24 | You can generate a Portable Page to load and run in any browser when this
25 | extension is unavailable. It is similar to the
26 | online tool,
27 | but also knows your site tags and per-site option settings.
28 |
29 |
30 | When you select one of your site tags in the drop-down list at the top it
31 | applies the appropriate options. The site tags and options known to the page
32 | represent a snapshot of what had been saved by the Password Hasher
33 | extension prior to generating the page. It serves as a useful of backup
34 | for your site tags and options. For security, the master key(s) are never
35 | saved in the page.
36 |
37 |
38 | Make copies of the generated file to place on USB keys, servers, and other
39 | systems. You'll be able to log in from anywhere, whether or not the Password
40 | Hasher is installed, and whether or not you're running Firefox.
41 |
24 | Sie können eine Stickware-Seite erzeugen, die in jedem Browser geladen werden kann,
25 | falls diese Erweiterung nicht verfügbar sein sollte. Diese ist dem
26 | Online-Tool ähnlich, merkt sich
27 | aber auch Ihre Seitenkennungen und seitenspezifischen Einstellungen.
28 |
29 |
30 | Wenn Sie eine Ihrer Seitenkennungen in der obigen Drop-Down-Liste auswählen, werden
31 | die entprechenden Optionen angewendet. Die Seitenkennungen und Optionen, die der Seite
32 | bekannt sind, entsprechen einem Schnappschuss der zuletzt in der Password Hasher-Erweiterung
33 | gespeicherten Einstellungen, bevor die Seite erzeugt wurde. Sie dient als nützliches Backup
34 | Ihrer Seitenkennungen und Optionen. Aus Sicherheitsgründen werden Master Keys niemals auf
35 | dieser Seite gespeichert.
36 |
37 |
38 | Erstellen Sie Kopien der erzeugten Datei, um diese auf USB-Sticks, Server und andere System
39 | zu übertragen. Dadurch können Sie sich überall einloggen, egal ob der Password Hasher installiert
40 | ist oder nicht und unabhängig davon, ob Sie Firefox als Browser verwenden.
41 |
Wählen Sie niedrige Sicherheit, wenn Ihre Maschine anderen Benutzern nicht zugänglich ist.
25 |
Wählen Sie mittlere Sicherheit für den Normalgebrauch.
26 |
Wählen Sie Hoch für maximale Sicherheit - auf Kosten von zusätzlichen Eingaben, NICHT aber
27 | zusätzlichem Merkaufwand.
28 |
Aktivieren Sie Passwort-Feldmarker, falls Sie
29 | Marker in der Nähe des Passwort-Eingabefeldes
30 | für einfacheren Zugang zum Password Hasher-Dialog sehen wollen.
31 |
32 |
33 |
Das Passwort einer Seite ändern:
34 |
35 |
Wechseln Sie auf den Bereich einer Seite, der Ihnen das Ändern des Passworts erlaubt.
36 |
Wählen Sie jedes der (beiden) Felder für das neue Passwort aus.
37 |
Rufen Sie den Passwort Hasher auf eine der folgenden Weisen auf:
38 |
39 |
Klicken Sie auf den Marker, falls verfügbar.
41 |
Drücken Sie die Tastenkombination Strg-F6.
42 |
Wählen Sie Password Hasher aus dem Rechtsklick-Popup-Menü.
43 |
Wählen Sie Password Hasher aus dem Browser-Menü 'Extras'.
44 |
45 |
Übernehmen Sie die automatisch erzeugte Seitenkennung oder geben Sie eine eigene an.
46 |
Drücken Sie Enter. Der Mauszeiger wechselt zum Master Key-Eingabefeld.
47 |
Geben Sie den Master Key ein.
48 |
Drücken Sie Enter. Der Dialog schließt sich und fügt das Hash-Wort in das Passwort-Eingabefeld ein.
49 |
Übernehmen Sie die Änderungen, nachdem alle Passwort-Felder ausgefüllt wurden.
50 |
Beim nächsten Einloggen gehen Sie ähnlich vor, um das Passwort auf der Login-Seite einzugeben.
51 |
Auf Seiten, für die Sie noch alte Passwörter verwenden, ignorieren Sie den Password Hasher einfach.
28 | Master key is your chosen strong password.
29 |
30 |
31 | Hash word is the password generated by scrambling the
32 | master key with the site tag.
33 |
34 |
35 | Bump adds a number to the site tag in order to generate a
36 | different hash word.
37 |
38 |
39 | Unmask exposes all hidden fields as plain text.
40 |
41 |
42 | Options shows additional choices affecting how the hash
43 | word gets generated.
44 |
45 |
46 | More Info shows help for using the dialog.
47 |
48 |
49 | Cancel abandons the dialog without injecting the hash word.
50 |
51 |
52 | OK closes the dialog and injects the hash word into the
53 | password field.
54 |
55 |
56 |
Requirement Options
57 |
58 |
59 | Digit forces the hash word to have at least one digit
60 | character.
61 |
62 |
63 | Punctuation force the hash word to have at least one
64 | punctuation character.
65 |
66 |
67 | Mixed case force the hash word to have both upper and
68 | lower-case letters.
69 |
70 |
71 |
Restriction Options
72 |
73 |
74 | No special characters forces no punctuation.
75 |
76 |
77 | Digits only forces only digits.
78 |
79 |
Size Options
80 |
81 | Choose a custom hash word length for this site.
82 |
83 |
Keyboard Navigation
84 |
85 |
86 | Enter takes you to the next empty field and finally closes
87 | the dialog and injects the hash word when done. This is generally the
88 | only navigation key you need, and should be far easier than using a mouse.
89 |
90 |
91 | Esc immediately closes the dialog without injecting the
92 | hash word.
93 |
25 | Seitenkennung ist ein einmaliger Seitenname.
26 |
27 |
28 | Master Key ist Ihr gewähltes starkes Passwort.
29 |
30 |
31 | Hash-Wort ist das Passwort, das beim Vermischen des Master Keys mit der Seitenkennung entsteht.
32 |
33 |
34 | Variieren fügt eine Nummer zur Seitenkennung hinzu, um ein anderes Hash-Wort zu erstellen.
35 |
36 |
37 | Klartext zeigt alle versteckten Feldereinträge in lesbarem Text an.
38 |
39 |
40 | Optionen zeigt zusätzliche Auswahlmöglichkeiten zur Erstellung des Hash-Wortes.
41 |
42 |
43 | Mehr Info zeigt Hilfe für die Verwendung des Dialogs an.
44 |
45 |
46 | Abbrechen verlässt den Dialog, ohne das Hash-Wort einzufügen.
47 |
48 |
49 | OK schließt den Dialog und fügt das Hash-Wort in das Passwortfeld ein.
50 |
51 |
52 |
Optionen für Anforderungen
53 |
54 |
55 | Ziffer fügt dem Hash-Wort wenigstens eine Ziffer hinzu.
56 |
57 |
58 | Satzzeichen fügt dem Hash-Wort wenigstens ein Satzzeichen hinzu.
59 |
60 |
61 | Mischbuchstaben fügt dem Hash-Wort Groß- und Kleinbuchstaben hinzu.
62 |
63 |
64 |
Einschränkungs-Optionen
65 |
66 |
67 | Keine Sonderzeichen deaktiviert Satzzeichen.
68 |
69 |
70 | Nur Ziffern erzwingt ausschließlich Zahlen.
71 |
72 |
Größen-Optionen
73 |
74 | Wählen Sie eine angepasste Länge für Hash-Wörter für diese Seite.
75 |
76 |
Tastatur-Navigation
77 |
78 |
79 | Enter bringt Sie zum nächsten leeren Eingabefeld, schließt am Ende den
80 | Dialog und fügt das Hash-Wort ein. Im allgemeinen ist dies die einzige Navigation, die Sie
81 | benötigen und sollte einfacher sein, als die Maus zu verwenden.
82 |
83 |
84 | Escape schließt den Dialog sofort, ohne das Hash-Wort einzufügen.
85 |
Updating passwords compounds the memorization problem.
36 |
37 |
38 |
How Password Hasher helps:
39 |
40 |
Strong passwords are automatically generated.
41 |
The same master key produces different passwords at many
42 | sites.
43 |
You can quickly upgrade passwords by "bumping" the site tag.
44 |
You can upgrade the master key without updating all sites at
45 | once.
46 |
It supports different length passwords.
47 |
It supports special requirements, such as digit and punctuation
48 | characters.
49 |
All data is saved to the browser's secure password database.
50 |
51 |
52 |
Concepts
53 |
54 |
Site Tag
55 |
56 | A site tag is a simple name, e.g. "google" or "msn", assigned to a site and
57 | used to scramble the master key. For light and medium security levels a
58 | default site tag is assigned and then provided whenever you return to the
59 | site. The site tag just needs to be unique. It does not need to be
60 | complex.
61 |
62 |
63 |
Master Key
64 |
65 | A master key is a strong password you choose and use for many or all sites.
66 | Since site tags scramble the master key to create unique passwords, you
67 | only need more than one master key when you want to upgrade it for
68 | additional security. At that point you begin updating passwords based on
69 | the new master key one site at a time. You don't have to do them all at
70 | once.
71 |
72 |
73 |
Hash Word
74 |
75 | A hash word is the result of scrambling the master key with a site tag. It
76 | becomes the site password. You give the master key to Password Hasher and
77 | it enters the hash word into the site's password field.
78 |
79 |
80 |
Using the Password Hasher
81 |
82 | You can bring up the dialog in any one of the following ways.
83 |
84 |
85 |
86 | Click on a
87 | marker next to a password field.
88 |
89 |
90 | Press the Control-F6 key combination when in a password
91 | field.
92 |
93 |
94 | Choose Password Hasher from either the Tools menu or
95 | the right-click popup menu on a password field.
96 |
Vorgehensweise zur Gewährleistung hoher Sicherheit:
25 |
26 |
Starke Passwörter, die schwer zu erraten sind.
27 |
Verschiedene Passwörter für jede Seite.
28 |
Von Zeit zu Zeit bestehende Passwörter ändern.
29 |
30 |
31 |
Warum Sie wahrscheinlich keine hohe Sicherheit haben:
32 |
33 |
Starke Passwörter sind nur schwer zu merken.
34 |
Der Umgang mit einer Vielzahl an Passwörtern ist eine Qual.
35 |
Passwörter zu aktualisieren trägt zum Merkproblem bei.
36 |
37 |
38 |
Wie Password Hasher hilft:
39 |
40 |
Starke Passwörter werden automatisch generiert.
41 |
Der gleiche Master Key liefert auf vielen Seiten verschiedene Passwörter.
42 |
Sie können Passwörter schnell aktualisieren, wenn sie die Seitenkennung "variieren".
43 |
Sie können den Master Key aktualisieren, ohne alle Seiten gleichzeitig anzupassen.
44 |
Er unterstützt unterschiedlich lange Passwörter.
45 |
Er unterstützt besondere Anforderungen, z.B. Ziffern und Satzzeichen.
46 |
Alle Daten werden in der sicheren Passwort-Datenbank des Browsers gespeichert.
47 |
48 |
49 |
Konzepte
50 |
51 |
Seitenkennung
52 |
53 | Eine Seitenkennung ist ein einfacher Name, z.B. "google" oder "msn", der einer Seite zugewiesen
54 | und verwendet wird, um einen Master Key zu erstellen. Auf niedriger und mittlerer Sicherheitsstufe
55 | wird eine standardisierte Seitenkennung zugewiesen und immer bei Ihrer Rückkehr zu dieser Seite
56 | ausgegeben. Diese Seitenkennung muss lediglich einmalig sein, nicht komplex.
57 |
58 |
59 |
Master Key
60 |
61 | Ein Master Key ist ein starkes Passwort, das Sie erstellen und für viele (oder alle) Seiten
62 | verwenden. Da Seitenkennungen den Master-Key verändern, um einmalige Passwörter zu erstellen,
63 | brauchen Sie nur dann mehr als einen Master Key, wenn Sie ihn für zusätzliche Sicherheit aktualisieren
64 | wollen. In diesem Fall beginnen Sie damit, Ihre Passwörter basierend auf dem neuen Master Key Seite für
65 | Seite anzupassen. Sie müssen nicht alle auf einmal ändern!
66 |
67 |
68 |
Hash-Wort
69 |
70 | Ein Hash-Wort ist das Ergebnis einer Vermischung des Master Keys mit der Seitenkennung.
71 | Es wird zum Passwort der Seite. Sie geben den Master Key im Password Hasher ein und dieser
72 | schreibt das Hash-Wort in das Passwortfeld der Seite.
73 |
74 |
75 |
Den Password Hasher verwenden
76 |
77 | Sie können den Dialog auf eine von folgenden Arten aufrufen:
78 |
79 |
80 |
Klicken Sie auf den Marker beim Passwortfeld.
81 |
Drücken Sie die Tastenkombination Strg-F6 innerhalb eines Passwortfeldes.
82 |
Wählen Sie Password Hasher entweder aus dem 'Extras'-Menü oder per Rechtsklick-Popup-Menü auf einem Passwortfeld.
26 | Niedrig bietet maximalen Komfort durch Erraten von Seitenkennungen,
27 | Merken von Einträgen und Offenlegung von Eingabefelder im Klartext. Dies bietet Schutz
28 | vor Hackern, die von außerhalb Ihr System angreifen könnten, ist aber weniger sicher vor
29 | Leuten mit direktem Zugang zu Ihrem Rechner und Browser.
30 |
31 |
32 | Mittel verbessert den Schutz durch Verbergen des Hash-Wortes und zwingt Sie,
33 | den Master Key jedes Mal neu einzugeben. Dies ist die Standard-Einstellung.
34 |
35 |
36 | Hoch bietet maximale Sicherheit, indem nichts gespeichert und alles
37 | versteckt wird. Sie müssen die Seitenkennung und den Master-Key jedes Mal neu eingeben und
38 | die Eingabefelder manuell in Klartext umschalten, um ihren Inhalt zu sehen.
39 |
40 |
41 | Angepasst lässt Sie eigene Sicherheitseinstellungen vornehmen.
42 | Tipp: Wählen Sie vorher niedrige, mittlere oder hohe Sicherheitsstufe, um mit einem sinnvollen
43 | Set ausgewählter Optionen zu beginnen.
44 |
45 |
46 |
47 |
Anzeige-Optionen
48 |
49 |
50 | Passwort-Feldmarker sind kleine
51 |
52 | Symbole, die nahe des Passwort-Eingabefeldes eingefügt werden für Einzelklick-Zugang zum
53 | Password Hasher-Dialog.
