gecko-dev/toolkit/components/passwordmgr/crypto-SDR.js
2012-05-21 12:12:37 +01:00

229 lines
7.4 KiB
JavaScript

/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
const Cc = Components.classes;
const Ci = Components.interfaces;
const Cr = Components.results;
Components.utils.import("resource://gre/modules/XPCOMUtils.jsm");
Components.utils.import("resource://gre/modules/Services.jsm");
function LoginManagerCrypto_SDR() {
this.init();
};
LoginManagerCrypto_SDR.prototype = {
classID : Components.ID("{dc6c2976-0f73-4f1f-b9ff-3d72b4e28309}"),
QueryInterface : XPCOMUtils.generateQI([Ci.nsILoginManagerCrypto]),
__sdrSlot : null, // PKCS#11 slot being used by the SDR.
get _sdrSlot() {
if (!this.__sdrSlot) {
let modules = Cc["@mozilla.org/security/pkcs11moduledb;1"].
getService(Ci.nsIPKCS11ModuleDB);
this.__sdrSlot = modules.findSlotByName("");
}
return this.__sdrSlot;
},
__decoderRing : null, // nsSecretDecoderRing service
get _decoderRing() {
if (!this.__decoderRing)
this.__decoderRing = Cc["@mozilla.org/security/sdr;1"].
getService(Ci.nsISecretDecoderRing);
return this.__decoderRing;
},
__utfConverter : null, // UCS2 <--> UTF8 string conversion
get _utfConverter() {
if (!this.__utfConverter) {
this.__utfConverter = Cc["@mozilla.org/intl/scriptableunicodeconverter"].
createInstance(Ci.nsIScriptableUnicodeConverter);
this.__utfConverter.charset = "UTF-8";
}
return this.__utfConverter;
},
_utfConverterReset : function() {
this.__utfConverter = null;
},
_debug : false, // mirrors signon.debug
_uiBusy : false,
/*
* log
*
* Internal function for logging debug messages to the Error Console.
*/
log : function (message) {
if (!this._debug)
return;
dump("PwMgr cryptoSDR: " + message + "\n");
Services.console.logStringMessage("PwMgr cryptoSDR: " + message);
},
init : function () {
// Connect to the correct preferences branch.
this._prefBranch = Services.prefs.getBranch("signon.");
this._debug = this._prefBranch.getBoolPref("debug");
// Check to see if the internal PKCS#11 token has been initialized.
// If not, set a blank password.
let tokenDB = Cc["@mozilla.org/security/pk11tokendb;1"].
getService(Ci.nsIPK11TokenDB);
let token = tokenDB.getInternalKeyToken();
if (token.needsUserInit) {
this.log("Initializing key3.db with default blank password.");
token.initPassword("");
}
},
/*
* encrypt
*
* Encrypts the specified string, using the SecretDecoderRing.
*
* Returns the encrypted string, or throws an exception if there was a
* problem.
*/
encrypt : function (plainText) {
let cipherText = null;
let wasLoggedIn = this.isLoggedIn;
let canceledMP = false;
this._uiBusy = true;
try {
let plainOctet = this._utfConverter.ConvertFromUnicode(plainText);
plainOctet += this._utfConverter.Finish();
cipherText = this._decoderRing.encryptString(plainOctet);
} catch (e) {
this.log("Failed to encrypt string. (" + e.name + ")");
// If the user clicks Cancel, we get NS_ERROR_FAILURE.
// (unlike decrypting, which gets NS_ERROR_NOT_AVAILABLE).
if (e.result == Cr.NS_ERROR_FAILURE) {
canceledMP = true;
throw Components.Exception("User canceled master password entry", Cr.NS_ERROR_ABORT);
} else {
throw Components.Exception("Couldn't encrypt string", Cr.NS_ERROR_FAILURE);
}
} finally {
this._uiBusy = false;
// If we triggered a master password prompt, notify observers.
if (!wasLoggedIn && this.isLoggedIn)
this._notifyObservers("passwordmgr-crypto-login");
else if (canceledMP)
this._notifyObservers("passwordmgr-crypto-loginCanceled");
}
return cipherText;
},
/*
* decrypt
*
* Decrypts the specified string, using the SecretDecoderRing.
*
* Returns the decrypted string, or throws an exception if there was a
* problem.
*/
decrypt : function (cipherText) {
let plainText = null;
let wasLoggedIn = this.isLoggedIn;
let canceledMP = false;
this._uiBusy = true;
try {
let plainOctet;
if (cipherText.charAt(0) == '~') {
// The old Wallet file format obscured entries by
// base64-encoding them. These entries are signaled by a
// leading '~' character.
plainOctet = atob(cipherText.substring(1));
} else {
plainOctet = this._decoderRing.decryptString(cipherText);
}
plainText = this._utfConverter.ConvertToUnicode(plainOctet);
} catch (e) {
this.log("Failed to decrypt string: " + cipherText +
" (" + e.name + ")");
// In the unlikely event the converter threw, reset it.
this._utfConverterReset();
// If the user clicks Cancel, we get NS_ERROR_NOT_AVAILABLE.
// If the cipherText is bad / wrong key, we get NS_ERROR_FAILURE
// Wrong passwords are handled by the decoderRing reprompting;
// we get no notification.
if (e.result == Cr.NS_ERROR_NOT_AVAILABLE) {
canceledMP = true;
throw Components.Exception("User canceled master password entry", Cr.NS_ERROR_ABORT);
} else {
throw Components.Exception("Couldn't decrypt string", Cr.NS_ERROR_FAILURE);
}
} finally {
this._uiBusy = false;
// If we triggered a master password prompt, notify observers.
if (!wasLoggedIn && this.isLoggedIn)
this._notifyObservers("passwordmgr-crypto-login");
else if (canceledMP)
this._notifyObservers("passwordmgr-crypto-loginCanceled");
}
return plainText;
},
/*
* uiBusy
*/
get uiBusy() {
return this._uiBusy;
},
/*
* isLoggedIn
*/
get isLoggedIn() {
let status = this._sdrSlot.status;
this.log("SDR slot status is " + status);
if (status == Ci.nsIPKCS11Slot.SLOT_READY ||
status == Ci.nsIPKCS11Slot.SLOT_LOGGED_IN)
return true;
if (status == Ci.nsIPKCS11Slot.SLOT_NOT_LOGGED_IN)
return false;
throw Components.Exception("unexpected slot status: " + status, Cr.NS_ERROR_FAILURE);
},
/*
* defaultEncType
*/
get defaultEncType() {
return Ci.nsILoginManagerCrypto.ENCTYPE_SDR;
},
/*
* _notifyObservers
*/
_notifyObservers : function(topic) {
this.log("Prompted for a master password, notifying for " + topic);
Services.obs.notifyObservers(null, topic, null);
},
}; // end of nsLoginManagerCrypto_SDR implementation
let component = [LoginManagerCrypto_SDR];
var NSGetFactory = XPCOMUtils.generateNSGetFactory(component);