summaryrefslogtreecommitdiffstats
path: root/security/manager/ssl/tests/unit/test_password_prompt.js
blob: cdf4227cb7d2e7a13f245d5236f9bb17d594aab6 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
// -*- indent-tabs-mode: nil; js-indent-level: 2 -*-
// Any copyright is dedicated to the Public Domain.
// http://creativecommons.org/publicdomain/zero/1.0/
"use strict";

// Tests that PSM can successfully ask for a password from the user and relay it
// back to NSS. Does so by mocking out the actual dialog and "filling in" the
// password. Also tests that providing an incorrect password will fail (well,
// technically the user will just get prompted again, but if they then cancel
// the dialog the overall operation will fail).

var gMockPrompter = {
  passwordToTry: null,
  numPrompts: 0,

  // This intentionally does not use arrow function syntax to avoid an issue
  // where in the context of the arrow function, |this != gMockPrompter| due to
  // how objects get wrapped when going across xpcom boundaries.
  promptPassword: function(dialogTitle, text, password, checkMsg, checkValue) {
    this.numPrompts++;
    if (this.numPrompts > 1) { // don't keep retrying a bad password
      return false;
    }
    equal(text,
          "Please enter the master password for the Software Security Device.",
          "password prompt text should be as expected");
    equal(checkMsg, null, "checkMsg should be null");
    ok(this.passwordToTry, "passwordToTry should be non-null");
    password.value = this.passwordToTry;
    return true;
  },

  QueryInterface: XPCOMUtils.generateQI([Ci.nsIPrompt]),
};

// Mock nsIWindowWatcher. PSM calls getNewPrompter on this to get an nsIPrompt
// to call promptPassword. We return the mock one, above.
var gWindowWatcher = {
  getNewPrompter: () => gMockPrompter,
  QueryInterface: XPCOMUtils.generateQI([Ci.nsIWindowWatcher]),
};

function run_test() {
  do_get_profile();

  let windowWatcherCID =
    MockRegistrar.register("@mozilla.org/embedcomp/window-watcher;1",
                           gWindowWatcher);
  do_register_cleanup(() => {
    MockRegistrar.unregister(windowWatcherCID);
  });

  // Set an initial password.
  let tokenDB = Cc["@mozilla.org/security/pk11tokendb;1"]
                  .getService(Ci.nsIPK11TokenDB);
  let token = tokenDB.getInternalKeyToken();
  token.initPassword("hunter2");
  token.logoutSimple();

  // Try with the correct password.
  gMockPrompter.passwordToTry = "hunter2";
  // Using nsISecretDecoderRing will cause the password prompt to come up if the
  // token has a password and is logged out.
  let sdr = Cc["@mozilla.org/security/sdr;1"]
              .getService(Ci.nsISecretDecoderRing);
  sdr.encryptString("poke");
  equal(gMockPrompter.numPrompts, 1, "should have prompted for password once");

  // Reset state.
  gMockPrompter.numPrompts = 0;
  token.logoutSimple();

  // Try with an incorrect password.
  gMockPrompter.passwordToTry = "*******";
  throws(() => sdr.encryptString("poke2"), /NS_ERROR_FAILURE/,
         "logging in with the wrong password should fail");
  equal(gMockPrompter.numPrompts, 2, "should have prompted for password twice");
}