54 |
55 |
56 | Passwort-Klartextmarker sind kleine
57 |
58 | Symbole, die nahe des Passwort-Eingabefeldes eingefügt werden für Einzelklick-Demaskierung
59 | (Anzeige als Klartext) von eingegebenen Passwörtern.
60 |
61 |
62 |
63 |
Standard-Anforderungen
64 |
65 | Diese Einstellungen beeinflussen die Standard-Optionen, um sicher zu stellen, dass
66 | erzeugte Hash-Wörter bestimmten Anforderungen entsprechen.
67 |
68 |
69 |
70 | Ziffer fügt den Hash-Wörtern wenigstens eine Ziffer hinzu.
71 |
72 |
73 | Satzzeichen fügt den Hash-Wörtern wenigstens ein Satzzeichen hinzu.
74 |
75 |
76 | Groß- und Kleinbuchstaben fügt den Hash-Wörtern wenigstens einen Groß- und Kleinbuchstaben hinzu.
77 |
78 |
79 |
80 |
Standard-Größe
81 |
82 | Diese Einstellung ist für die standardmäßige Länge eines Hash-Wortes zuständig, d.h. die Anzahl von Zeichen.
83 |
84 |
85 |
Stickware-Seite
86 |
87 | Dieser Button erzeugt eine eigenständige, portable Webseite zum Erzeugen von Hash-Wörtern,
88 | falls diese Erweiterung nicht verfügbar sein sollte. Nach der Frage, wohin Sie die Datei
89 | speichern wollen, wird die Seite in einem Browser-Tab geladen. Mehr Informationen dazu im FAQ, auf der
90 | Hilfe-Seite zu Stickware und in den Anmerkungen am Ende der erzeugten
91 | Stickware-Seite.
92 |
26 | Light maximizes convenience by guessing site tags,
27 | remembering entries, and revealing fields as plain text. It is secure from
28 | remote hackers, but less secure from people with physical access to your
29 | machine and browser.
30 |
31 |
32 | Medium improves protection by hiding the hash word and
33 | forcing you to re-enter the master key each time. This is the default.
34 |
35 |
36 | Heavy maximizes security by remembering nothing and hiding
37 | everything. You must enter the site tag and master key each time and
38 | manually unmask fields to see their content.
39 |
40 |
41 | Custom allows you to specify individual security options.
42 | Tip - choose light, medium or heavy before selecting custom to start with a
43 | reasonable set of checked options.
44 |
45 |
46 |
47 |
Display Options
48 |
49 |
50 | Password field markers are small
51 |
52 | symbols inserted next to password fields for one-click access to the
53 | Password Hasher dialog.
54 |
55 |
56 | Password unmasking markers are small
57 |
58 | symbols inserted next to password fields for one-click unmasking
59 | (revealing as plain text) of password fields.
60 |
61 |
62 | Guess full domain causes guessed site tags to use the
63 | entire domain name, e.g. including ".com", ".org", etc., making it
64 | easier to have separate logins for sites sharing the same base name.
65 | It does result in longer site tags, when you have to type them.
66 |
67 |
68 |
69 |
Default Requirements
70 |
71 | These settings affect the default options for assuring generated hash words
72 | satisfy certain requirements.
73 |
74 |
75 |
76 | Digit forces hash words to have at least one digit
77 | character.
78 |
79 |
80 | Punctuation forces hash words to have at least one
81 | punctuation character.
82 |
83 |
84 | Both upper and lower-case letters forces hash words to
85 | have at least one of each case letter.
86 |
87 |
88 |
89 |
Default Size
90 |
91 | This setting chooses the default hash word length, i.e. number of characters.
92 |
93 |
94 |
Portable Page
95 |
96 | This button produces a self-contained/portable web page to generate hash
97 | words when this extension is unavailable. It asks you where to save the
98 | file and then loads it in a browser tab. More information is available
99 | in the FAQ, the Portable help page, and notes
100 | on the bottom of the generated portable page.
101 |
Verbessere ich wirklich meine Sicherheit oder spare ich nur Aufwand?
24 |
Kommt darauf an. Die Sicherheit der meisten Benutzer sollte sich verbessern, indem
25 | das Problem schwerer und variierender Passwörter gemindert wird. Andererseits könnten Sie
26 | natürlich auch Ihre Verwundbarkeit erhöhen, wenn Sie im Falle eines Diebstahls des Master
27 | Keys einen unerlaubten Zugang auf gleich mehrere Seiten ermöglichen. Ein Hacker wäre aber nur
28 | erfolgreich, wenn er dieses Programm zur Wiederherstellung von Hash-Wörtern zu verwenden
29 | wüsste. Falls Sie bereits Passwörter wieder verwenden, kann dieses Hilfsmittel nur Sinn machen.
30 |
Was, wenn ich mich einloggen muss und mir dieses Programm fehlt?
31 |
32 | Sie können sich eine Stickware-Seite erstellen lassen, die in jedem Browser läuft - auch, wenn
33 | diese Erweiterung nicht verfügbar sein sollte. Sie können auch das Online-Tool zur
34 | Generierung identischer Hash-Wörter verwenden, aber es wird Ihre Seitenkennungen und Einstellungen nicht
35 | parat haben. Sehen Sie sich auch die Hilfsseite zu Stickware an, wenn
36 | Sie noch mehr erfahren wollen.
37 |
38 |
39 | Diese Seite passt wunderbar in eine Firefox-Seitenleiste für ständige Verfügbarkeit. Sie ist
40 | auch komplett eigenständig, so dass Sie diese eine HTML-Datei auch auf andere Datenträger
41 | kopieren können, z.B. USB-Sticks.
42 |
43 |
44 | Bitte beachten Sie, dass die zusätzlichen Optionen für Hash-Wort-Filterung und -Größen dieses
45 | Programm inkompatibel zu anderen ähnlichen Erweiterungen machen (z.B. Hashapass), welche
46 | andere Ergebnisse liefern können - abhängig von den von Ihnen verwendeten Einstellungen.
47 |
48 |
Sollte ich die erzeugten Hash-Wörter irgendwo aufbewahren?
49 |
Keine schlechte Idee, aber wenn Sie eine Stickware-Seite als Backup speichern, haben Sie
50 | alles außer dem/den Master Key(s). Es ist also Ihre Entscheidung. Ein "Rückfall-Backup"
51 | ist eine zusätzliche Sicherheitsmaßnahme, falls Sie eines Tages die Hash-Wörter doch manuell
52 | eingeben müssen.
53 | Sie können ein Programm wie KeePass (empfohlen)
54 | verwenden, um Ihre Angaben in einer verschlüsselten Datei zu sichern.
55 |
56 |
57 | Denken Sie allerdings auch an Szenarien von kaputten oder ausgeliehenen Rechnern und
58 | defekter Software... ;)
59 |
60 |
Muss ich mir die Optionen für jede Seite einzeln merken?
61 |
Normalerweise nicht. Dieses Programm merkt sie sich für Sie. Falls Sie die gesicherten
62 | Daten verlieren, z.B. durch Löschen des Firefox Passwort-Cache, müssen Sie die Standard-Einstellungen
63 | und Ausnahmen für einzelne Seiten wieder herstellen. Im Idealfall haben sie nicht viele Sonderfälle,
64 | in denen Sie sich etwas merken müssen.
65 |
Wo werden die Daten gespeichert?
66 |
Alles wird im Passwort-Cache von Firefox abgelegt - verschlüsselt und sicher. Sie können
67 | Erweiterungen wie Password Exporter verwenden,
68 | um diese Cache-Daten zu Backup-Zwecken zu speichern oder sie auf einen anderen Rechner zu übertragen.
69 |
Wie kann ich Hilfe kriegen, ein Problem melden oder einen Vorschlag machen?
70 |
Sie können den Entwickler jederzeit per E-Mail erreichen.
71 | Dies ist offensichtlich keine große Organisation, aber er wird Ihnen schnellstmöglich antworten und weiß
72 | Ihr Feedback zu schätzen.
73 |
Generiert Stickware-Seite nach Vorlage zur einfacheren Übersetzung/Wartung.
43 |
Auf Seitenkennung fokussieren, wenn leer.
44 |
45 |
Version 1.1.3
46 |
05.07. 2008
47 |
48 |
Geringfügige Fehlerbeseitigung bei deutscher Übersetzung und Marker-Stilen.
49 |
Einige potenzielle Unregelmäßigkeiten in der Marker-Anzeige beseitigt.
50 |
51 |
Version 1.1.2
52 |
03.07. 2008
53 |
54 |
String-Bündel-Benennungskonflikt mit yesscript beseitigt.
55 |
Danksagungen in changes.html korrigiert.
56 |
57 |
Version 1.1.1
58 |
21.06. 2008
59 |
60 |
Fehler beseitigt.
61 |
Option "Vollständige Domain erraten" hinzugefügt.
62 |
63 |
Version 1.1.0
64 |
21.06. 2008
65 |
66 |
Kompatibel zu Firefox 3, großteils ermöglicht durch Code von Kamil.
67 |
Bietet eine noch größere Auswahl an Passwortlängen.
68 |
Eine "Nur Ziffern"-Beschränkung für numerische Hash-Wörter (z.B. für PINs) hinzugefügt.
69 |
Einstellungsoptionen passhash.optShortcutKeyCode und passhash.optShortcutKeyMods
70 | als Hintertür zum Ändern der zugewiesenen Tastenkürzel und -Modifikatoren hinzugefügt.
71 |
Italianische Übersetzung von Fabrizio hinzugefügt.
72 |
Deutsche Übersetzung von Robin Reisinger hinzugefügt.
73 |
Verarbeitet Länder-Domains wie .co.uk und ähnliche.
74 |
75 |
Version 1.0.5
76 |
27.01. 2007
77 |
78 |
Tastenkürzel zu Strg-F6 geändert, um bessere Kompatibilität mit regionalen Tastaturen zu gewährleisten. Strg-; wird immer noch unterstützt und ist abwärts-kompatibel.
79 |
80 |
Version 1.0.4
81 |
02.12. 2006
82 |
83 |
Zeigt Hashwort-Generatorseite für Stickware im Optionsdialog an.
84 |
85 |
Version 1.0.3
86 |
27.11. 2006
87 |
88 |
Ermöglicht Umschalten von Passwort-Maskierung durch optionale Marker.
89 |
90 |
Version 1.0.2
91 |
22.11. 2006
92 |
93 |
Unterstützt Vermeidung von Sonderzeichen.
94 |
95 |
Version 1.0.1
96 |
21.11. 2006
97 |
98 |
Regelt den Fall, wenn eine benötigte Ziffer vorhanden zu sein scheint, aber von einem erzwungenen Satzzeichen überschrieben würde.
99 |
100 |
Version 1.0.0
101 |
19.11. 2006
102 |
103 |
Präferenzen und Dialog-Optionen für Ziffern, Satzzeichen und Mischbuchstaben in Hash-Wörtern hinzugefügt. Wird für jede Seite gespeichert.
104 |
Unterstützung für Auswahl von Größen für Hash-Wörter als Präferenz und Dialog-Option. Wird für jede Seite gespeichert.
105 |
Verbesserte Dokumentations-Struktur und Verwendbarkeit.
Am I really improving my security or just saving effort?
25 |
26 | It depends. It should improve the security of most users by easing the
27 | burden of using strong and varied passwords. On the other hand, if you are
28 | highly disciplined and aware of security needs you may actually increase
29 | your vulnerability by exposing more sites to intrusion if a master key is
30 | stolen. Of course the hacker will only be successful if he knows to use
31 | this tool to regenerate hash words. If you're reusing passwords already
32 | this tool should only help.
33 |
34 |
35 |
What if I need to log in and this tool isn't available?
36 |
37 | You can generate a Portable Page to load and run in any browser when this
38 | extension is unavailable. You can also use the
39 |
40 | online tool to generate identical hash words, but it won't know your
41 | site tags and settings. See the Portable help
42 | page for more information.
43 |
44 |
45 | The page fits nicely in a Firefox sidebar for extra convenience. It is
46 | also completely self-contained, so you can move the one HTML file to other
47 | storage devices, including USB keys. page as a single self-contained file
48 | and store it on a USB key.
49 |
50 |
51 | Please be aware that the extra hash word filtering and size options make
52 | this tool incompatible with other similar tools, e.g.
53 | Hashapass, which may
54 | generate different results, depending on which options your are using.
55 |
56 |
57 |
Should I record the generated hash words somewhere?
58 |
59 | It's not a bad idea, but if you save a Portable Page as backup you have
60 | everything but the master key(s). So it's up to you. An additional
61 | locked-up "dead tree" or electronic copy is an extra measure of safety, in
62 | case you need to manually enter the hash words someday. You can also use a
63 | program like
64 | KeePass (highly recommended for Windows users) to save your data in an
65 | encrypted file.
66 |
67 |
68 | Just give a bit of thought to all the scenarios of dying or borrowed
69 | computers and broken software. :)
70 |
71 |
72 |
Do I have to remember the options set for each site?
73 |
74 | Not normally. The tool remembers it for you. But if you lose the saved
75 | data, e.g. by clearing the Firefox password cache, you need to reproduce
76 | the default settings and the overrides for individual sites. Hopefully you
77 | won't have so many special cases that remembering is a problem.
78 |
79 |
80 |
Where is the data stored?
81 |
82 | Everything is stored in the Firefox password cache. It's encrypted and
83 | secure. You can use extensions like the
84 |
85 | Password Exporter to save this cached data for backup or to transfer
86 | it to another machine.
87 |
88 |
89 |
How can I change the shortcut key?
90 |
Procedure
91 |
92 |
Go to about:config using location bar.
93 |
Filter on passhash and look for
94 | passhash.optShortcutKeyCode and
95 | passhash.optShortcutKeyMods.
96 |
Set passhash.optShortcutKeyCode either to one of
97 | the virtual keys using VK_ as a prefix, e.g.
98 | VK_F6 or to a displayable key using the actual
99 | character, e.g. h or ;.
100 |
Set passhash.optShortcutKeyMods to one or more
101 | space-separated key modifiers. accel is a
102 | cross-platform modifier which is the Control key on PCs and the Command
103 | key on Macs. You can also use alt,
104 | control, shift, and
105 | combinations.
106 |
Restart Firefox.
