Add button to manage encryption

Force double-confirmation of passkeys

Steam Desktop Authenticator/LoginForm.cs

@@ -81,6 +81,12 @@ private void btnSteamLogin_Click(object sender, EventArgs e)
                         this.Close();
                         return;
                         break;
+
+                    case LoginResult.BadRSA:
+                    case LoginResult.GeneralFailure:
+                        this.Close();
+                        return;
+                        break;
                 }
             }
 
@@ -128,16 +134,7 @@ private void btnSteamLogin_Click(object sender, EventArgs e)
             string passKey = null;
             if (manifest.Entries.Count == 0)
             {
-                InputForm newEncryptionForm = new InputForm("Please enter an encryption passkey. Leave blank or hit cancel to not encrypt (VERY INSECURE).");
-                newEncryptionForm.ShowDialog();
-                if (!newEncryptionForm.Canceled && newEncryptionForm.txtBox.Text.Length > 0)
-                {
-                    passKey = newEncryptionForm.txtBox.Text;
-                }
-                else
-                {
-                    MessageBox.Show("WARNING: You chose to not encrypt your files. Doing so imposes a security risk for yourself. If an attacker were to gain access to your computer, they could completely lock you out of your account and steal all your items.");
-                }
+                passKey = manifest.PromptSetupPassKey("Please enter an encryption passkey. Leave blank or hit cancel to not encrypt (VERY INSECURE).");
             }
             else if (manifest.Entries.Count > 0 && manifest.Encrypted)
             {

Steam Desktop Authenticator/MainForm.cs

@@ -82,8 +82,16 @@ private void loadAccountsList()
                         return;
                     }
                 }
+
+                btnManageEncryption.Text = "Manage Encryption";
+            }
+            else
+            {
+                btnManageEncryption.Text = "Setup Encryption";
             }
 
+            btnManageEncryption.Enabled = mManifest.Entries.Count > 0;
+
             allAccounts = mManifest.GetAllAccounts(passKey);
 
             if (allAccounts.Length > 0)
@@ -157,5 +165,56 @@ private void btnDelete_Click(object sender, EventArgs e)
                 MessageBox.Show("Authenticator unable to be removed.");
             }
         }
+
+        private void btnManageEncryption_Click(object sender, EventArgs e)
+        {
+            if (mManifest.Encrypted)
+            {
+                InputForm currentPassKeyForm = new InputForm("Enter current passkey", true);
+                currentPassKeyForm.ShowDialog();
+
+                if (currentPassKeyForm.Canceled)
+                    return;
+
+                string curPassKey = currentPassKeyForm.txtBox.Text;
+
+                InputForm changePassKeyForm = new InputForm("Enter new passkey, or leave blank to remove encryption.");
+                changePassKeyForm.ShowDialog();
+
+                if (changePassKeyForm.Canceled)
+                    return;
+
+                InputForm changePassKeyForm2 = new InputForm("Confirm new passkey, or leave blank to remove encryption.");
+                changePassKeyForm2.ShowDialog();
+                if (changePassKeyForm2.Canceled)
+                    return;
+
+                string newPassKey = changePassKeyForm.txtBox.Text;
+                string confirmPassKey = changePassKeyForm2.txtBox.Text;
+
+                if (newPassKey != confirmPassKey)
+                {
+                    MessageBox.Show("Passkeys do not match.");
+                    return;
+                }
+
+                if (newPassKey.Length == 0)
+                    newPassKey = null;
+
+                string action = newPassKey == null ? "remove" : "change";
+                if (!mManifest.ChangeEncryptionKey(curPassKey, newPassKey))
+                    MessageBox.Show("Unable to " + action + " passkey.");
+                else
+                {
+                    MessageBox.Show("Passkey successfully " + action + "d.");
+                    this.loadAccountsList();
+                }
+            }
+            else
+            {
+                mManifest.PromptSetupPassKey();
+                this.loadAccountsList();
+            }
+        }
     }
 }

Steam Desktop Authenticator/Manifest.cs

@@ -104,20 +104,8 @@ private static Manifest _generateNewManifest(bool scanDir = false)
                     if (newManifest.Entries.Count > 0)
                     {
                         newManifest.Save();
-
-                        InputForm askForPasskey = new InputForm("This version of SDA has encryption. Please enter a passkey below, or hit cancel to remain unencrypted");
-                        askForPasskey.ShowDialog();
-                        if (askForPasskey.Canceled || askForPasskey.txtBox.Text.Length == 0)
-                        {
-                            MessageBox.Show("WARNING: You chose to not encrypt your files. Doing so imposes a security risk for yourself. If an attacker were to gain access to your computer, they could completely lock you out of your account and steal all your items.");
-                        }
-                        else
-                        {
-                            string passKey = askForPasskey.txtBox.Text;
-                            newManifest.ChangeEncryptionKey(null, passKey);
-                        }
+                        newManifest.PromptSetupPassKey("This version of SDA has encryption. Please enter a passkey below, or hit cancel to remain unencrypted");
                     }
-
                 }
             }
 
@@ -126,6 +114,44 @@ private static Manifest _generateNewManifest(bool scanDir = false)
             return null;
         }
 
+        public string PromptSetupPassKey(string initialPrompt = "Enter passkey, or hit cancel to remain unencrypted.")
+        {
+            InputForm newPassKeyForm = new InputForm(initialPrompt);
+            newPassKeyForm.ShowDialog();
+            if (newPassKeyForm.Canceled || newPassKeyForm.txtBox.Text.Length == 0)
+            {
+                MessageBox.Show("WARNING: You chose to not encrypt your files. Doing so imposes a security risk for yourself. If an attacker were to gain access to your computer, they could completely lock you out of your account and steal all your items.");
+                return null;
+            }
+
+            InputForm newPassKeyForm2 = new InputForm("Confirm new passkey.");
+            newPassKeyForm2.ShowDialog();
+            if (newPassKeyForm2.Canceled)
+            {
+                MessageBox.Show("WARNING: You chose to not encrypt your files. Doing so imposes a security risk for yourself. If an attacker were to gain access to your computer, they could completely lock you out of your account and steal all your items.");
+                return null;
+            }
+
+            string newPassKey = newPassKeyForm.txtBox.Text;
+            string confirmPassKey = newPassKeyForm2.txtBox.Text;
+
+            if (newPassKey != confirmPassKey)
+            {
+                MessageBox.Show("Passkeys do not match.");
+                return null;
+            }
+
+            if (!this.ChangeEncryptionKey(null, newPassKey))
+            {
+                MessageBox.Show("Unable to set passkey.");
+                return null;
+            }
+            else
+                MessageBox.Show("Passkey successfully set.");
+
+            return newPassKey;
+        }
+
         public SteamAuth.SteamGuardAccount[] GetAllAccounts(string passKey = null)
         {
             if (passKey == null && this.Encrypted) return new SteamGuardAccount[0];