[prev in list] [next in list] [prev in thread] [next in thread] 

List:       mozilla-crypto
Subject:    Help with prompting for and verifying master password
From:       paxunix () acm ! org (paxunix)
Date:       2003-06-19 20:56:50
[Download RAW message or body]

I'm working on bug #78754 to give Mozilla a mode to display saved
passwords.  The code and UI I've got works flawlessly, the only
missing piece is prompting for and verifying the master password if
the user's passwords are encrypted.

I have trawled through the codebase but can't seem to find the exact
interface I'm looking for.  The mechanism for popping up the password
prompt depends on a number of things (particularly the token name/slot
for the software security device) that I do not know the interface
for.

It looks like the master password is prompted for in
security/manager/pki/src/nsNSSDialogs.cpp, but the XUL
(chrome://pippki/content/getpassword.xul) and JS that gets invoked
doesn't seem to do anything special except return the password value
that was entered.  The verification happens somewhere else.  I think I
can pull out some of what I need from
security/manager/pki/resources/content/device_manager.js, but I am not
sure which parts I'll need.

I was hopeful that perhaps nsITokenPasswordDialogs, nsITokenDialogs,
nsIPK11Token, or nsIPK11TokenDB might do what I want, but it doesn't
look promising.

So what combination of components do I need to call into to pop up the
usual "prompt for master password" dialog and then verify the results?

Given the posts here, I suspect a number of people would very much
like to see something like this built in to Mozilla.  (And after that,
maybe I'll write an extension to import/export).

-- 
paxunix

[prev in list] [next in list] [prev in thread] [next in thread]