107 |
108 |
Examples
109 |
Control-Alt-H
110 |
111 |
passhash.optShortcutKeyCode = h
112 |
passhash.optShortcutKeyMods = control alt
113 |
114 |
Control-; (PC) and Command-; (Mac)
115 |
116 |
passhash.optShortcutKeyCode = ;
117 |
passhash.optShortcutKeyMods = accel
118 |
119 |
Control-F12 (PC) and Command-F12 (Mac)
120 |
121 |
passhash.optShortcutKeyCode = VK_F12
122 |
passhash.optShortcutKeyMods = accel
123 |
124 |
125 |
How do I get help, report a problem or make a suggestion?
126 |
127 | Feel free to contact the developer through
128 | email. Obviously this is not a large
129 | organization, but I get back to you as quickly as possible and appreciate
130 | feedback. :)
131 |
132 |
133 |
134 |
135 |
136 |
--------------------------------------------------------------------------------
/tools/passhash.py:
--------------------------------------------------------------------------------
1 | # ***** BEGIN LICENSE BLOCK *****
2 | # Version: MPL 1.1/GPL 2.0/LGPL 2.1
3 | #
4 | # The contents of this file are subject to the Mozilla Public License Version
5 | # 1.1 (the "License"); you may not use this file except in compliance with
6 | # the License. You may obtain a copy of the License at
7 | # http:#www.mozilla.org/MPL/
8 | #
9 | # Software distributed under the License is distributed on an "AS IS" basis,
10 | # WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
11 | # for the specific language governing rights and limitations under the
12 | # License.
13 | #
14 | # The Original Code is Password Hasher
15 | #
16 | # The Initial Developer of the Original Code is Steve Cooper.
17 | # Portions created by the Initial Developer are Copyright (C) 2006
18 | # the Initial Developer. All Rights Reserved.
19 | #
20 | # Contributor(s): (none)
21 | #
22 | # Alternatively, the contents of this file may be used under the terms of
23 | # either the GNU General Public License Version 2 or later (the "GPL"), or
24 | # the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
25 | # in which case the provisions of the GPL or the LGPL are applicable instead
26 | # of those above. If you wish to allow use of your version of this file only
27 | # under the terms of either the GPL or the LGPL, and not to allow others to
28 | # use your version of this file under the terms of the MPL, indicate your
29 | # decision by deleting the provisions above and replace them with the notice
30 | # and other provisions required by the GPL or the LGPL. If you do not delete
31 | # the provisions above, a recipient may use your version of this file under
32 | # the terms of any one of the MPL, the GPL or the LGPL.
33 | #
34 | # ***** END LICENSE BLOCK ***** */
35 |
36 | host = "passhash.passhash"
37 |
38 | def log(msg):
39 | print msg
40 |
41 | # IMPORTANT: This function should be changed carefully. It must be
42 | # completely deterministic and consistent between releases. Otherwise
43 | # users would be forced to update their passwords. In other words, the
44 | # algorithm must always be backward-compatible. It's only acceptable to
45 | # violate backward compatibility when new options are used.
46 | # SECURITY: The optional adjustments are positioned and calculated based
47 | # on the sum of all character codes in the raw hash string. So it becomes
48 | # far more difficult to guess the injected special characters without
49 | # knowing the master key.
50 | # TODO: Is it ok to assume ASCII is ok for adjustments?
51 | def generateHashWord(
52 | siteTag,
53 | masterKey,
54 | hashWordSize,
55 | requireDigit,
56 | requirePunctuation,
57 | requireMixedCase,
58 | restrictSpecial,
59 | restrictDigits):
60 | # Start with the SHA1-encrypted master key/site tag.
61 | s = b64_hmac_sha1(masterKey, siteTag)
62 | # Use the checksum of all characters as a pseudo-randomizing seed to
63 | # avoid making the injected characters easy to guess. Note that it
64 | # isn't random in the sense of not being deterministic (i.e.
65 | # repeatable). Must share the same seed between all injected
66 | # characters so that they are guaranteed unique positions based on
67 | # their offsets.
68 | sum = 0
69 | for i in range(len(s):
70 | sum += ord(s[i])
71 | # Restrict digits just does a mod 10 of all the characters
72 | if restrictDigits:
73 | s = convertToDigits(s, sum, hashWordSize)
74 | else:
75 | # Inject digit, punctuation, and mixed case as needed.
76 | if requireDigit:
77 | s = injectSpecialCharacter(s, 0, 4, sum, hashWordSize, 48, 10)
78 | if requirePunctuation and not restrictSpecial:
79 | s = injectSpecialCharacter(s, 1, 4, sum, hashWordSize, 33, 15)
80 | if requireMixedCase:
81 | s = injectSpecialCharacter(s, 2, 4, sum, hashWordSize, 65, 26)
82 | s = injectSpecialCharacter(s, 3, 4, sum, hashWordSize, 97, 26)
83 | # Strip out special characters as needed.
84 | if restrictSpecial:
85 | s = removeSpecialCharacters(s, sum, hashWordSize)
86 | # Trim it to size.
87 | return s.substr(0, hashWordSize)
88 |
89 | # This is a very specialized method to inject a character chosen from a
90 | # range of character codes into a block at the front of a string if one of
91 | # those characters is not already present.
92 | # Parameters:
93 | # sInput = input string
94 | # offset = offset for position of injected character
95 | # reserved = # of offsets reserved for special characters
96 | # seed = seed for pseudo-randomizing the position and injected character
97 | # lenOut = length of head of string that will eventually survive truncation.
98 | # cStart = character code for first valid injected character.
99 | # cNum = number of valid character codes starting from cStart.
100 | def injectSpecialCharacter(sInput, offset, reserved, seed, lenOut, cStart, cNum):
101 | pos0 = seed % lenOut
102 | pos = (pos0 + offset) % lenOut
103 | # Check if a qualified character is already present
104 | # Write the loop so that the reserved block is ignored.
105 | for i in range(lenOut - reserved):
106 | i2 = (pos0 + reserved + i) % lenOut
107 | c = ord(sInput[i2])
108 | if c >= cStart and c < cStart + cNum:
109 | return sInput # Already present - nothing to do
110 | sHead = sInput[:pos]
111 | sInject = chr(((seed + ord(sInput[pos])) % cNum) + cStart)
112 | sTail = sInput[pos+1:]
113 | return (sHead + sInject + sTail)
114 |
115 | # Another specialized method to replace a class of character, e.g.
116 | # punctuation, with plain letters and numbers.
117 | # Parameters:
118 | # sInput = input string
119 | # seed = seed for pseudo-randomizing the position and injected character
120 | # lenOut = length of head of string that will eventually survive truncation.
121 | def removeSpecialCharacters(sInput, seed, lenOut):
122 | s = ''
123 | for c in sInput:
124 | if c.isalnum():
125 | s += c
126 | else:
127 | s += chr((seed + len(s)) % 26 + 65)
128 | return s
129 |
130 | # Convert input string to digits-only.
131 | # Parameters:
132 | # sInput = input string
133 | # seed = seed for pseudo-randomizing the position and injected character
134 | # lenOut = length of head of string that will eventually survive truncation.
135 | def convertToDigits(sInput, seed, lenOut):
136 | s = ''
137 | for c in sInput:
138 | if c.isdigit():
139 | s += c
140 | else:
141 | s += chr((seed + ord(sInput[i])) % 10 + 48)
142 |
--------------------------------------------------------------------------------
/tools/sha1.py:
--------------------------------------------------------------------------------
1 | /*
2 | * A JavaScript implementation of the Secure Hash Algorithm, SHA-1, as defined
3 | * in FIPS PUB 180-1
4 | * Version 2.1a Copyright Paul Johnston 2000 - 2002.
5 | * Other contributors: Greg Holt, Andrew Kepert, Ydnar, Lostinet
6 | * Distributed under the BSD License
7 | * See http://pajhome.org.uk/crypt/md5 for details.
8 | */
9 |
10 | /*
11 | * Configurable variables. You may need to tweak these to be compatible with
12 | * the server-side, but the defaults work in most cases.
13 | */
14 | var hexcase = 0; /* hex output format. 0 - lowercase; 1 - uppercase */
15 | var b64pad = ""; /* base-64 pad character. "=" for strict RFC compliance */
16 | var chrsz = 8; /* bits per input character. 8 - ASCII; 16 - Unicode */
17 |
18 | /*
19 | * These are the functions you'll usually want to call
20 | * They take string arguments and return either hex or base-64 encoded strings
21 | */
22 | function hex_sha1(s){return binb2hex(core_sha1(str2binb(s),s.length * chrsz));}
23 | function b64_sha1(s){return binb2b64(core_sha1(str2binb(s),s.length * chrsz));}
24 | function str_sha1(s){return binb2str(core_sha1(str2binb(s),s.length * chrsz));}
25 | function hex_hmac_sha1(key, data){ return binb2hex(core_hmac_sha1(key, data));}
26 | function b64_hmac_sha1(key, data){ return binb2b64(core_hmac_sha1(key, data));}
27 | function str_hmac_sha1(key, data){ return binb2str(core_hmac_sha1(key, data));}
28 |
29 | /*
30 | * Perform a simple self-test to see if the VM is working
31 | */
32 | function sha1_vm_test()
33 | {
34 | return hex_sha1("abc") == "a9993e364706816aba3e25717850c26c9cd0d89d";
35 | }
36 |
37 | /*
38 | * Calculate the SHA-1 of an array of big-endian words, and a bit length
39 | */
40 | function core_sha1(x, len)
41 | {
42 | /* append padding */
43 | /* SC - Get rid of warning */
44 | var i = (len >> 5);
45 | if (x[i] == undefined)
46 | x[i] = 0x80 << (24 - len % 32);
47 | else
48 | x[i] |= 0x80 << (24 - len % 32);
49 | /*x[len >> 5] |= 0x80 << (24 - len % 32);*/
50 | x[((len + 64 >> 9) << 4) + 15] = len;
51 |
52 | var w = Array(80);
53 | var a = 1732584193;
54 | var b = -271733879;
55 | var c = -1732584194;
56 | var d = 271733878;
57 | var e = -1009589776;
58 |
59 | for(var i = 0; i < x.length; i += 16)
60 | {
61 | var olda = a;
62 | var oldb = b;
63 | var oldc = c;
64 | var oldd = d;
65 | var olde = e;
66 |
67 | for(var j = 0; j < 80; j++)
68 | {
69 | if(j < 16) w[j] = x[i + j];
70 | else w[j] = rol(w[j-3] ^ w[j-8] ^ w[j-14] ^ w[j-16], 1);
71 | var t = safe_add(safe_add(rol(a, 5), sha1_ft(j, b, c, d)),
72 | safe_add(safe_add(e, w[j]), sha1_kt(j)));
73 | e = d;
74 | d = c;
75 | c = rol(b, 30);
76 | b = a;
77 | a = t;
78 | }
79 |
80 | a = safe_add(a, olda);
81 | b = safe_add(b, oldb);
82 | c = safe_add(c, oldc);
83 | d = safe_add(d, oldd);
84 | e = safe_add(e, olde);
85 | }
86 | return Array(a, b, c, d, e);
87 |
88 | }
89 |
90 | /*
91 | * Perform the appropriate triplet combination function for the current
92 | * iteration
93 | */
94 | function sha1_ft(t, b, c, d)
95 | {
96 | if(t < 20) return (b & c) | ((~b) & d);
97 | if(t < 40) return b ^ c ^ d;
98 | if(t < 60) return (b & c) | (b & d) | (c & d);
99 | return b ^ c ^ d;
100 | }
101 |
102 | /*
103 | * Determine the appropriate additive constant for the current iteration
104 | */
105 | function sha1_kt(t)
106 | {
107 | return (t < 20) ? 1518500249 : (t < 40) ? 1859775393 :
108 | (t < 60) ? -1894007588 : -899497514;
109 | }
110 |
111 | /*
112 | * Calculate the HMAC-SHA1 of a key and some data
113 | */
114 | function core_hmac_sha1(key, data)
115 | {
116 | var bkey = str2binb(key);
117 | if(bkey.length > 16) bkey = core_sha1(bkey, key.length * chrsz);
118 |
119 | var ipad = Array(16), opad = Array(16);
120 | for(var i = 0; i < 16; i++)
121 | {
122 | /* SC - Get rid of warning */
123 | var k = (bkey[i] != undefined ? bkey[i] : 0);
124 | ipad[i] = k ^ 0x36363636;
125 | opad[i] = k ^ 0x5C5C5C5C;
126 | /* ipad[i] = bkey[i] ^ 0x36363636;
127 | opad[i] = bkey[i] ^ 0x5C5C5C5C;*/
128 | }
129 |
130 | var hash = core_sha1(ipad.concat(str2binb(data)), 512 + data.length * chrsz);
131 | return core_sha1(opad.concat(hash), 512 + 160);
132 | }
133 |
134 | /*
135 | * Add integers, wrapping at 2^32. This uses 16-bit operations internally
136 | * to work around bugs in some JS interpreters.
137 | */
138 | function safe_add(x, y)
139 | {
140 | var lsw = (x & 0xFFFF) + (y & 0xFFFF);
141 | var msw = (x >> 16) + (y >> 16) + (lsw >> 16);
142 | return (msw << 16) | (lsw & 0xFFFF);
143 | }
144 |
145 | /*
146 | * Bitwise rotate a 32-bit number to the left.
147 | */
148 | function rol(num, cnt)
149 | {
150 | return (num << cnt) | (num >>> (32 - cnt));
151 | }
152 |
153 | /*
154 | * Convert an 8-bit or 16-bit string to an array of big-endian words
155 | * In 8-bit function, characters >255 have their hi-byte silently ignored.
156 | */
157 | function str2binb(str)
158 | {
159 | var bin = Array();
160 | var mask = (1 << chrsz) - 1;
161 | /* SC - Get rid of warnings */
162 | for(var i = 0; i < str.length * chrsz; i += chrsz)
163 | {
164 | if (bin[i>>5] != undefined)
165 | bin[i>>5] |= (str.charCodeAt(i / chrsz) & mask) << (32 - chrsz - i%32);
166 | else
167 | bin[i>>5] = (str.charCodeAt(i / chrsz) & mask) << (32 - chrsz - i%32);
168 | }
169 | /*for(var i = 0; i < str.length * chrsz; i += chrsz)
170 | bin[i>>5] |= (str.charCodeAt(i / chrsz) & mask) << (32 - chrsz - i%32);*/
171 | return bin;
172 | }
173 |
174 | /*
175 | * Convert an array of big-endian words to a string
176 | */
177 | function binb2str(bin)
178 | {
179 | var str = "";
180 | var mask = (1 << chrsz) - 1;
181 | for(var i = 0; i < bin.length * 32; i += chrsz)
182 | str += String.fromCharCode((bin[i>>5] >>> (32 - chrsz - i%32)) & mask);
183 | return str;
184 | }
185 |
186 | /*
187 | * Convert an array of big-endian words to a hex string.
