1 /* Copyright (c) 2012 Robert Sesek <http://robert.sesek.com>
3 * Permission is hereby granted, free of charge, to any person obtaining a copy
4 * of this software and associated documentation files (the "Software"), to
5 * deal in the Software without restriction, including without limitation the
6 * rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
7 * sell copies of the Software, and to permit persons to whom the Software is
8 * furnished to do so, subject to the following conditions:
10 * The above copyright notice and this permission notice shall be included in
11 * all copies or substantial portions of the Software.
13 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
14 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
15 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
16 * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
17 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
18 * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
19 * DEALINGS IN THE SOFTWARE.
23 document
.addEventListener('DOMContentLoaded', function() {
24 var controller
= new SkeletonKey(document
);
29 * SkeletonKey is view controller for generating secure passwords.
31 * @param {HTMLDocument} doc The document on which to operate.
33 var SkeletonKey
= SkeletonKey
|| function(doc
) {
34 this._master
= doc
.getElementById('master');
35 this._sitekey
= doc
.getElementById('sitekey');
36 this._username
= doc
.getElementById('username');
37 this._password
= doc
.getElementById('password');
38 this._generateButton
= doc
.getElementById('generate');
40 // If this is an extension, use defaults until the Chrome settings are loaded.
42 if (!this._isChromeExtension())
44 this._options
= new SkeletonKeyOptions(null, win
);
51 * The number of iterations to perform in PBKDF2.
54 SkeletonKey
.prototype.ITERATIONS
= 1000;
56 * The size of the key, in bytes.
59 SkeletonKey
.prototype.KEYSIZE
= 256/32;
62 * Initializes event handlers for the page.
65 SkeletonKey
.prototype._init
= function() {
66 this._generateButton
.onclick
= this._onGenerate
.bind(this);
68 this._master
.onkeyup
= this._nextFieldInterceptor
.bind(this);
69 this._sitekey
.onkeyup
= this._nextFieldInterceptor
.bind(this);
70 this._username
.onkeyup
= this._nextFieldInterceptor
.bind(this);
72 this._password
.onclick
= this._selectPassword
.bind(this);
73 this._password
.labels
[0].onclick
= this._selectPassword
.bind(this);
75 if (this._isChromeExtension()) {
76 this._initChromeExtension();
78 // Chrome extensions will get the first field focused automatically, so only
79 // do it explicitly for hosted pages.
85 * Event handler for generating a new password.
89 SkeletonKey
.prototype._onGenerate
= function(e
) {
90 var salt
= this._username
.value
+ '@' + this._sitekey
.value
;
92 // |key| is a WordArray of 32-bit words.
93 var key
= CryptoJS
.PBKDF2(this._master
.value
, salt
,
94 {keySize
: this.KEYSIZE
, iterations
: this.ITERATIONS
});
96 var hexString
= key
.toString();
97 hexString
= this._capitalizeKey(hexString
);
99 var maxLength
= this._options
.getMaximumPasswordLength();
100 if (hexString
.length
> maxLength
)
101 hexString
= hexString
.substr(0, maxLength
);
103 this._password
.value
= hexString
;
104 this._selectPassword();
108 * Takes a HEX string and returns a mixed-case string.
109 * @param {string} key
113 SkeletonKey
.prototype._capitalizeKey
= function(key
) {
114 // |key| is too long for a decent password, so try and use the second half of
115 // it as the basis for capitalizing the key.
116 var capsSource
= null;
117 var keyLength
= key
.length
;
118 if (keyLength
/ 2 <= this._options
.getMinimumPasswordLength()) {
119 capsSouce
= key
.substr(0, keyLength
- this._options
.getMinimumPasswordLength());
121 capsSource
= key
.substr(keyLength
/ 2);
124 if (!capsSource
|| capsSource
.length
< 1) {
128 key
= key
.substr(0, capsSource
.length
);
129 var capsSourceLength
= capsSource
.length
;
133 for (var i
= 0; i
< key
.length
; i
++) {
134 var c
= key
.charCodeAt(i
);
135 // If this is not a lowercase letter or there's no more source, skip.
136 if (c
< 0x61 || c
> 0x7A || j
>= capsSourceLength
) {
141 var makeCap
= capsSource
.charCodeAt(j
++) % 2;
143 newKey
+= String
.fromCharCode(c
- 0x20);
152 * Checks if the given key event is from the enter key and moves onto the next
153 * field or generates the password.
157 SkeletonKey
.prototype._nextFieldInterceptor
= function(e
) {
158 if (e
.keyCode
!= 0xD)
161 if (this._master
.value
== "") {
162 this._master
.focus();
163 } else if (this._sitekey
.value
== "") {
164 this._sitekey
.focus();
165 } else if (this._username
.value
== "") {
166 this._username
.focus();
168 this._generateButton
.click();
173 * Selects the contents of the generated password.
176 SkeletonKey
.prototype._selectPassword
= function() {
177 this._password
.focus();
178 this._password
.select();
182 * Initalizes the Chrome extension pieces if running inside chrome.
185 SkeletonKey
.prototype._initChromeExtension
= function() {
188 "currentWindow": true
190 chrome
.tabs
.query(query
, function (tabs
) {
192 if (tabs
== null || tabs
.length
!= 1)
195 var url
= tabs
[0].url
;
196 if (url
== null || url
== "")
199 var matches
= url
.match(/https
?:\/\/(www
|login
|accounts
?|.*\.)\.?(.*)\.(com
?|net
|org
|edu
|biz
|info
)?.*/
);
200 this._sitekey
.value
= matches
[2];
205 * Checks if SkeletonKey is running as a Chrome extension.
209 SkeletonKey
.prototype._isChromeExtension
= function() {
210 return typeof chrome
!== undefined
&& typeof chrome
.extension
!== undefined
;