From 7d540132ef021591f6d9b6e6df2e9d4965bb62ed Mon Sep 17 00:00:00 2001 From: geel9 Date: Fri, 27 Nov 2015 19:39:26 -0500 Subject: [PATCH] Add button to manage encryption Force double-confirmation of passkeys --- Steam Desktop Authenticator/LoginForm.cs | 17 +++--- .../MainForm.Designer.cs | 27 ++++++--- Steam Desktop Authenticator/MainForm.cs | 59 +++++++++++++++++++ Steam Desktop Authenticator/Manifest.cs | 52 ++++++++++++---- 4 files changed, 125 insertions(+), 30 deletions(-) diff --git a/Steam Desktop Authenticator/LoginForm.cs b/Steam Desktop Authenticator/LoginForm.cs index c579588b..3ded6257 100644 --- a/Steam Desktop Authenticator/LoginForm.cs +++ b/Steam Desktop Authenticator/LoginForm.cs @@ -81,6 +81,12 @@ private void btnSteamLogin_Click(object sender, EventArgs e) this.Close(); return; break; + + case LoginResult.BadRSA: + case LoginResult.GeneralFailure: + this.Close(); + return; + break; } } @@ -128,16 +134,7 @@ private void btnSteamLogin_Click(object sender, EventArgs e) string passKey = null; if (manifest.Entries.Count == 0) { - InputForm newEncryptionForm = new InputForm("Please enter an encryption passkey. Leave blank or hit cancel to not encrypt (VERY INSECURE)."); - newEncryptionForm.ShowDialog(); - if (!newEncryptionForm.Canceled && newEncryptionForm.txtBox.Text.Length > 0) - { - passKey = newEncryptionForm.txtBox.Text; - } - else - { - MessageBox.Show("WARNING: You chose to not encrypt your files. Doing so imposes a security risk for yourself. If an attacker were to gain access to your computer, they could completely lock you out of your account and steal all your items."); - } + passKey = manifest.PromptSetupPassKey("Please enter an encryption passkey. Leave blank or hit cancel to not encrypt (VERY INSECURE)."); } else if (manifest.Entries.Count > 0 && manifest.Encrypted) { diff --git a/Steam Desktop Authenticator/MainForm.Designer.cs b/Steam Desktop Authenticator/MainForm.Designer.cs index 89bea8dd..a448a245 100644 --- a/Steam Desktop Authenticator/MainForm.Designer.cs +++ b/Steam Desktop Authenticator/MainForm.Designer.cs @@ -40,6 +40,7 @@ private void InitializeComponent() this.timer1 = new System.Windows.Forms.Timer(this.components); this.btnTradeConfirmations = new System.Windows.Forms.Button(); this.btnDelete = new System.Windows.Forms.Button(); + this.btnManageEncryption = new System.Windows.Forms.Button(); this.groupBox1.SuspendLayout(); this.SuspendLayout(); // @@ -82,15 +83,15 @@ private void InitializeComponent() this.txtLoginToken.TabIndex = 0; this.txtLoginToken.TextAlign = System.Windows.Forms.HorizontalAlignment.Center; // - // listConfirmations + // listAccounts // this.listAccounts.FormattingEnabled = true; this.listAccounts.Items.AddRange(new object[] { "test", "test"}); - this.listAccounts.Location = new System.Drawing.Point(23, 221); + this.listAccounts.Location = new System.Drawing.Point(23, 260); this.listAccounts.Name = "listAccounts"; - this.listAccounts.Size = new System.Drawing.Size(305, 134); + this.listAccounts.Size = new System.Drawing.Size(305, 95); this.listAccounts.TabIndex = 3; this.listAccounts.SelectedValueChanged += new System.EventHandler(this.listAccounts_SelectedValueChanged); // @@ -100,10 +101,10 @@ private void InitializeComponent() this.timer1.Interval = 1000; this.timer1.Tick += new System.EventHandler(this.timer1_Tick); // - // btnAcceptConfirmation + // btnTradeConfirmations // this.btnTradeConfirmations.Enabled = false; - this.btnTradeConfirmations.Location = new System.Drawing.Point(23, 185); + this.btnTradeConfirmations.Location = new System.Drawing.Point(23, 223); this.btnTradeConfirmations.Name = "btnTradeConfirmations"; this.btnTradeConfirmations.Size = new System.Drawing.Size(138, 31); this.btnTradeConfirmations.TabIndex = 4; @@ -111,9 +112,9 @@ private void InitializeComponent() this.btnTradeConfirmations.UseVisualStyleBackColor = true; this.btnTradeConfirmations.Click += new System.EventHandler(this.btnTradeConfirmations_Click); // - // btnDenyConfirmation + // btnDelete // - this.btnDelete.Location = new System.Drawing.Point(190, 185); + this.btnDelete.Location = new System.Drawing.Point(190, 223); this.btnDelete.Name = "btnDelete"; this.btnDelete.Size = new System.Drawing.Size(138, 31); this.btnDelete.TabIndex = 5; @@ -121,12 +122,23 @@ private void InitializeComponent() this.btnDelete.UseVisualStyleBackColor = true; this.btnDelete.Click += new System.EventHandler(this.btnDelete_Click); // + // btnManageEncryption + // + this.btnManageEncryption.Location = new System.Drawing.Point(23, 188); + this.btnManageEncryption.Name = "btnManageEncryption"; + this.btnManageEncryption.Size = new System.Drawing.Size(305, 31); + this.btnManageEncryption.TabIndex = 6; + this.btnManageEncryption.Text = "Manage Encryption"; + this.btnManageEncryption.UseVisualStyleBackColor = true; + this.btnManageEncryption.Click += new System.EventHandler(this.btnManageEncryption_Click); + // // MainForm // this.AcceptButton = this.btnSteamLogin; this.AutoScaleDimensions = new System.Drawing.SizeF(6F, 13F); this.AutoScaleMode = System.Windows.Forms.AutoScaleMode.Font; this.ClientSize = new System.Drawing.Size(351, 378); + this.Controls.Add(this.btnManageEncryption); this.Controls.Add(this.btnDelete); this.Controls.Add(this.btnTradeConfirmations); this.Controls.Add(this.listAccounts); @@ -152,6 +164,7 @@ private void InitializeComponent() private System.Windows.Forms.Timer timer1; private System.Windows.Forms.Button btnTradeConfirmations; private System.Windows.Forms.Button btnDelete; + private System.Windows.Forms.Button btnManageEncryption; } } diff --git a/Steam Desktop Authenticator/MainForm.cs b/Steam Desktop Authenticator/MainForm.cs index a7efd375..efe36809 100644 --- a/Steam Desktop Authenticator/MainForm.cs +++ b/Steam Desktop Authenticator/MainForm.cs @@ -82,8 +82,16 @@ private void loadAccountsList() return; } } + + btnManageEncryption.Text = "Manage Encryption"; + } + else + { + btnManageEncryption.Text = "Setup Encryption"; } + btnManageEncryption.Enabled = mManifest.Entries.Count > 0; + allAccounts = mManifest.GetAllAccounts(passKey); if (allAccounts.Length > 0) @@ -157,5 +165,56 @@ private void btnDelete_Click(object sender, EventArgs e) MessageBox.Show("Authenticator unable to be removed."); } } + + private void btnManageEncryption_Click(object sender, EventArgs e) + { + if (mManifest.Encrypted) + { + InputForm currentPassKeyForm = new InputForm("Enter current passkey", true); + currentPassKeyForm.ShowDialog(); + + if (currentPassKeyForm.Canceled) + return; + + string curPassKey = currentPassKeyForm.txtBox.Text; + + InputForm changePassKeyForm = new InputForm("Enter new passkey, or leave blank to remove encryption."); + changePassKeyForm.ShowDialog(); + + if (changePassKeyForm.Canceled) + return; + + InputForm changePassKeyForm2 = new InputForm("Confirm new passkey, or leave blank to remove