188 | */
189 | function binb2hex(binarray)
190 | {
191 | var hex_tab = hexcase ? "0123456789ABCDEF" : "0123456789abcdef";
192 | var str = "";
193 | for(var i = 0; i < binarray.length * 4; i++)
194 | {
195 | str += hex_tab.charAt((binarray[i>>2] >> ((3 - i%4)*8+4)) & 0xF) +
196 | hex_tab.charAt((binarray[i>>2] >> ((3 - i%4)*8 )) & 0xF);
197 | }
198 | return str;
199 | }
200 |
201 | /*
202 | * Convert an array of big-endian words to a base-64 string
203 | */
204 | function binb2b64(binarray)
205 | {
206 | var tab = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
207 | var str = "";
208 | for(var i = 0; i < binarray.length * 4; i += 3)
209 | {
210 | /* SC - Get rid of warning */
211 | var b1 = binarray[i >> 2] != undefined ? ((binarray[i >> 2] >> 8 * (3 - i %4)) & 0xFF) << 16 : 0;
212 | var b2 = binarray[i+1 >> 2] != undefined ? ((binarray[i+1 >> 2] >> 8 * (3 - (i+1)%4)) & 0xFF) << 8 : 0;
213 | var b3 = binarray[i+2 >> 2] != undefined ? ((binarray[i+2 >> 2] >> 8 * (3 - (i+2)%4)) & 0xFF) : 0;
214 | var triplet = b1 | b2 | b3;
215 | /*var triplet = (((binarray[i >> 2] >> 8 * (3 - i %4)) & 0xFF) << 16)
216 | | (((binarray[i+1 >> 2] >> 8 * (3 - (i+1)%4)) & 0xFF) << 8 )
217 | | ((binarray[i+2 >> 2] >> 8 * (3 - (i+2)%4)) & 0xFF);*/
218 | for(var j = 0; j < 4; j++)
219 | {
220 | if(i * 8 + j * 6 > binarray.length * 32) str += b64pad;
221 | else str += tab.charAt((triplet >> 6*(3-j)) & 0x3F);
222 | }
223 | }
224 | return str;
225 | }
226 |
--------------------------------------------------------------------------------
/content/passhash-sha1.js:
--------------------------------------------------------------------------------
1 | /*
2 | * A JavaScript implementation of the Secure Hash Algorithm, SHA-1, as defined
3 | * in FIPS PUB 180-1
4 | * Version 2.1a Copyright Paul Johnston 2000 - 2002.
5 | * Other contributors: Greg Holt, Andrew Kepert, Ydnar, Lostinet
6 | * Distributed under the BSD License
7 | * See http://pajhome.org.uk/crypt/md5 for details.
8 | */
9 |
10 | /*
11 | * Configurable variables. You may need to tweak these to be compatible with
12 | * the server-side, but the defaults work in most cases.
13 | */
14 | var hexcase = 0; /* hex output format. 0 - lowercase; 1 - uppercase */
15 | var b64pad = ""; /* base-64 pad character. "=" for strict RFC compliance */
16 | var chrsz = 8; /* bits per input character. 8 - ASCII; 16 - Unicode */
17 |
18 | /*
19 | * These are the functions you'll usually want to call
20 | * They take string arguments and return either hex or base-64 encoded strings
21 | */
22 | function hex_sha1(s){return binb2hex(core_sha1(str2binb(s),s.length * chrsz));}
23 | function b64_sha1(s){return binb2b64(core_sha1(str2binb(s),s.length * chrsz));}
24 | function str_sha1(s){return binb2str(core_sha1(str2binb(s),s.length * chrsz));}
25 | function hex_hmac_sha1(key, data){ return binb2hex(core_hmac_sha1(key, data));}
26 | function b64_hmac_sha1(key, data){ return binb2b64(core_hmac_sha1(key, data));}
27 | function str_hmac_sha1(key, data){ return binb2str(core_hmac_sha1(key, data));}
28 |
29 | /*
30 | * Perform a simple self-test to see if the VM is working
31 | */
32 | function sha1_vm_test()
33 | {
34 | return hex_sha1("abc") == "a9993e364706816aba3e25717850c26c9cd0d89d";
35 | }
36 |
37 | /*
38 | * Calculate the SHA-1 of an array of big-endian words, and a bit length
39 | */
40 | function core_sha1(x, len)
41 | {
42 | /* append padding */
43 | /* SC - Get rid of warning */
44 | var i = (len >> 5);
45 | if (x[i] == undefined)
46 | x[i] = 0x80 << (24 - len % 32);
47 | else
48 | x[i] |= 0x80 << (24 - len % 32);
49 | /*x[len >> 5] |= 0x80 << (24 - len % 32);*/
50 | x[((len + 64 >> 9) << 4) + 15] = len;
51 |
52 | var w = Array(80);
53 | var a = 1732584193;
54 | var b = -271733879;
55 | var c = -1732584194;
56 | var d = 271733878;
57 | var e = -1009589776;
58 |
59 | for(var i = 0; i < x.length; i += 16)
60 | {
61 | var olda = a;
62 | var oldb = b;
63 | var oldc = c;
64 | var oldd = d;
65 | var olde = e;
66 |
67 | for(var j = 0; j < 80; j++)
68 | {
69 | if(j < 16) w[j] = x[i + j];
70 | else w[j] = rol(w[j-3] ^ w[j-8] ^ w[j-14] ^ w[j-16], 1);
71 | var t = safe_add(safe_add(rol(a, 5), sha1_ft(j, b, c, d)),
72 | safe_add(safe_add(e, w[j]), sha1_kt(j)));
73 | e = d;
74 | d = c;
75 | c = rol(b, 30);
76 | b = a;
77 | a = t;
78 | }
79 |
80 | a = safe_add(a, olda);
81 | b = safe_add(b, oldb);
82 | c = safe_add(c, oldc);
83 | d = safe_add(d, oldd);
84 | e = safe_add(e, olde);
85 | }
86 | return Array(a, b, c, d, e);
87 |
88 | }
89 |
90 | /*
91 | * Perform the appropriate triplet combination function for the current
92 | * iteration
93 | */
94 | function sha1_ft(t, b, c, d)
95 | {
96 | if(t < 20) return (b & c) | ((~b) & d);
97 | if(t < 40) return b ^ c ^ d;
98 | if(t < 60) return (b & c) | (b & d) | (c & d);
99 | return b ^ c ^ d;
100 | }
101 |
102 | /*
103 | * Determine the appropriate additive constant for the current iteration
104 | */
105 | function sha1_kt(t)
106 | {
107 | return (t < 20) ? 1518500249 : (t < 40) ? 1859775393 :
108 | (t < 60) ? -1894007588 : -899497514;
109 | }
110 |
111 | /*
112 | * Calculate the HMAC-SHA1 of a key and some data
113 | */
114 | function core_hmac_sha1(key, data)
115 | {
116 | var bkey = str2binb(key);
117 | if(bkey.length > 16) bkey = core_sha1(bkey, key.length * chrsz);
118 |
119 | var ipad = Array(16), opad = Array(16);
120 | for(var i = 0; i < 16; i++)
121 | {
122 | /* SC - Get rid of warning */
123 | var k = (bkey[i] != undefined ? bkey[i] : 0);
124 | ipad[i] = k ^ 0x36363636;
125 | opad[i] = k ^ 0x5C5C5C5C;
126 | /* ipad[i] = bkey[i] ^ 0x36363636;
127 | opad[i] = bkey[i] ^ 0x5C5C5C5C;*/
128 | }
129 |
130 | var hash = core_sha1(ipad.concat(str2binb(data)), 512 + data.length * chrsz);
131 | return core_sha1(opad.concat(hash), 512 + 160);
132 | }
133 |
134 | /*
135 | * Add integers, wrapping at 2^32. This uses 16-bit operations internally
136 | * to work around bugs in some JS interpreters.
137 | */
138 | function safe_add(x, y)
139 | {
140 | var lsw = (x & 0xFFFF) + (y & 0xFFFF);
141 | var msw = (x >> 16) + (y >> 16) + (lsw >> 16);
142 | return (msw << 16) | (lsw & 0xFFFF);
143 | }
144 |
145 | /*
146 | * Bitwise rotate a 32-bit number to the left.
147 | */
148 | function rol(num, cnt)
149 | {
150 | return (num << cnt) | (num >>> (32 - cnt));
151 | }
152 |
153 | /*
154 | * Convert an 8-bit or 16-bit string to an array of big-endian words
155 | * In 8-bit function, characters >255 have their hi-byte silently ignored.
156 | */
157 | function str2binb(str)
158 | {
159 | var bin = Array();
160 | var mask = (1 << chrsz) - 1;
161 | /* SC - Get rid of warnings */
162 | for(var i = 0; i < str.length * chrsz; i += chrsz)
163 | {
164 | if (bin[i>>5] != undefined)
165 | bin[i>>5] |= (str.charCodeAt(i / chrsz) & mask) << (32 - chrsz - i%32);
166 | else
167 | bin[i>>5] = (str.charCodeAt(i / chrsz) & mask) << (32 - chrsz - i%32);
168 | }
169 | /*for(var i = 0; i < str.length * chrsz; i += chrsz)
170 | bin[i>>5] |= (str.charCodeAt(i / chrsz) & mask) << (32 - chrsz - i%32);*/
171 | return bin;
172 | }
173 |
174 | /*
175 | * Convert an array of big-endian words to a string
176 | */
177 | function binb2str(bin)
178 | {
179 | var str = "";
180 | var mask = (1 << chrsz) - 1;
181 | for(var i = 0; i < bin.length * 32; i += chrsz)
182 | str += String.fromCharCode((bin[i>>5] >>> (32 - chrsz - i%32)) & mask);
183 | return str;
184 | }
185 |
186 | /*
187 | * Convert an array of big-endian words to a hex string.
188 | */
189 | function binb2hex(binarray)
190 | {
191 | var hex_tab = hexcase ? "0123456789ABCDEF" : "0123456789abcdef";
192 | var str = "";
193 | for(var i = 0; i < binarray.length * 4; i++)
194 | {
195 | str += hex_tab.charAt((binarray[i>>2] >> ((3 - i%4)*8+4)) & 0xF) +
196 | hex_tab.charAt((binarray[i>>2] >> ((3 - i%4)*8 )) & 0xF);
197 | }
198 | return str;
199 | }
200 |
201 | /*
202 | * Convert an array of big-endian words to a base-64 string
203 | */
204 | function binb2b64(binarray)
205 | {
206 | var tab = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
207 | var str = "";
208 | for(var i = 0; i < binarray.length * 4; i += 3)
209 | {
210 | /* SC - Get rid of warning */
211 | var b1 = binarray[i >> 2] != undefined ? ((binarray[i >> 2] >> 8 * (3 - i %4)) & 0xFF) << 16 : 0;
212 | var b2 = binarray[i+1 >> 2] != undefined ? ((binarray[i+1 >> 2] >> 8 * (3 - (i+1)%4)) & 0xFF) << 8 : 0;
213 | var b3 = binarray[i+2 >> 2] != undefined ? ((binarray[i+2 >> 2] >> 8 * (3 - (i+2)%4)) & 0xFF) : 0;
214 | var triplet = b1 | b2 | b3;
215 | /*var triplet = (((binarray[i >> 2] >> 8 * (3 - i %4)) & 0xFF) << 16)
216 | | (((binarray[i+1 >> 2] >> 8 * (3 - (i+1)%4)) & 0xFF) << 8 )
217 | | ((binarray[i+2 >> 2] >> 8 * (3 - (i+2)%4)) & 0xFF);*/
218 | for(var j = 0; j < 4; j++)
219 | {
220 | if(i * 8 + j * 6 > binarray.length * 32) str += b64pad;
221 | else str += tab.charAt((triplet >> 6*(3-j)) & 0x3F);
222 | }
223 | }
224 | return str;
225 | }
226 |
--------------------------------------------------------------------------------
/content/passhash-portable.js:
--------------------------------------------------------------------------------
1 | var browser = new Object();
2 | browser.version = parseInt(navigator.appVersion);
3 | browser.isNetscape = false;
4 | browser.isMicrosoft = false;
5 | if (navigator.appName.indexOf("Netscape") != -1)
6 | browser.isNetscape = true;
7 | else if (navigator.appName.indexOf("Microsoft") != -1)
8 | browser.isMicrosoft = true;
9 |
10 | var siteTagLast = '';
11 | var masterKeyLast = '';
12 |
13 | function onLoad()
14 | {
15 | if (browser.isMicrosoft)
16 | {
17 | document.getElementById('reveal').disabled = true;
18 | document.getElementById('reveal-text').disabled = true;
19 | }
20 | document.getElementById('site-tag').focus();
21 | setTimeout('checkChange()',1000);
22 | }
23 |
24 | function validate(form)
25 | {
26 | var siteTag = document.getElementById('site-tag');
27 | var masterKey = document.getElementById('master-key');
28 | if (!siteTag.value)
29 | {
30 | siteTag.focus();
31 | return false;
32 | }
33 | if (!masterKey.value)
34 | {
35 | masterKey.focus();
36 | return false;
37 | }
38 | return true;
39 | }
40 |
41 | function update()
42 | {
43 | var siteTag = document.getElementById('site-tag');
44 | var masterKey = document.getElementById('master-key');
45 | var hashWord = document.getElementById('hash-word');
46 | var submit = document.getElementById('submit');
47 | if (submit.value == 'Another')
48 | {
49 | siteTag.focus();
50 | submit.value = 'OK';
51 | hashWord.value = '';
52 | }
53 | else
54 | {
55 | //var hashapass = b64_hmac_sha1(masterKey.value, siteTag.value).substr(0,8);
56 | var hashWordSize = 8;
57 | var requireDigit = document.getElementById("digit").checked;
58 | var requirePunctuation = document.getElementById("punctuation").checked;
59 | var requireMixedCase = document.getElementById("mixedCase").checked;
60 | var restrictSpecial = document.getElementById("noSpecial").checked;
61 | var restrictDigits = document.getElementById("digitsOnly").checked;
62 | if (document.getElementById("s6" ).checked) hashWordSize = 6;
63 | else if (document.getElementById("s8" ).checked) hashWordSize = 8;
64 | else if (document.getElementById("s10").checked) hashWordSize = 10;
65 | else if (document.getElementById("s12").checked) hashWordSize = 12;
66 | else if (document.getElementById("s14").checked) hashWordSize = 14;
67 | else if (document.getElementById("s16").checked) hashWordSize = 16;
68 | else if (document.getElementById("s18").checked) hashWordSize = 18;
69 | else if (document.getElementById("s20").checked) hashWordSize = 20;
70 | else if (document.getElementById("s22").checked) hashWordSize = 22;
71 | else if (document.getElementById("s24").checked) hashWordSize = 24;
72 | else if (document.getElementById("s26").checked) hashWordSize = 26;
73 | hashWord.value = PassHashCommon.generateHashWord(
74 | siteTag.value,
75 | masterKey.value,
76 | hashWordSize,
77 | requireDigit,
78 | requirePunctuation,
79 | requireMixedCase,
80 | restrictSpecial,
81 | restrictDigits);
82 | hashWord.focus();
83 | submit.value = 'Another';
84 | }
85 | siteTagLast = siteTag.value;
86 | masterKeyLast = masterKey.value;
87 | }
88 |
89 | function onEnterField(fld, msg)
90 | {
91 | // Select the field
92 | try
93 | {
94 | fld.select();
95 | }
96 | catch (ex) {}
97 | // Set the prompt
98 | document.getElementById('prompt').innerHTML = msg;
99 | }
100 |
101 | function checkChange()
102 | {
103 | var siteTag = document.getElementById('site-tag');
104 | var masterKey = document.getElementById('master-key');
105 | var hashWord = document.getElementById('hash-word');
106 | if (siteTag.value != siteTagLast || masterKey.value != masterKeyLast)
107 | {
108 | hashWord.value = '';
109 | siteTagLast = siteTag.value;
110 | masterKeyLast = masterKey.value;
111 | }
112 | setTimeout('checkChange()', 1000);
113 | }
114 |
115 | function onEnterSubmitButton(fld)
116 | {
117 | if (fld.value == 'Another')
118 | onEnterField(fld, 'Start another hashword');
119 | else
120 | onEnterField(fld, 'Generate hashword');
121 | }
122 |
123 | function onLeaveField(fld)
124 | {
125 | // Remove the selection (is this the best way?)
