1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
|
// -*- indent-tabs-mode: nil; js-indent-level: 2 -*-
// Any copyright is dedicated to the Public Domain.
// http://creativecommons.org/publicdomain/zero/1.0/
"use strict";
// Tests that PSM can successfully ask for a password from the user and relay it
// back to NSS. Does so by mocking out the actual dialog and "filling in" the
// password. Also tests that providing an incorrect password will fail (well,
// technically the user will just get prompted again, but if they then cancel
// the dialog the overall operation will fail).
var gMockPrompter = {
passwordToTry: null,
numPrompts: 0,
// This intentionally does not use arrow function syntax to avoid an issue
// where in the context of the arrow function, |this != gMockPrompter| due to
// how objects get wrapped when going across xpcom boundaries.
promptPassword: function(dialogTitle, text, password, checkMsg, checkValue) {
this.numPrompts++;
if (this.numPrompts > 1) { // don't keep retrying a bad password
return false;
}
equal(text,
"Please enter the master password for the Software Security Device.",
"password prompt text should be as expected");
equal(checkMsg, null, "checkMsg should be null");
ok(this.passwordToTry, "passwordToTry should be non-null");
password.value = this.passwordToTry;
return true;
},
QueryInterface: XPCOMUtils.generateQI([Ci.nsIPrompt]),
};
// Mock nsIWindowWatcher. PSM calls getNewPrompter on this to get an nsIPrompt
// to call promptPassword. We return the mock one, above.
var gWindowWatcher = {
getNewPrompter: () => gMockPrompter,
QueryInterface: XPCOMUtils.generateQI([Ci.nsIWindowWatcher]),
};
function run_test() {
do_get_profile();
let windowWatcherCID =
MockRegistrar.register("@mozilla.org/embedcomp/window-watcher;1",
gWindowWatcher);
do_register_cleanup(() => {
MockRegistrar.unregister(windowWatcherCID);
});
// Set an initial password.
let tokenDB = Cc["@mozilla.org/security/pk11tokendb;1"]
.getService(Ci.nsIPK11TokenDB);
let token = tokenDB.getInternalKeyToken();
token.initPassword("hunter2");
token.logoutSimple();
// Try with the correct password.
gMockPrompter.passwordToTry = "hunter2";
// Using nsISecretDecoderRing will cause the password prompt to come up if the
// token has a password and is logged out.
let sdr = Cc["@mozilla.org/security/sdr;1"]
.getService(Ci.nsISecretDecoderRing);
sdr.encryptString("poke");
equal(gMockPrompter.numPrompts, 1, "should have prompted for password once");
// Reset state.
gMockPrompter.numPrompts = 0;
token.logoutSimple();
// Try with an incorrect password.
gMockPrompter.passwordToTry = "*******";
throws(() => sdr.encryptString("poke2"), /NS_ERROR_FAILURE/,
"logging in with the wrong password should fail");
equal(gMockPrompter.numPrompts, 2, "should have prompted for password twice");
}
|
