1 /* Copyright (c) 2012 Robert Sesek <http://robert.sesek.com>
3 * Permission is hereby granted, free of charge, to any person obtaining a copy
4 * of this software and associated documentation files (the "Software"), to
5 * deal in the Software without restriction, including without limitation the
6 * rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
7 * sell copies of the Software, and to permit persons to whom the Software is
8 * furnished to do so, subject to the following conditions:
10 * The above copyright notice and this permission notice shall be included in
11 * all copies or substantial portions of the Software.
13 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
14 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
15 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
16 * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
17 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
18 * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
19 * DEALINGS IN THE SOFTWARE.
23 if (typeof chrome
!== 'undefined') {
24 // TODO: load the extension JS
26 // TODO: load the hosted JS
29 document
.addEventListener('DOMContentLoaded', function() {
30 var controller
= new SkeletonKey(document
);
35 * SkeletonKey is view controller for generating secure passwords.
37 * @param {HTMLDocument} doc The document on which to operate.
39 var SkeletonKey
= SkeletonKey
|| function(doc
) {
40 this._master
= doc
.getElementById('master');
41 this._sitekey
= doc
.getElementById('sitekey');
42 this._username
= doc
.getElementById('username');
43 this._password
= doc
.getElementById('password');
44 this._generateButton
= doc
.getElementById('generate');
46 // If this is an extension, use defaults until the Chrome settings are loaded.
48 if (!this._isChromeExtension())
50 this._options
= new SkeletonKeyOptions(null, win
);
57 * The number of iterations to perform in PBKDF2.
60 SkeletonKey
.prototype.ITERATIONS
= 1000;
62 * The size of the key, in bytes.
65 SkeletonKey
.prototype.KEYSIZE
= 256/32;
68 * Initializes event handlers for the page.
71 SkeletonKey
.prototype._init
= function() {
72 this._generateButton
.onclick
= this._onGenerate
.bind(this);
74 this._master
.onkeyup
= this._nextFieldInterceptor
.bind(this);
75 this._sitekey
.onkeyup
= this._nextFieldInterceptor
.bind(this);
76 this._username
.onkeyup
= this._nextFieldInterceptor
.bind(this);
78 this._password
.onclick
= this._selectPassword
.bind(this);
79 this._password
.labels
[0].onclick
= this._selectPassword
.bind(this);
81 this._initChromeExtension();
83 // Chrome extensions will get the first field focused automatically, so only
84 // do it explicitly for hosted pages.
85 if (!this._isChromeExtension())
90 * Event handler for generating a new password.
94 SkeletonKey
.prototype._onGenerate
= function(e
) {
95 var salt
= this._username
.value
+ '@' + this._sitekey
.value
;
97 // |key| is a WordArray of 32-bit words.
98 var key
= CryptoJS
.PBKDF2(this._master
.value
, salt
,
99 {keySize
: this.KEYSIZE
, iterations
: this.ITERATIONS
});
101 var hexString
= key
.toString();
102 hexString
= this._capitalizeKey(hexString
);
104 var maxLength
= this._options
.getMaximumPasswordLength();
105 if (hexString
.length
> maxLength
)
106 hexString
= hexString
.substr(0, maxLength
);
108 this._password
.value
= hexString
;
109 this._selectPassword();
113 * Takes a HEX string and returns a mixed-case string.
114 * @param {string} key
118 SkeletonKey
.prototype._capitalizeKey
= function(key
) {
119 // |key| is too long for a decent password, so try and use the second half of
120 // it as the basis for capitalizing the key.
121 var capsSource
= null;
122 var keyLength
= key
.length
;
123 if (keyLength
/ 2 <= this._options
.getMinimumPasswordLength()) {
124 capsSouce
= key
.substr(0, keyLength
- this._options
.getMinimumPasswordLength());
126 capsSource
= key
.substr(keyLength
/ 2);
129 if (!capsSource
|| capsSource
.length
< 1) {
133 key
= key
.substr(0, capsSource
.length
);
134 var capsSourceLength
= capsSource
.length
;
138 for (var i
= 0; i
< key
.length
; i
++) {
139 var c
= key
.charCodeAt(i
);
140 // If this is not a lowercase letter or there's no more source, skip.
141 if (c
< 0x61 || c
> 0x7A || j
>= capsSourceLength
) {
146 var makeCap
= capsSource
.charCodeAt(j
++) % 2;
148 newKey
+= String
.fromCharCode(c
- 0x20);
157 * Checks if the given key event is from the enter key and moves onto the next
158 * field or generates the password.
162 SkeletonKey
.prototype._nextFieldInterceptor
= function(e
) {
163 if (e
.keyCode
!= 0xD)
166 if (this._master
.value
== "") {
167 this._master
.focus();
168 } else if (this._sitekey
.value
== "") {
169 this._sitekey
.focus();
170 } else if (this._username
.value
== "") {
171 this._username
.focus();
173 this._generateButton
.click();
178 * Selects the contents of the generated password.
181 SkeletonKey
.prototype._selectPassword
= function() {
182 this._password
.focus();
183 this._password
.select();
187 * Initalizes the Chrome extension pieces if running inside chrome.
190 SkeletonKey
.prototype._initChromeExtension
= function() {
193 // getCurrent is undefined for backround pages. Need content script.
194 chrome
.tabs
.getCurrent(function (tab
) {
199 if (url
== null || url
== "")
202 var siteKey
= url
.search(/https
?:\/\/(www
.?|login
|accounts
?)\.(.*)\.(com
?|net
|org
|edu
|biz
|info
)?.*/
);
203 console
.log(siteKey
);
208 * Checks if SkeletonKey is running as a Chrome extension.
212 SkeletonKey
.prototype._isChromeExtension
= function() {
213 return typeof chrome
!= 'undefined' && typeof chrome
.extension
!= 'undefined';