
+    }
+    success = true;
+  }
+
+  // Terminate dialog
+  if (success)
+    window.close();
+}
+
+function setPasswordStrength()
+{
+// Here is how we weigh the quality of the password
+// number of characters
+// numbers
+// non-alpha-numeric chars
+// upper and lower case characters
+
+  var pw=document.getElementById('pw1').value;
+
+// length of the password
+  var pwlength=(pw.length);
+  if (pwlength>10)
+    pwlength=10;
+
+
+// use of numbers in the password
+  var numnumeric = pw.replace (/[0-9]/g, "");
+  var numeric=(pw.length - numnumeric.length);
+  if (numeric>3)
+    numeric=3;
+
+// use of symbols in the password
+  var symbols = pw.replace (/\W/g, "");
+  var numsymbols=(pw.length - symbols.length);
+  if (numsymbols>3)
+    numsymbols=3;
+
+// use of uppercase in the password
+  var numupper = pw.replace (/[A-Z]/g, "");
+  var upper=(pw.length - numupper.length);
+  if (upper>3)
+    upper=3;
+
+
+  var pwstrength=((pwlength*5)-20) + (numeric*10) + (numsymbols*15) + (upper*10);
+
+  // make sure we're give a value between 0 and 100
+  if ( pwstrength < 0 ) {
+    pwstrength = 0;
+  }
+
+  if ( pwstrength > 100 ) {
+    pwstrength = 100;
+  }
+
+  var mymeter=document.getElementById('pwmeter');
+  mymeter.value = pwstrength;
+
+  return;
+}
+
+function checkPasswords()
+{
+  var pw1=document.getElementById('pw1').value;
+  var pw2=document.getElementById('pw2').value;
+  var ok=document.documentElement.getButton("accept");
+
+  var oldpwbox = document.getElementById("oldpw");
+  if (oldpwbox) {
+    var initpw = oldpwbox.getAttribute("inited");
+
+    if (initpw == "empty" && pw1 == "") {
+      // The token has already been initialized, therefore this dialog
+      // was called with the intention to change the password.
+      // The token currently uses an empty password.
+      // We will not allow changing the password from empty to empty.
+      ok.setAttribute("disabled", "true");
+      return;
+    }
+  }
+
+  // Never accept short passwords < 8 chars
+  if (pw1.length < 8) {
+    ok.setAttribute("disabled", "true");
+    return;
+  }
+  
+  if (pw1 == pw2) {
+    ok.setAttribute("disabled", "false");
+  } else
+  {
+    ok.setAttribute("disabled", "true");
+  }
+
+}