126 | var v = fld.value;
127 | fld.value = '';
128 | fld.value = v;
129 | // Remove the prompt
130 | document.getElementById('prompt').innerHTML = '';
131 | }
132 |
133 | function onLeaveResultField(hashWord)
134 | {
135 | var submit = document.getElementById('submit');
136 | submit.value = 'OK';
137 | // hashWord.value = '';
138 | document.getElementById('prompt').innerHTML = '';
139 | }
140 |
141 | function onReveal(fld)
142 | {
143 | var masterKey = document.getElementById('master-key');
144 | try
145 | {
146 | if (fld.checked)
147 | masterKey.setAttribute("type", "");
148 | else
149 | masterKey.setAttribute("type", "password");
150 | } catch (ex) {}
151 | document.getElementById('master-key').focus();
152 | }
153 |
154 | function onNoSpecial(fld)
155 | {
156 | document.getElementById('punctuation').disabled = fld.checked;
157 | update();
158 | }
159 |
160 | function onDigitsOnly(fld)
161 | {
162 | document.getElementById('punctuation').disabled = fld.checked;
163 | document.getElementById("digit" ).disabled = fld.checked;
164 | document.getElementById("punctuation").disabled = fld.checked;
165 | document.getElementById("mixedCase" ).disabled = fld.checked;
166 | document.getElementById("noSpecial" ).disabled = fld.checked;
167 | update();
168 | }
169 |
170 | function onBump()
171 | {
172 | var siteTag = document.getElementById("site-tag");
173 | siteTag.value = PassHashCommon.bumpSiteTag(siteTag.value);
174 | update();
175 | }
176 |
177 | function onSelectSiteTag(fld)
178 | {
179 | var siteTag = document.getElementById('site-tag');
180 | siteTag.value = fld[fld.selectedIndex].text;
181 | var options = fld[fld.selectedIndex].value;
182 | document.getElementById("digit" ).checked = (options.search(/d/i) >= 0);
183 | document.getElementById("punctuation").checked = (options.search(/p/i) >= 0);
184 | document.getElementById("mixedCase" ).checked = (options.search(/m/i) >= 0);
185 | document.getElementById("noSpecial" ).checked = (options.search(/r/i) >= 0);
186 | document.getElementById("digitsOnly" ).checked = (options.search(/g/i) >= 0);
187 | document.getElementById('punctuation').disabled = (options.search(/[rg]/i) >= 0);
188 | document.getElementById("digit" ).disabled = (options.search(/g/i) >= 0);
189 | document.getElementById("punctuation").disabled = (options.search(/g/i) >= 0);
190 | document.getElementById("mixedCase" ).disabled = (options.search(/g/i) >= 0);
191 | document.getElementById("noSpecial" ).disabled = (options.search(/g/i) >= 0);
192 | var sizeMatch = options.match(/[0-9]+/);
193 | var hashWordSize = (sizeMatch != null && sizeMatch.length > 0
194 | ? parseInt(sizeMatch[0])
195 | : 8);
196 | document.getElementById("s6" ).checked = (hashWordSize == 6 );
197 | document.getElementById("s8" ).checked = (hashWordSize == 8 );
198 | document.getElementById("s10").checked = (hashWordSize == 10);
199 | document.getElementById("s12").checked = (hashWordSize == 12);
200 | document.getElementById("s14").checked = (hashWordSize == 14);
201 | document.getElementById("s16").checked = (hashWordSize == 16);
202 | document.getElementById("s18").checked = (hashWordSize == 18);
203 | document.getElementById("s20").checked = (hashWordSize == 20);
204 | document.getElementById("s22").checked = (hashWordSize == 22);
205 | document.getElementById("s24").checked = (hashWordSize == 24);
206 | document.getElementById("s26").checked = (hashWordSize == 26);
207 | if (validate())
208 | update();
209 | }
210 |
211 | function onLeaveSelectSiteTag(fld)
212 | {
213 | // Remove the prompt
214 | document.getElementById('prompt').innerHTML = '';
215 | }
216 |
--------------------------------------------------------------------------------
/content/passhash-options.xul:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
7 |
268 |
--------------------------------------------------------------------------------
/content/passhash-overlay.js:
--------------------------------------------------------------------------------
1 | /* ***** BEGIN LICENSE BLOCK *****
2 | * Version: MPL 1.1/GPL 2.0/LGPL 2.1
3 | *
4 | * The contents of this file are subject to the Mozilla Public License Version
5 | * 1.1 (the "License"); you may not use this file except in compliance with
6 | * the License. You may obtain a copy of the License at
7 | * http://www.mozilla.org/MPL/
8 | *
9 | * Software distributed under the License is distributed on an "AS IS" basis,
10 | * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
11 | * for the specific language governing rights and limitations under the
12 | * License.
13 | *
14 | * The Original Code is Password Hasher
15 | *
16 | * The Initial Developer of the Original Code is Steve Cooper.
17 | * Portions created by the Initial Developer are Copyright (C) 2006
18 | * the Initial Developer. All Rights Reserved.
19 | *
20 | * Contributor(s): (none)
21 | *
22 | * Alternatively, the contents of this file may be used under the terms of
23 | * either the GNU General Public License Version 2 or later (the "GPL"), or
24 | * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
25 | * in which case the provisions of the GPL or the LGPL are applicable instead
26 | * of those above. If you wish to allow use of your version of this file only
27 | * under the terms of either the GPL or the LGPL, and not to allow others to
28 | * use your version of this file under the terms of the MPL, indicate your
29 | * decision by deleting the provisions above and replace them with the notice
30 | * and other provisions required by the GPL or the LGPL. If you do not delete
31 | * the provisions above, a recipient may use your version of this file under
32 | * the terms of any one of the MPL, the GPL or the LGPL.
33 | *
34 | * ***** END LICENSE BLOCK ***** */
35 |
36 | // Some marker management code was dapted from informenter extension code
37 | // informenter URL: http://informenter.mozdev.org/
38 |
39 | var PassHash =
40 | {
41 | markerNumber: 1,
42 | options: null,
43 |
44 | onLoad: function()
45 | {
46 | this.options = PassHashCommon.loadOptions();
47 | document.getElementById("contentAreaContextMenu").
48 | addEventListener("popupshowing", this.onContextMenuUpdate, false);
49 | this.markerNumber = 1;
50 | window.onclick = this.checkMarkerClick;
51 | if (this.options.showMarker || this.options.unmaskMarker)
52 | this.addMarkers(window.content, this.options.showMarker, this.options.unmaskMarker);
53 | // Override the default shortcut key?
54 | if (this.options.shortcutKeyCode && this.options.shortcutKeyMods)
55 | {
56 | var elementKey = document.getElementById("key_passhash");
57 | if (this.options.shortcutKeyCode.substr(0, 3) == "VK_")
58 | {
59 | elementKey.removeAttribute("key");
60 | elementKey.setAttribute("keycode", this.options.shortcutKeyCode);
61 | }
62 | else
63 | {
64 | elementKey.removeAttribute("keycode");
65 | elementKey.setAttribute("key", this.options.shortcutKeyCode);
66 | }
67 | elementKey.setAttribute("modifiers", this.options.shortcutKeyMods);
68 | }
69 | },
70 |
71 | getTextNode: function()
72 | {
73 | var node = document.commandDispatcher.focusedElement;
74 | if (node != null && PassHashCommon.isTextNode(node) && !node.disabled && !node.readOnly)
75 | return node;
76 | return null;
77 | },
78 |
79 | onInvokeDialog: function()
80 | {
81 | var textNode = this.getTextNode();
82 | if (textNode != null)
83 | this.invokeDialog(textNode);
84 | },
85 |
86 | onContextMenuUpdate: function()
87 | {
88 | document.getElementById("contextmenu_passhash")
89 | .setAttribute("hidden", !gContextMenu.onTextInput);
90 | },
91 |
92 | addMarkers: function(windowCurrent, dialogButton, unmaskButton)
93 | {
94 | var inputs = windowCurrent.document.getElementsByTagName("input");
95 |
96 | for (var i = 0; i < inputs.length; i++)
97 | {
98 | var type = inputs[i].getAttribute("type");
99 | if (type == "password" && !inputs[i].hasAttribute("phNoMarkers"))
100 | this.attachMarkers(windowCurrent.document, inputs[i], dialogButton, unmaskButton);
101 | }
102 |
103 | /* Recursively process subframes */
104 | for (i = 0; i < windowCurrent.frames.length; i++)
105 | this.addMarkers(windowCurrent.frames[i]);
106 | },
107 |
108 | attachMarkers: function(doc, field, dialogButton, unmaskButton)
109 | {
110 | // Prevent reprocessing this field
111 | field.setAttribute("phNoMarkers", true);
112 | if (unmaskButton || dialogButton)
113 | {
114 | var tableNode = doc.createElement("TABLE");
115 | tableNode.setAttribute("style", "width: 30px;"
116 | + "margin: 0;"
117 | + "padding: 0");
118 | field.parentNode.insertBefore(tableNode, field.nextSibling);
119 | var trNode = doc.createElement("TR");
120 | trNode.setAttribute("style", "margin: 0;"
121 | + "padding: 0")
122 | var name = field.getAttribute("name");
123 | tableNode.appendChild(trNode);
124 | if (dialogButton)
125 | this.createMarkerCell(doc, trNode, name, "marker", "passhashMarkerTip");
126 | if (unmaskButton)
127 | this.createMarkerCell(doc, trNode, name, "unmask", "passhashUnmaskTip");
128 | // The line break avoids some overlapping problems on certain sites
129 | var brNode = doc.createElement("BR");
130 | field.parentNode.insertBefore(brNode, tableNode);
131 | }
132 | this.markerNumber++;
133 | },
134 |
135 | createMarkerCell: function(doc, trNode, name, tag, tip)
136 | {
137 | var tdNode = doc.createElement("TD");
138 | PassHash.setMarkerStyle(tdNode, false);
139 | var id = name + "_passhash_" + tag + "_" + this.markerNumber;
140 | tdNode.setAttribute("id", id);
141 | tdNode.setAttribute("class", "passhash_marker");
142 | tdNode.setAttribute("title", document.getElementById("passhash_strings").getString(tip));
143 | tdNode.textContent = (tag == "unmask" ? "*" : "#");
144 | trNode.appendChild(tdNode);
145 | },
146 |
147 | checkMarkerClick: function(event)
148 | {
149 | // Looking for a left-click and one of our markers
150 | if (event.button == 0 && PassHash.isMarker(event.target, ""))
151 | {
152 | var textNode = PassHash.getMarkerTarget(event.target);
153 | if (textNode != null)
154 | {
155 | // Dialog marker?
156 | if (PassHash.isMarker(event.target, "marker"))
157 | {
158 | PassHash.invokeDialog(textNode);
159 | return false; // handled
160 | }
161 | // Unmask marker?
162 | else if (PassHash.isMarker(event.target, "unmask"))
163 | {
164 | PassHash.toggleMask(textNode);
165 | return false; // handled
166 | }
167 | }
168 | }
169 | return true; // Not handled
170 | },
171 |
172 | isMarker: function(node, tag)
173 | {
174 | try
175 | {
176 | var name = node.localName.toUpperCase();
177 | return (name == "TD" && node.id.toString().indexOf("_passhash_"+tag) >= 0)
178 | }
179 | catch(e) {}
180 | return false;
181 | },
182 |
183 | setMarkerStyle: function(node, clicked)
184 | {
185 | var bgColor = (clicked ? "#a0d0a0" : "#eeffee");
186 | node.setAttribute("style", "border: thin solid #80c080;"
187 | + "background-color: " + bgColor + ";"
188 | + "margin: 0 1px;"
189 | + "padding: 0;"
190 | + "font: 12px serif;"
191 | + "color: #609060;"
192 | + "cursor: pointer;"
193 | + "min-width: 12px;"
194 | + "text-align: center;"
195 | + "vertical-align: middle;");
196 | },
197 |
198 | // Markers are a TD - child of TR - child of TABLE - sibling of INPUT + BR
199 | getMarkerTarget: function(node)
200 | {
201 | var foundNode = null;
202 | try
203 | {
204 | var checkNode = node.parentNode.parentNode.previousSibling.previousSibling;
205 | if (PassHashCommon.isTextNode(checkNode))
206 | foundNode = checkNode;
207 | }
208 | catch(e) {}
209 | return foundNode;
210 | },
211 |
212 | // Markers are a TD - child of TR - child of TABLE - sibling of INPUT + BR
213 | getTargetMarker: function(node, tag)
214 | {
215 | var foundNode = null;
216 | try
217 | {
218 | // Expect marker nodes to all immediately follow the BR after the input field.
