I'm working on bug #78754 to give Mozilla a mode to display saved passwords. The code and UI I've got works flawlessly, the only missing piece is prompting for and verifying the master password if the user's passwords are encrypted.
I have trawled through the codebase but can't seem to find the exact interface I'm looking for. The mechanism for popping up the password prompt depends on a number of things (particularly the token name/slot for the software security device) that I do not know the interface for. It looks like the master password is prompted for in security/manager/pki/src/nsNSSDialogs.cpp, but the XUL (chrome://pippki/content/getpassword.xul) and JS that gets invoked doesn't seem to do anything special except return the password value that was entered. The verification happens somewhere else. I think I can pull out some of what I need from security/manager/pki/resources/content/device_manager.js, but I am not sure which parts I'll need. I was hopeful that perhaps nsITokenPasswordDialogs, nsITokenDialogs, nsIPK11Token, or nsIPK11TokenDB might do what I want, but it doesn't look promising. So what combination of components do I need to call into to pop up the usual "prompt for master password" dialog and then verify the results? Given the posts here, I suspect a number of people would very much like to see something like this built in to Mozilla. (And after that, maybe I'll write an extension to import/export). -- paxunix