encryption."); + changePassKeyForm2.ShowDialog(); + if (changePassKeyForm2.Canceled) + return; + + string newPassKey = changePassKeyForm.txtBox.Text; + string confirmPassKey = changePassKeyForm2.txtBox.Text; + + if (newPassKey != confirmPassKey) + { + MessageBox.Show("Passkeys do not match."); + return; + } + + if (newPassKey.Length == 0) + newPassKey = null; + + string action = newPassKey == null ? "remove" : "change"; + if (!mManifest.ChangeEncryptionKey(curPassKey, newPassKey)) + MessageBox.Show("Unable to " + action + " passkey."); + else + { + MessageBox.Show("Passkey successfully " + action + "d."); + this.loadAccountsList(); + } + } + else + { + mManifest.PromptSetupPassKey(); + this.loadAccountsList(); + } + } } } diff --git a/Steam Desktop Authenticator/Manifest.cs b/Steam Desktop Authenticator/Manifest.cs index 6845a054..cb8f3c60 100644 --- a/Steam Desktop Authenticator/Manifest.cs +++ b/Steam Desktop Authenticator/Manifest.cs @@ -104,20 +104,8 @@ private static Manifest _generateNewManifest(bool scanDir = false) if (newManifest.Entries.Count > 0) { newManifest.Save(); - - InputForm askForPasskey = new InputForm("This version of SDA has encryption. Please enter a passkey below, or hit cancel to remain unencrypted"); - askForPasskey.ShowDialog(); - if (askForPasskey.Canceled || askForPasskey.txtBox.Text.Length == 0) - { - MessageBox.Show("WARNING: You chose to not encrypt your files. Doing so imposes a security risk for yourself. If an attacker were to gain access to your computer, they could completely lock you out of your account and steal all your items."); - } - else - { - string passKey = askForPasskey.txtBox.Text; - newManifest.ChangeEncryptionKey(null, passKey); - } + newManifest.PromptSetupPassKey("This version of SDA has encryption. Please enter a passkey below, or hit cancel to remain unencrypted"); } - } } @@ -126,6 +114,44 @@ private static Manifest _generateNewManifest(bool scanDir = false) return null; } + public string PromptSetupPassKey(string initialPrompt = "Enter passkey, or hit cancel to remain unencrypted.") + { + InputForm newPassKeyForm = new InputForm(initialPrompt); + newPassKeyForm.ShowDialog(); + if (newPassKeyForm.Canceled || newPassKeyForm.txtBox.Text.Length == 0) + { + MessageBox.Show("WARNING: You chose to not encrypt your files. Doing so imposes a security risk for yourself. If an attacker were to gain access to your computer, they could completely lock you out of your account and steal all your items."); + return null; + } + + InputForm newPassKeyForm2 = new InputForm("Confirm new passkey."); + newPassKeyForm2.ShowDialog(); + if (newPassKeyForm2.Canceled) + { + MessageBox.Show("WARNING: You chose to not encrypt your files. Doing so imposes a security risk for yourself. If an attacker were to gain access to your computer, they could completely lock you out of your account and steal all your items."); + return null; + } + + string newPassKey = newPassKeyForm.txtBox.Text; + string confirmPassKey = newPassKeyForm2.txtBox.Text; + + if (newPassKey != confirmPassKey) + { + MessageBox.Show("Passkeys do not match."); + return null; + } + + if (!this.ChangeEncryptionKey(null, newPassKey)) + { + MessageBox.Show("Unable to set passkey."); + return null; + } + else + MessageBox.Show("Passkey successfully set."); + + return newPassKey; + } + public SteamAuth.SteamGuardAccount[] GetAllAccounts(string passKey = null) { if (passKey == null && this.Encrypted) return new SteamGuardAccount[0];