219 | var checkNode = node.nextSibling.nextSibling.firstChild.firstChild;
220 | if (PassHash.isMarker(checkNode, tag))
221 | foundNode = checkNode;
222 | else if (PassHash.isMarker(checkNode.nextSibling, tag))
223 | foundNode = checkNode.nextSibling;
224 | }
225 | catch(e) {}
226 | return foundNode;
227 | },
228 |
229 | invokeDialog: function(textNode)
230 | {
231 | var marker = PassHash.getTargetMarker(textNode, "marker");
232 | if (marker != null)
233 | PassHash.setMarkerStyle(marker, true);
234 | textNode.disabled = true;
235 | var params = {input: content.document.location, output: null};
236 | window.openDialog("chrome://passhash/content/passhash-dialog.xul", "dlg",
237 | "modal,centerscreen", params);
238 | textNode.disabled = false;
239 | if (marker != null)
240 | PassHash.setMarkerStyle(marker, false);
241 | var hashapass = params.output;
242 | if (hashapass)
243 | {
244 | textNode.value = hashapass;
245 | textNode.focus();
246 | textNode.select();
247 | }
248 | else
249 | textNode.focus();
250 | },
251 |
252 | toggleMask: function(textNode)
253 | {
254 | var marker = PassHash.getTargetMarker(textNode, "unmask");
255 | if (textNode.type == "password")
256 | {
257 | if (marker != null)
258 | PassHash.setMarkerStyle(marker, true);
259 | textNode.setAttribute("type", "");
260 | textNode.setAttribute("phUnmasked", "true");
261 | }
262 | else
263 | {
264 | if (marker != null)
265 | PassHash.setMarkerStyle(marker, false);
266 | textNode.setAttribute("type", "password");
267 | textNode.setAttribute("phUnmasked", "false");
268 | }
269 | }
270 | };
271 |
272 | window.addEventListener("load", function(e) { PassHash.onLoad(e); }, true);
273 | window.addEventListener("focus", function(e) { PassHash.onLoad(e); }, true);
274 |
--------------------------------------------------------------------------------
/content/passhash-options.js:
--------------------------------------------------------------------------------
1 | /* ***** BEGIN LICENSE BLOCK *****
2 | * Version: MPL 1.1/GPL 2.0/LGPL 2.1
3 | *
4 | * The contents of this file are subject to the Mozilla Public License Version
5 | * 1.1 (the "License"); you may not use this file except in compliance with
6 | * the License. You may obtain a copy of the License at
7 | * http://www.mozilla.org/MPL/
8 | *
9 | * Software distributed under the License is distributed on an "AS IS" basis,
10 | * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
11 | * for the specific language governing rights and limitations under the
12 | * License.
13 | *
14 | * The Original Code is Password Hasher
15 | *
16 | * The Initial Developer of the Original Code is Steve Cooper.
17 | * Portions created by the Initial Developer are Copyright (C) 2006
18 | * the Initial Developer. All Rights Reserved.
19 | *
20 | * Contributor(s): (none)
21 | *
22 | * Alternatively, the contents of this file may be used under the terms of
23 | * either the GNU General Public License Version 2 or later (the "GPL"), or
24 | * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
25 | * in which case the provisions of the GPL or the LGPL are applicable instead
26 | * of those above. If you wish to allow use of your version of this file only
27 | * under the terms of either the GPL or the LGPL, and not to allow others to
28 | * use your version of this file under the terms of the MPL, indicate your
29 | * decision by deleting the provisions above and replace them with the notice
30 | * and other provisions required by the GPL or the LGPL. If you do not delete
31 | * the provisions above, a recipient may use your version of this file under
32 | * the terms of any one of the MPL, the GPL or the LGPL.
33 | *
34 | * ***** END LICENSE BLOCK ***** */
35 |
36 | // Password manager enumeration code "borrowed" from the password_exporter extension,
37 | // written by Justin Scott.
38 |
39 | var PassHashOptions =
40 | {
41 | notesHidden: true,
42 |
43 | onLoad: function()
44 | {
45 | var opts = PassHashCommon.loadOptions();
46 | document.getElementById("pshOpt_security").selectedItem =
47 | this.getSecurityRadio(opts.securityLevel);
48 | document.getElementById("pshOpt_guessSiteTag" ).checked = opts.guessSiteTag;
49 | document.getElementById("pshOpt_rememberSiteTag" ).checked = opts.rememberSiteTag;
50 | document.getElementById("pshOpt_rememberMasterKey" ).checked = opts.rememberMasterKey;
51 | document.getElementById("pshOpt_revealSiteTag" ).checked = opts.revealSiteTag;
52 | document.getElementById("pshOpt_revealHashWord" ).checked = opts.revealHashWord;
53 | document.getElementById("pshOpt_showMarker" ).checked = opts.showMarker;
54 | document.getElementById("pshOpt_unmaskMarker" ).checked = opts.unmaskMarker;
55 | document.getElementById("pshOpt_guessFullDomain" ).checked = opts.guessFullDomain;
56 | document.getElementById("pshOpt_digitDefault" ).checked = opts.digitDefault;
57 | document.getElementById("pshOpt_punctuationDefault" ).checked = opts.punctuationDefault;
58 | document.getElementById("pshOpt_mixedCaseDefault" ).checked = opts.mixedCaseDefault;
59 | document.getElementById("pshOpt_hashWordSizeDefault").selectedItem =
60 | this.getHashWordSizeDefaultRadio(opts.hashWordSizeDefault);
61 | PassHashOptions.applySecurityLevel();
62 | document.getElementById("pshOpt_security").
63 | addEventListener("RadioStateChange", this.onSecurityLevel, false);
64 | // Show the notes the first time. Start with them hidden otherwise.
65 | if (opts.firstTime)
66 | this.notesHidden = true;
67 | this.updateNotesVisibility();
68 | },
69 |
70 | onAccept: function()
71 | {
72 | var opts = PassHashCommon.createOptions();
73 | opts.securityLevel = PassHashOptions.readSecurityLevel();
74 | opts.guessSiteTag = document.getElementById("pshOpt_guessSiteTag" ).checked;
75 | opts.rememberSiteTag = document.getElementById("pshOpt_rememberSiteTag" ).checked;
76 | opts.rememberMasterKey = document.getElementById("pshOpt_rememberMasterKey" ).checked;
77 | opts.revealSiteTag = document.getElementById("pshOpt_revealSiteTag" ).checked;
78 | opts.revealHashWord = document.getElementById("pshOpt_revealHashWord" ).checked;
79 | opts.guessFullDomain = document.getElementById("pshOpt_guessFullDomain" ).checked;
80 | opts.showMarker = document.getElementById("pshOpt_showMarker" ).checked;
81 | opts.unmaskMarker = document.getElementById("pshOpt_unmaskMarker" ).checked;
82 | opts.digitDefault = document.getElementById("pshOpt_digitDefault" ).checked;
83 | opts.punctuationDefault = document.getElementById("pshOpt_punctuationDefault").checked;
84 | opts.mixedCaseDefault = document.getElementById("pshOpt_mixedCaseDefault" ).checked;
85 | opts.hashWordSizeDefault = PassHashOptions.readHashWordSizeDefault();
86 | PassHashCommon.saveOptions(opts);
87 | },
88 |
89 | onDisclosure: function()
90 | {
91 | this.notesHidden = !this.notesHidden;
92 | this.updateNotesVisibility();
93 | },
94 |
95 | onShowPortable: function()
96 | {
97 | try
98 | {
99 | var entries = PassHashCommon.getSavedEntries();
100 | var fileIn = PassHashCommon.getResourceFile("chrome://passhash/content/passhash-portable.html");
101 | var fileOut = PassHashCommon.pickHTMLFile("passhashShowPortableTitle", "passhash.html");
102 | if (fileIn == null || fileOut == null)
103 | return;
104 |
105 | var streamIn = PassHashCommon.openInputFile(fileIn);
106 | var streamOut = PassHashCommon.openOutputFile(fileOut);
107 |
108 | // Copy input to output stream, inject the following items:
109 | // - site tag option list
110 | // - included resources marked by lines (whole line)
111 | // - localized string substitutions marked by ${tag}
112 | var fillSiteTagList = false;
113 | var more = true;
114 | while (more)
115 | {
116 | var line = {};
117 | more = streamIn.readLine(line);
118 |
119 | // Found the control for the site tag list?
120 | if (!fillSiteTagList && line.value.search(/= 0)
121 | fillSiteTagList = true;
122 | PassHashCommon.streamWriteExpandedLine(streamOut, line.value);
123 |
124 | // Inject site tag option list after finding select element body.
125 | if (fillSiteTagList && line.value.search(/>/) >= 0)
126 | {
127 | PassHashCommon.streamWriteLine(streamOut, "");
128 | for (var i = 0; i < entries.length; i++)
129 | if (entries[i].siteTag)
130 | PassHashCommon.streamWriteLine(streamOut,
131 | "" +
132 | entries[i].siteTag +
133 | "");
134 | fillSiteTagList = false;
135 | }
136 |
137 | // Append contents of other resource, e.g.
138 | var re = //g;
139 | var match;
140 | while ((matches = re.exec(line.value)) != null)
141 | {
142 | var uri = "chrome://passhash/" + matches[1] + "/" + matches[2];
143 | var fileIn2 = PassHashCommon.getResourceFile(uri);
144 | if (fileIn2 != null)
145 | {
146 | var streamIn2 = PassHashCommon.openInputFile(fileIn2);
147 | var line2 = {}, more2;
148 | do
149 | {
150 | more2 = streamIn2.readLine(line2);
151 | PassHashCommon.streamWriteExpandedLine(streamOut, line2.value);
152 | }
153 | while (more2);
154 | }
155 | }
156 | }
157 |
158 | streamIn.close();
159 | streamOut.close();
160 |
161 | PassHashCommon.browseFile(fileOut, "tab");
162 | }
163 | catch (ex)
164 | {
165 | alert("Error creating Portable Page:\n" + ex);
166 | }
167 | },
168 |
169 | updateNotesVisibility: function()
170 | {
171 | document.getElementById("pshOpt_notes").hidden = this.notesHidden;
172 | var strName = (this.notesHidden ? "passhashDisclosureLabel1" : "passhashDisclosureLabel2");
173 | var label = document.getElementById("pshOpt_strings").getString(strName);
174 | document.documentElement.getButton("disclosure").label = label;
175 | window.sizeToContent();
176 | },
177 |
178 | readSecurityLevel: function()
179 | {
180 | var secbtn = document.getElementById("pshOpt_security").selectedItem;
181 | return (secbtn != null ? parseInt(secbtn.value) : 2);
182 | },
183 |
184 | getSecurityRadio: function(securityLevel)
185 | {
186 | return document.getElementById("pshOpt_security" + securityLevel);
187 | },
188 |
189 | onSecurityLevel: function(event)
190 | {
191 | PassHashOptions.applySecurityLevel();
192 | },
193 |
194 | applySecurityLevel: function()
195 | {
196 | var securityLevel = PassHashOptions.readSecurityLevel();
197 | document.getElementById("pshOpt_guessSiteTag" ).disabled = true;
198 | document.getElementById("pshOpt_rememberSiteTag" ).disabled = true;
199 | document.getElementById("pshOpt_rememberMasterKey").disabled = true;
200 | document.getElementById("pshOpt_revealSiteTag" ).disabled = true;
201 | document.getElementById("pshOpt_revealHashWord" ).disabled = true;
202 | switch (securityLevel)
203 | {
204 | case 1:
205 | document.getElementById("pshOpt_guessSiteTag" ).checked = true;
206 | document.getElementById("pshOpt_rememberSiteTag" ).checked = true;
207 | document.getElementById("pshOpt_rememberMasterKey").checked = true;
208 | document.getElementById("pshOpt_revealSiteTag" ).checked = true;
209 | document.getElementById("pshOpt_revealHashWord" ).checked = true;
210 | break;
211 | case 3:
212 | document.getElementById("pshOpt_guessSiteTag" ).checked = false;
213 | document.getElementById("pshOpt_rememberSiteTag" ).checked = false;
214 | document.getElementById("pshOpt_rememberMasterKey").checked = false;
215 | document.getElementById("pshOpt_revealSiteTag" ).checked = false;
216 | document.getElementById("pshOpt_revealHashWord" ).checked = false;
217 | break;
218 | case 4:
219 | document.getElementById("pshOpt_guessSiteTag" ).disabled = false;
220 | document.getElementById("pshOpt_rememberSiteTag" ).disabled = false;
221 | document.getElementById("pshOpt_rememberMasterKey").disabled = false;
222 | document.getElementById("pshOpt_revealSiteTag" ).disabled = false;
223 | document.getElementById("pshOpt_revealHashWord" ).disabled = false;
224 | break;
225 | case 2:
226 | default:
227 | document.getElementById("pshOpt_guessSiteTag" ).checked = true;
228 | document.getElementById("pshOpt_rememberSiteTag" ).checked = true;
229 | document.getElementById("pshOpt_rememberMasterKey").checked = false;
230 | document.getElementById("pshOpt_revealSiteTag" ).checked = true;
231 | document.getElementById("pshOpt_revealHashWord" ).checked = false;
232 | break;
233 | }
234 | },
235 |
236 | readHashWordSizeDefault: function()
237 | {
238 | var btn = document.getElementById("pshOpt_hashWordSizeDefault").selectedItem;
239 | return (btn != null ? parseInt(btn.value) : 8);
240 | },
241 |
242 | getHashWordSizeDefaultRadio: function(n)
243 | {
244 | return document.getElementById("pshOpt_hashWordSizeDefault" + n);
245 | }
246 | }
247 |
--------------------------------------------------------------------------------
/content/passhash-dialog.xul:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
7 |
382 |
--------------------------------------------------------------------------------
/content/passhash-portable.html:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 | ${passhashPortableTitle}
7 |
8 |
9 |
12 |
13 |
16 |
17 |
20 |
21 |
24 |
25 |
26 |
27 |
28 |
29 |
299 |
300 |
301 |
302 |
--------------------------------------------------------------------------------
/content/passhash-dialog.js:
--------------------------------------------------------------------------------
1 | /* ***** BEGIN LICENSE BLOCK *****
2 | * Version: MPL 1.1/GPL 2.0/LGPL 2.1
3 | *
4 | * The contents of this file are subject to the Mozilla Public License Version
5 | * 1.1 (the "License"); you may not use this file except in compliance with
6 | * the License. You may obtain a copy of the License at
7 | * http://www.mozilla.org/MPL/
8 | *
9 | * Software distributed under the License is distributed on an "AS IS" basis,
10 | * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
11 | * for the specific language governing rights and limitations under the
12 | * License.
