core.js

   1 /* Copyright (c) 2012 Robert Sesek <http://robert.sesek.com>
   2  *
   3  * Permission is hereby granted, free of charge, to any person obtaining a copy
   4  * of this software and associated documentation files (the "Software"), to
   5  * deal in the Software without restriction, including without limitation the
   6  * rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
   7  * sell copies of the Software, and to permit persons to whom the Software is
   8  * furnished to do so, subject to the following conditions:
   9  *
  10  * The above copyright notice and this permission notice shall be included in
  11  * all copies or substantial portions of the Software.
  12  *
  13  * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
  14  * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
  15  * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
  16  * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
  17  * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
  18  * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
  19  * DEALINGS IN THE SOFTWARE.
  20  */
  21
  22 (function main() {
  23   document.addEventListener('DOMContentLoaded', function() {
  24     var controller = new SkeletonKey(document);
  25   });
  26 })();
  27
  28 /**
  29  * SkeletonKey is view controller for generating secure passwords.
  30  *
  31  * @param {HTMLDocument} doc The document on which to operate.
  32  */
  33 var SkeletonKey = SkeletonKey || function(doc) {
  34   this._master = doc.getElementById('master');
  35   this._sitekey = doc.getElementById('sitekey');
  36   this._username = doc.getElementById('username');
  37   this._password = doc.getElementById('password');
  38   this._generateButton = doc.getElementById('generate');
  39
  40   // If this is an extension, use defaults until the Chrome settings are loaded.
  41   var win = null;
  42   if (!this._isChromeExtension())
  43     win = window;
  44   this._options = new SkeletonKeyOptions(null, win);
  45
  46
  47   this._init();
  48 };
  49
  50 /**
  51  * The number of iterations to perform in PBKDF2.
  52  * @const {int}
  53  */
  54 SkeletonKey.prototype.ITERATIONS = 1000;
  55 /**
  56  * The size of the key, in bytes.
  57  * @const {int}
  58  */
  59 SkeletonKey.prototype.KEYSIZE = 256/32;
  60
  61 /**
  62  * Initializes event handlers for the page.
  63  * @private
  64  */
  65 SkeletonKey.prototype._init = function() {
  66   this._generateButton.onclick = this._onGenerate.bind(this);
  67
  68   this._master.onkeyup = this._nextFieldInterceptor.bind(this);
  69   this._sitekey.onkeyup = this._nextFieldInterceptor.bind(this);
  70   this._username.onkeyup = this._nextFieldInterceptor.bind(this);
  71
  72   this._password.onclick = this._selectPassword.bind(this);
  73   this._password.labels[0].onclick = this._selectPassword.bind(this);
  74
  75   if (this._isChromeExtension()) {
  76     this._initChromeExtension();
  77   } else {
  78     // Chrome extensions will get the first field focused automatically, so only
  79     // do it explicitly for hosted pages.
  80     this._master.focus();
  81   }
  82 };
  83
  84 /**
  85  * Event handler for generating a new password.
  86  * @param {Event} e
  87  * @private
  88  */
  89 SkeletonKey.prototype._onGenerate = function(e) {
  90   var salt = this._username.value + '@' + this._sitekey.value;
  91
  92   // |key| is a WordArray of 32-bit words.
  93   var key = CryptoJS.PBKDF2(this._master.value, salt,
  94       {keySize: this.KEYSIZE, iterations: this.ITERATIONS});
  95
  96   var hexString = key.toString();
  97   hexString = this._capitalizeKey(hexString);
  98
  99   var maxLength = this._options.getMaximumPasswordLength();
 100   if (hexString.length > maxLength)
 101     hexString = hexString.substr(0, maxLength);
 102
 103   this._password.value = hexString;
 104   this._selectPassword();
 105 };
 106
 107 /**
 108  * Takes a HEX string and returns a mixed-case string.
 109  * @param {string} key
 110  * @return string
 111  * @private
 112  */
 113 SkeletonKey.prototype._capitalizeKey = function(key) {
 114   // |key| is too long for a decent password, so try and use the second half of
 115   // it as the basis for capitalizing the key.
 116   var capsSource = null;
 117   var keyLength = key.length;
 118   if (keyLength / 2 <= this._options.getMinimumPasswordLength()) {
 119     capsSouce = key.substr(0, keyLength - this._options.getMinimumPasswordLength());
 120   } else {
 121     capsSource = key.substr(keyLength / 2);
 122   }
 123
 124   if (!capsSource || capsSource.length < 1) {
 125     return key;
 126   }
 127
 128   key = key.substr(0, capsSource.length);
 129   var capsSourceLength = capsSource.length;
 130
 131   var j = 0;
 132   var newKey = "";
 133   for (var i = 0; i < key.length; i++) {
 134     var c = key.charCodeAt(i);
 135     // If this is not a lowercase letter or there's no more source, skip.
 136     if (c < 0x61 || c > 0x7A || j >= capsSourceLength) {
 137       newKey += key[i];
 138       continue;
 139     }
 140
 141     var makeCap = capsSource.charCodeAt(j++) % 2;
 142     if (makeCap)
 143       newKey += String.fromCharCode(c - 0x20);
 144     else
 145       newKey += key[i];
 146   }
 147
 148   return newKey;
 149 };
 150
 151 /**
 152  * Checks if the given key event is from the enter key and moves onto the next
 153  * field or generates the password.
 154  * @param {Event} e
 155  * @private
 156  */
 157 SkeletonKey.prototype._nextFieldInterceptor = function(e) {
 158   if (e.keyCode != 0xD)
 159     return;
 160
 161   if (this._master.value == "") {
 162     this._master.focus();
 163   } else if (this._sitekey.value == "") {
 164     this._sitekey.focus();
 165   } else if (this._username.value == "") {
 166     this._username.focus();
 167   } else {
 168     this._generateButton.click();
 169   }
 170 };
 171
 172 /**
 173  * Selects the contents of the generated password.
 174  * @private
 175  */
 176 SkeletonKey.prototype._selectPassword = function() {
 177   this._password.focus();
 178   this._password.select();
 179 };
 180
 181 /**
 182  * Initalizes the Chrome extension pieces if running inside chrome.
 183  * @private
 184  */
 185 SkeletonKey.prototype._initChromeExtension = function() {
 186   var query = {
 187     "active": true,
 188     "currentWindow": true
 189   };
 190   chrome.tabs.query(query, function (tabs) {
 191     console.log(tabs);
 192     if (tabs == null || tabs.length != 1)
 193       return;
 194
 195     var url = tabs[0].url;
 196     if (url == null || url == "")
 197       return;
 198
 199     var matches = url.match(/https?:\/\/(www|login|accounts?|.*\.)\.?(.*)\.(com?|net|org|edu|biz|info)?.*/);
 200     this._sitekey.value = matches[2];
 201   }.bind(this));
 202 };
 203
 204 /**
 205  * Checks if SkeletonKey is running as a Chrome extension.
 206  * @returns {bool}
 207  * @private
 208  */
 209 SkeletonKey.prototype._isChromeExtension = function() {
 210   return typeof chrome !== undefined && typeof chrome.extension !== undefined;
 211 };