Multiple attempts for Quick Unlock

Quick Unlock now allows up to 3 attempts to unlock a locked DB.
This setting is DB specific and thus requires DB specific settings to be used.

Author: Rookiestyle

Translations/LockAssist.de.language.xml

@@ -56,7 +56,7 @@ Bitte bearbeiten und Quick Unlock PIN als Password setzen.</value>
   </item>
   <item>
     <key>OptionsQUSettingsPerDB_UnlockAttempts</key>
-    <value>Quick Unlock Versuche:</value>
+    <value>Quick Unlock Versuche (NUR für aktive Datenbank):</value>
   </item>
   <item>
     <key>OptionsSwitchDBToGeneral</key>

Translations/LockAssist.template.language.xml

@@ -56,7 +56,7 @@ Please edit and set Quick Unlock PIN as password</value>
   </item>
   <item>
     <key>OptionsQUSettingsPerDB_UnlockAttempts</key>
-    <value>Quick Unlock Attempts:</value>
+    <value>Quick Unlock Attempts (requires DB specific settings):</value>
   </item>
   <item>
     <key>OptionsSwitchDBToGeneral</key>

src/Config/LockAssistConfig_QU.cs

@@ -50,8 +50,8 @@ private void GetQUOptionsInternal(PwDatabase db)
 
     public int GetQU_DBSpecificUnlockAttempts()
     {
-      if (QU_DBSpecific) return 1;
-      return Math.Max(Program.Config.Security.MasterKeyTries, QU_DBSpecificUnlockAttempts);
+      if (!QU_DBSpecific) return 1;
+      return Math.Max(1, QU_DBSpecificUnlockAttempts);
     }
 
     public static bool QU_FirstTime
@@ -126,8 +126,7 @@ public void QU_DeleteDBConfig(PwDatabase db)
       deleted |= db.CustomData.Remove(LockAssistKeyFromEnd);
       deleted |= db.CustomData.Remove(LockAssistQuickUnlockDBSpecific);
       deleted |= db.CustomData.Remove(LockAssistQU_ValiditySeconds);
-      //Don't delete this value!
-      //deleted |= db.CustomData.Remove(LockAssistQU_DBSpecificUnlockAttempts); 
+      deleted |= db.CustomData.Remove(LockAssistQU_DBSpecificUnlockAttempts); 
       if (deleted)
       {
         QU_FlagDBChanged(db);

src/OptionsForm.Designer.cs

@@ -61,7 +61,6 @@ public OptionsForm()
       cbSLValidityInterval.SelectedIndex = 0;
 
       lQUAttempts.Text = PluginTranslate.OptionsQUSettingsPerDB_UnlockAttempts;
-      lQUAttempts.Left = nQUAttempts.Left - 10 - lQUAttempts.Width;
       cbPINDBSpecific_CheckedChanged(null, null);
       nQUAttempts.Maximum = Program.Config.Security.MasterKeyTries;
     }
@@ -255,6 +254,12 @@ private void cbPINDBSpecific_CheckedChanged(object sender, EventArgs e)
     {
       lQUAttempts.Enabled = cbPINDBSpecific.Checked;
       nQUAttempts.Enabled = cbPINDBSpecific.Checked;
+      if (cbPINDBSpecific.Checked && nQUAttempts.Tag != null) nQUAttempts.Value = (int)nQUAttempts.Tag;
+      else
+      {
+        nQUAttempts.Tag = (int)nQUAttempts.Value;
+        nQUAttempts.Value = 1;
+      }
     }
   }
 }

src/OptionsForm.cs

@@ -90,9 +90,9 @@ public static class PluginTranslate
     /// </summary>
     public static readonly string OptionsQUSettingsPerDB = @"Settings are DB specific";
     /// <summary>
-    /// Quick Unlock Attempts:
+    /// Quick Unlock Attempts (requires DB specific settings):
     /// </summary>
-    public static readonly string OptionsQUSettingsPerDB_UnlockAttempts = @"Quick Unlock Attempts:";
+    public static readonly string OptionsQUSettingsPerDB_UnlockAttempts = @"Quick Unlock Attempts (requires DB specific settings):";
     /// <summary>
     /// Database specific settings switched off.
     /// 

src/PluginTranslation.cs

@@ -10,7 +10,7 @@
 [assembly: AssemblyConfiguration("")]
 [assembly: AssemblyCompany("Rookiestyle")]
 [assembly: AssemblyProduct("KeePass Plugin")]
-[assembly: AssemblyCopyright("Copyright ©  2021-2025")]
+[assembly: AssemblyCopyright("Copyright © rookiestyle")]
 [assembly: AssemblyTrademark("")]
 [assembly: AssemblyCulture("")]
 