13 | *
14 | * The Original Code is Password Hasher
15 | *
16 | * The Initial Developer of the Original Code is Steve Cooper.
17 | * Portions created by the Initial Developer are Copyright (C) 2006
18 | * the Initial Developer. All Rights Reserved.
19 | *
20 | * Contributor(s): (none)
21 | *
22 | * Alternatively, the contents of this file may be used under the terms of
23 | * either the GNU General Public License Version 2 or later (the "GPL"), or
24 | * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
25 | * in which case the provisions of the GPL or the LGPL are applicable instead
26 | * of those above. If you wish to allow use of your version of this file only
27 | * under the terms of either the GPL or the LGPL, and not to allow others to
28 | * use your version of this file under the terms of the MPL, indicate your
29 | * decision by deleting the provisions above and replace them with the notice
30 | * and other provisions required by the GPL or the LGPL. If you do not delete
31 | * the provisions above, a recipient may use your version of this file under
32 | * the terms of any one of the MPL, the GPL or the LGPL.
33 | *
34 | * ***** END LICENSE BLOCK ***** */
35 |
36 | var PassHash =
37 | {
38 | // These variables track whether or not dialog regions are hidden.
39 | optionsHidden: true,
40 | notesHidden: true,
41 |
42 | // These variables are initialized to preference defaults and some are kept
43 | // in sync with control state, as appropriate.
44 | guessSiteTag: null,
45 | rememberSiteTag: null,
46 | rememberMasterKey: null,
47 | revealSiteTag: null,
48 | revealHashWord: null,
49 | guessFullDomain: null,
50 | requireDigit: null,
51 | requirePunctuation: null,
52 | requireMixedCase: null,
53 | restrictSpecial: null,
54 | restrictDigits: null,
55 | hashWordSize: null,
56 |
57 | onLoad: function()
58 | {
59 | var ctlSiteTag = document.getElementById("site-tag");
60 | var ctlMasterKey = document.getElementById("master-key");
61 | var ctlRequireDigit = document.getElementById("digit");
62 | var ctlRequirePunctuation = document.getElementById("punctuation");
63 | var ctlRequireMixedCase = document.getElementById("mixedCase");
64 | var ctlRestrictSpecial = document.getElementById("noSpecial");
65 | var ctlRestrictDigits = document.getElementById("digitsOnly");
66 | var ctlHashWordSize = document.getElementById("hashWordSize");
67 |
68 | var prefs = PassHashCommon.loadOptions();
69 | this.guessSiteTag = prefs.guessSiteTag;
70 | this.rememberSiteTag = prefs.rememberSiteTag;
71 | this.rememberMasterKey = prefs.rememberMasterKey;
72 | this.revealSiteTag = prefs.revealSiteTag;
73 | this.revealHashWord = prefs.revealHashWord;
74 | this.guessFullDomain = prefs.guessFullDomain;
75 | this.requireDigit = prefs.digitDefault;
76 | this.requirePunctuation = prefs.punctuationDefault;
77 | this.requireMixedCase = prefs.mixedCaseDefault;
78 | this.restrictSpecial = false;
79 | this.restrictDigits = false;
80 | this.hashWordSize = prefs.hashWordSizeDefault;
81 |
82 | this.onUnmask();
83 |
84 | var defaultSiteTag = "";
85 | var domain = PassHashCommon.getDomain(window.arguments[0].input);
86 | var defaultSiteTag = "";
87 | if (this.guessSiteTag && domain != null)
88 | defaultSiteTag = (this.guessFullDomain ? domain : domain.split(".")[0]);
89 | ctlSiteTag.value = PassHashCommon.loadSecureValue(
90 | this.rememberSiteTag,
91 | "site-tag",
92 | domain,
93 | defaultSiteTag);
94 | ctlMasterKey.value = PassHashCommon.loadSecureValue(
95 | this.rememberMasterKey,
96 | "master-key",
97 | domain,
98 | "");
99 |
100 | // Assume if there's a master key present without an options string
101 | // that we're on a site that was last accessed under an older version
102 | // of this extension, i.e. before hash word options were supported. If
103 | // so, force it to start with cleared options for backward
104 | // compatibility. Otherwise use the preferences as the default.
105 | var strDefOptions = (ctlMasterKey.value ? "" : this.getOptionString());
106 | var strOptions2 = PassHashCommon.loadSecureValue(true, "options", domain, strDefOptions);
107 | this.parseOptionString(strOptions2);
108 | // This is the only time we write to the option controls. Otherwise we
109 | // just react to their state changes.
110 | ctlRequireDigit.checked = this.requireDigit;
111 | ctlRequirePunctuation.checked = this.requirePunctuation;
112 | ctlRequireMixedCase.checked = this.requireMixedCase;
113 | ctlRestrictSpecial.checked = this.restrictSpecial;
114 | ctlRestrictDigits.checked = this.restrictDigits;
115 | this.updateCheckboxes();
116 |
117 | var btn = document.getElementById("hashWordSize"+this.hashWordSize);
118 | // Protect against bad saved hashWordSize value.
119 | if (btn == null)
120 | {
121 | btn = document.getElementById("hashWordSize8");
122 | this.hashWordSize = 8;
123 | }
124 | ctlHashWordSize.selectedItem = btn;
125 |
126 | this.updateOptionsVisibility(); // Hide the options
127 | this.updateNotesVisibility(); // Hide the notes
128 |
129 | if (ctlSiteTag.value)
130 | {
131 | ctlMasterKey.select();
132 | ctlMasterKey.focus();
133 | }
134 | else
135 | {
136 | ctlSiteTag.select();
137 | ctlSiteTag.focus();
138 | }
139 |
140 | this.updateHashWord();
141 | },
142 |
143 | onAccept: function()
144 | {
145 | if (this.update())
146 | {
147 | var domain = PassHashCommon.getDomain(window.arguments[0].input);
148 | PassHashCommon.saveSecureValue(
149 | this.rememberSiteTag,
150 | "site-tag",
151 | domain,
152 | document.getElementById("site-tag").value);
153 | PassHashCommon.saveSecureValue(
154 | this.rememberMasterKey,
155 | "master-key",
156 | domain,
157 | document.getElementById("master-key").value);
158 | var strOptions = this.getOptionString();
159 | PassHashCommon.saveSecureValue(true, "options", domain, strOptions);
160 | window.arguments[0].output = document.getElementById("hash-word" ).value;
161 | return true;
162 | }
163 | return false;
164 | },
165 |
166 | onOptions: function()
167 | {
168 | this.optionsHidden = !this.optionsHidden;
169 | this.updateOptionsVisibility();
170 | },
171 |
172 | onDisclosure: function()
173 | {
174 | this.notesHidden = !this.notesHidden;
175 | this.updateNotesVisibility();
176 | },
177 |
178 | updateOptionsVisibility: function()
179 | {
180 | document.getElementById("options-box").hidden = this.optionsHidden;
181 | var strName = (this.optionsHidden ? "passhashOptionsLabel1" : "passhashOptionsLabel2");
182 | var label = document.getElementById("passhash_strings").getString(strName);
183 | document.getElementById("options").label = label;
184 | window.sizeToContent();
185 | },
186 |
187 | updateNotesVisibility: function()
188 | {
189 | document.getElementById("notes").hidden = this.notesHidden;
190 | var strName = (this.notesHidden ? "passhashDisclosureLabel1" : "passhashDisclosureLabel2");
191 | var label = document.getElementById("passhash_strings").getString(strName);
192 | document.documentElement.getButton("disclosure").label = label;
193 | window.sizeToContent();
194 | },
195 |
196 | onUnmask: function()
197 | {
198 | var ctlSiteTag = document.getElementById("site-tag");
199 | var ctlMasterKey = document.getElementById("master-key");
200 | var ctlHashWord = document.getElementById("hash-word");
201 | if (document.getElementById("unmask").checked)
202 | {
203 | ctlSiteTag .setAttribute("type", "");
204 | ctlMasterKey.setAttribute("type", "");
205 | ctlHashWord .setAttribute("type", "");
206 | }
207 | else
208 | {
209 | ctlSiteTag .setAttribute("type", this.revealSiteTag ? "" : "password");
210 | ctlMasterKey.setAttribute("type", "password");
211 | ctlHashWord .setAttribute("type", this.revealHashWord ? "" : "password");
212 | }
213 | this.update();
214 | },
215 |
216 | onBlurSiteTag: function()
217 | {
218 | var ctlSiteTag = document.getElementById("site-tag");
219 | ctlSiteTag.value = ctlSiteTag.value.replace(/^[ \t]*(.*)[ \t]*$/, "$1");
220 | },
221 |
222 | onBumpSiteTag: function()
223 | {
224 | var ctlSiteTag = document.getElementById("site-tag");
225 | ctlSiteTag.value = PassHashCommon.bumpSiteTag(ctlSiteTag.value);
226 | this.update();
227 | },
228 |
229 | // Generate hash word if possible
230 | // Returns:
231 | // 0 = Hash word ok, but unchanged
232 | // 1 = Site tag bad or missing
233 | // 2 = Master key bad or missing
234 | // 3 = Hash word successfully generated
235 | updateHashWord: function()
236 | {
237 | var ctlSiteTag = document.getElementById("site-tag" );
238 | var ctlMasterKey = document.getElementById("master-key");
239 | var ctlHashWord = document.getElementById("hash-word" );
240 | if (!ctlSiteTag.value)
241 | return 1;
242 | if (!ctlMasterKey.value)
243 | return 2;
244 | // Change the hash word and determine whether or not it was modified.
245 | var hashWordOrig = ctlHashWord.value;
246 | ctlHashWord.value = PassHashCommon.generateHashWord(
247 | ctlSiteTag.value,
248 | ctlMasterKey.value,
249 | this.hashWordSize,
250 | this.requireDigit,
251 | this.requirePunctuation,
252 | this.requireMixedCase,
253 | this.restrictSpecial,
254 | this.restrictDigits);
255 | if (ctlHashWord.value != hashWordOrig)
256 | return 3; // It was modified
257 | return 0; // It was not modified
258 | },
259 |
260 | onRequireDigitChanged: function()
261 | {
262 | this.requireDigit = document.getElementById("digit").checked;
263 | this.update();
264 | },
265 |
266 | onRequirePunctuationChanged: function()
267 | {
268 | this.requirePunctuation = document.getElementById("punctuation").checked;
269 | this.update();
270 | },
271 |
272 | onRequireMixedCaseChanged: function()
273 | {
274 | this.requireMixedCase = document.getElementById("mixedCase").checked;
275 | this.update();
276 | },
277 |
278 | onRestrictSpecialChanged: function()
279 | {
280 | this.restrictSpecial = document.getElementById("noSpecial").checked;
281 | this.update();
282 | },
283 |
284 | onRestrictDigitsChanged: function()
285 | {
286 | this.restrictDigits = document.getElementById("digitsOnly").checked;
287 | this.update();
288 | },
289 |
290 | onHashWordSizeChanged: function()
291 | {
292 | this.hashWordSize = document.getElementById("hashWordSize").selectedItem.value;
293 | this.update();
294 | },
295 |
296 | updateCheckboxes: function()
297 | {
298 | document.getElementById("digit").disabled =
299 | this.restrictDigits;
300 | document.getElementById("punctuation").disabled =
301 | (this.restrictSpecial || this.restrictDigits);
302 | document.getElementById("mixedCase").disabled =
303 | this.restrictDigits;
304 | document.getElementById("noSpecial").disabled =
305 | this.restrictDigits;
306 | document.getElementById("digitsOnly").disabled =
307 | false; // Can always add digits-only as a further restriction
308 | },
309 |
310 | // Determines where to focus and generates the hash word when adequate
311 | // information is available.
312 | update: function()
313 | {
314 | this.updateCheckboxes()
315 | switch (this.updateHashWord())
316 | {
317 | case 1:
318 | document.getElementById("site-tag").focus();
319 | return false;
320 | case 2:
321 | document.getElementById("master-key").focus();
322 | return false;
323 | case 3:
324 | document.documentElement.getButton("accept").focus();
325 | return false;
326 | }
327 | document.documentElement.getButton("accept").focus();
328 | return true;
329 | },
330 |
331 | parseOptionString: function(s)
332 | {
333 | this.requireDigit = (s.search(/d/i) >= 0);
334 | this.requirePunctuation = (s.search(/p/i) >= 0);
335 | this.requireMixedCase = (s.search(/m/i) >= 0);
336 | this.restrictSpecial = (s.search(/r/i) >= 0);
337 | this.restrictDigits = (s.search(/g/i) >= 0);
338 | var sizeMatch = s.match(/[0-9]+/);
339 | this.hashWordSize = (sizeMatch != null && sizeMatch.length > 0
340 | ? parseInt(sizeMatch[0])
341 | : 8);
342 | },
343 |
344 | getOptionString: function()
345 | {
346 | var opts = '';
347 | if (this.requireDigit)
348 | opts += 'd';
349 | if (this.requirePunctuation)
350 | opts += 'p';
351 | if (this.requireMixedCase)
352 | opts += 'm';
353 | if (this.restrictSpecial)
354 | opts += 'r';
355 | if (this.restrictDigits)
356 | opts += 'g';
357 | opts += this.hashWordSize.toString();
358 | return opts;
359 | }
360 |
361 | }
362 |
--------------------------------------------------------------------------------
/license.txt:
--------------------------------------------------------------------------------
1 | Mozilla Public License, version 2.0
2 |
3 | 1. Definitions
4 |
5 | 1.1. "Contributor"
6 |
7 | means each individual or legal entity that creates, contributes to the
8 | creation of, or owns Covered Software.
9 |
10 | 1.2. "Contributor Version"
11 |
12 | means the combination of the Contributions of others (if any) used by a
13 | Contributor and that particular Contributor's Contribution.
14 |
15 | 1.3. "Contribution"
16 |
17 | means Covered Software of a particular Contributor.