@@ -32,5 +32,5 @@
 // Sie können alle Werte angeben oder Standardwerte für die Build- und Revisionsnummern verwenden,
 // indem Sie "*" wie unten gezeigt eingeben:
 // [assembly: AssemblyVersion("1.0.*")]
-[assembly: AssemblyVersion("3.7")]
-[assembly: AssemblyFileVersion("3.7")]
+[assembly: AssemblyVersion("3.8")]
+[assembly: AssemblyFileVersion("3.8")]

src/Properties/AssemblyInfo.cs

@@ -1,8 +1,11 @@
 using System;
 using System.Collections.Generic;
+using System.IO;
 using System.Reflection;
 using System.Security.Cryptography;
 using System.Windows.Forms;
+using KeePass.Resources;
+using KeePass.Util;
 using KeePassLib;
 using KeePassLib.Cryptography;
 using KeePassLib.Cryptography.Cipher;
@@ -29,6 +32,7 @@ public class QuickUnlockOldKeyInfo
     public ProtectedString QuickUnlockKey = ProtectedString.EmptyEx;
     public ProtectedBinary pwHash = null;
     public string keyFile = string.Empty;
+    public ProtectedBinary pbKeyFile = null;
     public string CustomKeyProviderName = string.Empty;
     public ProtectedBinary CustomKeyProviderData = null;
     public bool account = false;
@@ -80,13 +84,14 @@ public override byte[] GetKey(KeyProviderQueryContext ctx)
         Tools.ShowError(PluginTranslate.KeyProvNoQuickUnlock);
         return null;
       }
-
+      
       int iAttempt = 0;
       int iMaxFailed = 1;
       m_DBSpecificUnlockAttempts.TryGetValue(ctx.DatabasePath, out iMaxFailed);
       while (iAttempt++ < iMaxFailed)
       {
         var fQuickUnlock = new UnlockForm();
+        fQuickUnlock.SetAttempts(iMaxFailed, iAttempt);
         if (KeePass.UI.UIUtil.ShowDialogNotValue(fQuickUnlock, DialogResult.OK)) return null;
         ProtectedString psQuickUnlockKey = fQuickUnlock.QuickUnlockKey;
         KeePass.UI.UIUtil.DestroyForm(fQuickUnlock);
@@ -130,10 +135,24 @@ private static void RestoreOldMasterKeyInternal(PwDatabase db, IOConnectionInfo
         ck.AddUserKey(p);
         lMsg.Add("Add password to masterkey: " + (bRestoreSuccess ? "Password decrypted and restored" : "Password restore failed, empty password set"));
       }
+      bool bFileError = false;
       if (!string.IsNullOrEmpty(quOldKey.keyFile))
       {
-        ck.AddUserKey(new KcpKeyFile(quOldKey.keyFile));
-        lMsg.Add("Add key file to masterkey");
+        var kfRestored = RestoreKeyFile(quOldKey, lMsg, out bFileError);
+        if (kfRestored != null)
+        {
+          ck.AddUserKey(kfRestored);
+          lMsg.Add("Add key file to masterkey");
+        }
+        else
+        {
+          lMsg.Add("Error adding key file to masterkey");
+          string sKeyFileError = KPRes.KeyFileError;
+          if (sKeyFileError.EndsWith(".")) sKeyFileError = sKeyFileError.Substring(0, sKeyFileError.Length - 1);
+          sKeyFileError += ": " + quOldKey.keyFile;
+          MessageService.ShowWarning(new string[] { sKeyFileError, KPRes.MasterKeyChangeInfo});
+          bFileError = true;
+        }
       }
       if (!string.IsNullOrEmpty(quOldKey.CustomKeyProviderName))
       {
@@ -154,8 +173,62 @@ private static void RestoreOldMasterKeyInternal(PwDatabase db, IOConnectionInfo
       }
       KeePass.Program.Config.Defaults.SetKeySources(ioConnection, ck);
       lMsg.Add("Set database key sources");
-      if (bRestoreSuccess) PluginDebug.AddSuccess("Restore old masterkey", 0, lMsg.ToArray());
+      if (bRestoreSuccess && !bFileError) PluginDebug.AddSuccess("Restore old masterkey", 0, lMsg.ToArray());
+      else if (bRestoreSuccess && bFileError) PluginDebug.AddWarning("Restore old masterkey", 0, lMsg.ToArray());
       else PluginDebug.AddError("Restore old masterkey", 0, lMsg.ToArray());
+      if (bFileError) ShowChangeMasterKeyForm(db);
+    }
+
+    private static MethodInfo m_miChangeMasterKey = null;
+    private static void ShowChangeMasterKeyForm(PwDatabase db)
+    {
+      if (m_miChangeMasterKey == null)
+      {
+        m_miChangeMasterKey = KeePass.Program.MainForm.GetType().GetMethod("ChangeMasterKey", BindingFlags.Instance | BindingFlags.NonPublic);
+      }
+      if (m_miChangeMasterKey != null) m_miChangeMasterKey.Invoke(KeePass.Program.MainForm, new object[] { db });
+    }
+
+    private static KcpKeyFile RestoreKeyFile(QuickUnlockOldKeyInfo quOldKey, List<string> lErrors, out bool bFileError)
+    {
+      bFileError = false;
+      KcpKeyFile kf = RestoreKeyFileFromBuffer(quOldKey, lErrors);
+      if (kf != null) return kf;
+      try
+      {
+        return new KcpKeyFile(quOldKey.keyFile);
+      }
+      catch (Exception ex) { lErrors.Add("Access to key file not possible: " + ex.Message); }
+      bFileError = true;
+      return null;
+    }
+
+    private static KcpKeyFile m_kcpKeyFileHelp = null;
+    private static KcpKeyFile RestoreKeyFileFromBuffer(QuickUnlockOldKeyInfo quOldKey, List<string> lErrors)
+    {
+      if (m_kcpKeyFileHelp == null)
+      {
+        string strFile = Path.GetTempFileName();
+        File.WriteAllText(strFile, Guid.NewGuid().ToString());
+        m_kcpKeyFileHelp = new KcpKeyFile(strFile);
+        File.Delete(strFile);
+      }
+
+      var fi = m_kcpKeyFileHelp.GetType().GetField("m_pbKeyData", BindingFlags.Instance | BindingFlags.NonPublic);
+      if (fi == null)
+      {
+        lErrors.Add("Can't restore m_pbKeyData");
+        return null;
+      }
+      fi.SetValue(m_kcpKeyFileHelp, quOldKey.pbKeyFile);
+      fi = m_kcpKeyFileHelp.GetType().GetField("m_strPath", BindingFlags.Instance | BindingFlags.NonPublic);
+      if (fi == null)
+      {
+        lErrors.Add("Can't restore m_strPath");
+        return null;
+      }
+      fi.SetValue(m_kcpKeyFileHelp, quOldKey.keyFile);
+      return m_kcpKeyFileHelp;
     }
 
     internal static void RestoreOldMasterKey(PwDatabase db, QuickUnlockOldKeyInfo quOldKey)
@@ -222,7 +295,10 @@ private static void AddOldMasterKey(PwDatabase db, ProtectedString QuickUnlockKe
         quOldKey.pwHash = EncryptKey(QuickUnlockKey, pbPasswordSerialized);
       }
       if (db.MasterKey.ContainsType(typeof(KcpKeyFile)))
+      {
         quOldKey.keyFile = (db.MasterKey.GetUserKey(typeof(KcpKeyFile)) as KcpKeyFile).Path;
+        quOldKey.pbKeyFile = (db.MasterKey.GetUserKey(typeof(KcpKeyFile)) as KcpKeyFile).KeyData;
+      }
       if (db.MasterKey.ContainsType(typeof(KcpCustomKey)))
       {
         quOldKey.CustomKeyProviderName = (db.MasterKey.GetUserKey(typeof(KcpCustomKey)) as KcpCustomKey).Name;

src/QuickUnlockKeyProv.cs

@@ -1,4 +1,5 @@
-using System.Drawing;
+using System;
+using System.Drawing;
 using System.Windows.Forms;
 using KeePassLib.Security;
 using PluginTools;
@@ -47,5 +48,17 @@ private void cbContinueUnlock_CheckedChanged(object sender, System.EventArgs e)
     {
       LockWorkspace.SetContinueUnlock(cbContinueUnlock.Checked);
     }
+
+    internal void SetAttempts(int iMaxFailed, int iAttempt)
+    {
+      if (iMaxFailed == 1) return;
+      var bEndsWithColon = lLabel.Text.EndsWith(":");
+      if (bEndsWithColon)
+      {
+        lLabel.Text = lLabel.Text.Substring(0, lLabel.Text.Length - 1);
+      }
+      lLabel.Text += " (" + iAttempt.ToString() + "/" + iMaxFailed.ToString() + ")";
+      if (bEndsWithColon) lLabel.Text += ":";
+    }
   }
 }