18 |
19 | 1.4. "Covered Software"
20 |
21 | means Source Code Form to which the initial Contributor has attached the
22 | notice in Exhibit A, the Executable Form of such Source Code Form, and
23 | Modifications of such Source Code Form, in each case including portions
24 | thereof.
25 |
26 | 1.5. "Incompatible With Secondary Licenses"
27 | means
28 |
29 | a. that the initial Contributor has attached the notice described in
30 | Exhibit B to the Covered Software; or
31 |
32 | b. that the Covered Software was made available under the terms of
33 | version 1.1 or earlier of the License, but not also under the terms of
34 | a Secondary License.
35 |
36 | 1.6. "Executable Form"
37 |
38 | means any form of the work other than Source Code Form.
39 |
40 | 1.7. "Larger Work"
41 |
42 | means a work that combines Covered Software with other material, in a
43 | separate file or files, that is not Covered Software.
44 |
45 | 1.8. "License"
46 |
47 | means this document.
48 |
49 | 1.9. "Licensable"
50 |
51 | means having the right to grant, to the maximum extent possible, whether
52 | at the time of the initial grant or subsequently, any and all of the
53 | rights conveyed by this License.
54 |
55 | 1.10. "Modifications"
56 |
57 | means any of the following:
58 |
59 | a. any file in Source Code Form that results from an addition to,
60 | deletion from, or modification of the contents of Covered Software; or
61 |
62 | b. any new file in Source Code Form that contains any Covered Software.
63 |
64 | 1.11. "Patent Claims" of a Contributor
65 |
66 | means any patent claim(s), including without limitation, method,
67 | process, and apparatus claims, in any patent Licensable by such
68 | Contributor that would be infringed, but for the grant of the License,
69 | by the making, using, selling, offering for sale, having made, import,
70 | or transfer of either its Contributions or its Contributor Version.
71 |
72 | 1.12. "Secondary License"
73 |
74 | means either the GNU General Public License, Version 2.0, the GNU Lesser
75 | General Public License, Version 2.1, the GNU Affero General Public
76 | License, Version 3.0, or any later versions of those licenses.
77 |
78 | 1.13. "Source Code Form"
79 |
80 | means the form of the work preferred for making modifications.
81 |
82 | 1.14. "You" (or "Your")
83 |
84 | means an individual or a legal entity exercising rights under this
85 | License. For legal entities, "You" includes any entity that controls, is
86 | controlled by, or is under common control with You. For purposes of this
87 | definition, "control" means (a) the power, direct or indirect, to cause
88 | the direction or management of such entity, whether by contract or
89 | otherwise, or (b) ownership of more than fifty percent (50%) of the
90 | outstanding shares or beneficial ownership of such entity.
91 |
92 |
93 | 2. License Grants and Conditions
94 |
95 | 2.1. Grants
96 |
97 | Each Contributor hereby grants You a world-wide, royalty-free,
98 | non-exclusive license:
99 |
100 | a. under intellectual property rights (other than patent or trademark)
101 | Licensable by such Contributor to use, reproduce, make available,
102 | modify, display, perform, distribute, and otherwise exploit its
103 | Contributions, either on an unmodified basis, with Modifications, or
104 | as part of a Larger Work; and
105 |
106 | b. under Patent Claims of such Contributor to make, use, sell, offer for
107 | sale, have made, import, and otherwise transfer either its
108 | Contributions or its Contributor Version.
109 |
110 | 2.2. Effective Date
111 |
112 | The licenses granted in Section 2.1 with respect to any Contribution
113 | become effective for each Contribution on the date the Contributor first
114 | distributes such Contribution.
115 |
116 | 2.3. Limitations on Grant Scope
117 |
118 | The licenses granted in this Section 2 are the only rights granted under
119 | this License. No additional rights or licenses will be implied from the
120 | distribution or licensing of Covered Software under this License.
121 | Notwithstanding Section 2.1(b) above, no patent license is granted by a
122 | Contributor:
123 |
124 | a. for any code that a Contributor has removed from Covered Software; or
125 |
126 | b. for infringements caused by: (i) Your and any other third party's
127 | modifications of Covered Software, or (ii) the combination of its
128 | Contributions with other software (except as part of its Contributor
129 | Version); or
130 |
131 | c. under Patent Claims infringed by Covered Software in the absence of
132 | its Contributions.
133 |
134 | This License does not grant any rights in the trademarks, service marks,
135 | or logos of any Contributor (except as may be necessary to comply with
136 | the notice requirements in Section 3.4).
137 |
138 | 2.4. Subsequent Licenses
139 |
140 | No Contributor makes additional grants as a result of Your choice to
141 | distribute the Covered Software under a subsequent version of this
142 | License (see Section 10.2) or under the terms of a Secondary License (if
143 | permitted under the terms of Section 3.3).
144 |
145 | 2.5. Representation
146 |
147 | Each Contributor represents that the Contributor believes its
148 | Contributions are its original creation(s) or it has sufficient rights to
149 | grant the rights to its Contributions conveyed by this License.
150 |
151 | 2.6. Fair Use
152 |
153 | This License is not intended to limit any rights You have under
154 | applicable copyright doctrines of fair use, fair dealing, or other
155 | equivalents.
156 |
157 | 2.7. Conditions
158 |
159 | Sections 3.1, 3.2, 3.3, and 3.4 are conditions of the licenses granted in
160 | Section 2.1.
161 |
162 |
163 | 3. Responsibilities
164 |
165 | 3.1. Distribution of Source Form
166 |
167 | All distribution of Covered Software in Source Code Form, including any
168 | Modifications that You create or to which You contribute, must be under
169 | the terms of this License. You must inform recipients that the Source
170 | Code Form of the Covered Software is governed by the terms of this
171 | License, and how they can obtain a copy of this License. You may not
172 | attempt to alter or restrict the recipients' rights in the Source Code
173 | Form.
174 |
175 | 3.2. Distribution of Executable Form
176 |
177 | If You distribute Covered Software in Executable Form then:
178 |
179 | a. such Covered Software must also be made available in Source Code Form,
180 | as described in Section 3.1, and You must inform recipients of the
181 | Executable Form how they can obtain a copy of such Source Code Form by
182 | reasonable means in a timely manner, at a charge no more than the cost
183 | of distribution to the recipient; and
184 |
185 | b. You may distribute such Executable Form under the terms of this
186 | License, or sublicense it under different terms, provided that the
187 | license for the Executable Form does not attempt to limit or alter the
188 | recipients' rights in the Source Code Form under this License.
189 |
190 | 3.3. Distribution of a Larger Work
191 |
192 | You may create and distribute a Larger Work under terms of Your choice,
193 | provided that You also comply with the requirements of this License for
194 | the Covered Software. If the Larger Work is a combination of Covered
195 | Software with a work governed by one or more Secondary Licenses, and the
196 | Covered Software is not Incompatible With Secondary Licenses, this
197 | License permits You to additionally distribute such Covered Software
198 | under the terms of such Secondary License(s), so that the recipient of
199 | the Larger Work may, at their option, further distribute the Covered
200 | Software under the terms of either this License or such Secondary
201 | License(s).
202 |
203 | 3.4. Notices
204 |
205 | You may not remove or alter the substance of any license notices
206 | (including copyright notices, patent notices, disclaimers of warranty, or
207 | limitations of liability) contained within the Source Code Form of the
208 | Covered Software, except that You may alter any license notices to the
209 | extent required to remedy known factual inaccuracies.
210 |
211 | 3.5. Application of Additional Terms
212 |
213 | You may choose to offer, and to charge a fee for, warranty, support,
214 | indemnity or liability obligations to one or more recipients of Covered
215 | Software. However, You may do so only on Your own behalf, and not on
216 | behalf of any Contributor. You must make it absolutely clear that any
217 | such warranty, support, indemnity, or liability obligation is offered by
218 | You alone, and You hereby agree to indemnify every Contributor for any
219 | liability incurred by such Contributor as a result of warranty, support,
220 | indemnity or liability terms You offer. You may include additional
221 | disclaimers of warranty and limitations of liability specific to any
222 | jurisdiction.
223 |
224 | 4. Inability to Comply Due to Statute or Regulation
225 |
226 | If it is impossible for You to comply with any of the terms of this License
227 | with respect to some or all of the Covered Software due to statute,
228 | judicial order, or regulation then You must: (a) comply with the terms of
229 | this License to the maximum extent possible; and (b) describe the
230 | limitations and the code they affect. Such description must be placed in a
231 | text file included with all distributions of the Covered Software under
232 | this License. Except to the extent prohibited by statute or regulation,
233 | such description must be sufficiently detailed for a recipient of ordinary
234 | skill to be able to understand it.
235 |
236 | 5. Termination
237 |
238 | 5.1. The rights granted under this License will terminate automatically if You
239 | fail to comply with any of its terms. However, if You become compliant,
240 | then the rights granted under this License from a particular Contributor
241 | are reinstated (a) provisionally, unless and until such Contributor
242 | explicitly and finally terminates Your grants, and (b) on an ongoing
243 | basis, if such Contributor fails to notify You of the non-compliance by
244 | some reasonable means prior to 60 days after You have come back into
245 | compliance. Moreover, Your grants from a particular Contributor are
246 | reinstated on an ongoing basis if such Contributor notifies You of the
247 | non-compliance by some reasonable means, this is the first time You have
248 | received notice of non-compliance with this License from such
249 | Contributor, and You become compliant prior to 30 days after Your receipt
250 | of the notice.
251 |
252 | 5.2. If You initiate litigation against any entity by asserting a patent
253 | infringement claim (excluding declaratory judgment actions,
254 | counter-claims, and cross-claims) alleging that a Contributor Version
255 | directly or indirectly infringes any patent, then the rights granted to
256 | You by any and all Contributors for the Covered Software under Section
257 | 2.1 of this License shall terminate.
258 |
259 | 5.3. In the event of termination under Sections 5.1 or 5.2 above, all end user
260 | license agreements (excluding distributors and resellers) which have been
261 | validly granted by You or Your distributors under this License prior to
262 | termination shall survive termination.
263 |
264 | 6. Disclaimer of Warranty
265 |
266 | Covered Software is provided under this License on an "as is" basis,
267 | without warranty of any kind, either expressed, implied, or statutory,
268 | including, without limitation, warranties that the Covered Software is free
269 | of defects, merchantable, fit for a particular purpose or non-infringing.
270 | The entire risk as to the quality and performance of the Covered Software
271 | is with You. Should any Covered Software prove defective in any respect,
272 | You (not any Contributor) assume the cost of any necessary servicing,
273 | repair, or correction. This disclaimer of warranty constitutes an essential
274 | part of this License. No use of any Covered Software is authorized under
275 | this License except under this disclaimer.
276 |
277 | 7. Limitation of Liability
278 |
279 | Under no circumstances and under no legal theory, whether tort (including
280 | negligence), contract, or otherwise, shall any Contributor, or anyone who
281 | distributes Covered Software as permitted above, be liable to You for any
282 | direct, indirect, special, incidental, or consequential damages of any
283 | character including, without limitation, damages for lost profits, loss of
284 | goodwill, work stoppage, computer failure or malfunction, or any and all
285 | other commercial damages or losses, even if such party shall have been
286 | informed of the possibility of such damages. This limitation of liability
287 | shall not apply to liability for death or personal injury resulting from
288 | such party's negligence to the extent applicable law prohibits such
289 | limitation. Some jurisdictions do not allow the exclusion or limitation of
290 | incidental or consequential damages, so this exclusion and limitation may
291 | not apply to You.
292 |
293 | 8. Litigation
294 |
295 | Any litigation relating to this License may be brought only in the courts
296 | of a jurisdiction where the defendant maintains its principal place of
297 | business and such litigation shall be governed by laws of that
298 | jurisdiction, without reference to its conflict-of-law provisions. Nothing
299 | in this Section shall prevent a party's ability to bring cross-claims or
300 | counter-claims.
301 |
302 | 9. Miscellaneous
303 |
304 | This License represents the complete agreement concerning the subject
305 | matter hereof. If any provision of this License is held to be
306 | unenforceable, such provision shall be reformed only to the extent
307 | necessary to make it enforceable. Any law or regulation which provides that
308 | the language of a contract shall be construed against the drafter shall not
309 | be used to construe this License against a Contributor.
310 |
311 |
312 | 10. Versions of the License
313 |
314 | 10.1. New Versions
315 |
316 | Mozilla Foundation is the license steward. Except as provided in Section
317 | 10.3, no one other than the license steward has the right to modify or
318 | publish new versions of this License. Each version will be given a
319 | distinguishing version number.
320 |
321 | 10.2. Effect of New Versions
322 |
323 | You may distribute the Covered Software under the terms of the version
324 | of the License under which You originally received the Covered Software,
325 | or under the terms of any subsequent version published by the license
326 | steward.
327 |
328 | 10.3. Modified Versions
329 |
330 | If you create software not governed by this License, and you want to
331 | create a new license for such software, you may create and use a
332 | modified version of this License if you rename the license and remove
333 | any references to the name of the license steward (except to note that
334 | such modified license differs from this License).
335 |
336 | 10.4. Distributing Source Code Form that is Incompatible With Secondary
337 | Licenses If You choose to distribute Source Code Form that is
338 | Incompatible With Secondary Licenses under the terms of this version of
339 | the License, the notice described in Exhibit B of this License must be
340 | attached.
341 |
342 | Exhibit A - Source Code Form License Notice
343 |
344 | This Source Code Form is subject to the
345 | terms of the Mozilla Public License, v.
346 | 2.0. If a copy of the MPL was not
347 | distributed with this file, You can
348 | obtain one at
349 | http://mozilla.org/MPL/2.0/.
350 |
351 | If it is not possible or desirable to put the notice in a particular file,
352 | then You may include the notice in a location (such as a LICENSE file in a
353 | relevant directory) where a recipient would be likely to look for such a
354 | notice.
355 |
356 | You may add additional accurate notices of copyright ownership.
357 |
358 | Exhibit B - "Incompatible With Secondary Licenses" Notice
359 |
360 | This Source Code Form is "Incompatible
361 | With Secondary Licenses", as defined by
362 | the Mozilla Public License, v. 2.0.
363 |
--------------------------------------------------------------------------------
![[#]](../../skin/marker.png)
markers next
31 | to password fields for simple access to the Password Hasher
32 | dialog.![[*]](../../skin/unmask.png)
58 | Symbole, die nahe des Passwort-Eingabefeldes eingefügt werden für Einzelklick-Demaskierung
59 | (Anzeige als Klartext) von eingegebenen Passwörtern.
60 |