Passwords appear blank

[Txoka]

The execution works fine, but the passwords are missing in the .csv

[Txoka]

running windows .exe from releases.

[cfstras]

@Txoka the encryption or database format probably changed. I don't have a windows PC on hand to test, so you'll have to debug the new format yourself.

If you're willing, you could create a new profile, save only one (not your real one!) password, and send me the corresponding "Login Data" sqlite file, so I can take a look at it.

[Txoka]

Sorry, i have been testing, not all passwords appear blank, only some of them, for example gmail password appeared blank on every test other passwords are exported correctly. I will see if i can send you that.

Here it is: the file containing encrypted passwords and the passwords.csv that does not have the password i tried to export
here.zip

[cfstras]

Hm... seems like there is some data in there alright. The decoding happens here: https://github.com/cfstras/chromecsv/blob/master/crypt_windows.go
Basically, it just calls CryptUnprotectData() from Crypt32.dll. It could be that chrome changed the way it's called.
There's two parameters that are currently unused (Optional entropy and optional prompt structure) -- maybe you have to fill some data in there.

The function also doesn't evaluate the return code... it should return a boolean, that would be the first thing to check.

[cfstras]

Looking at the current chromium source... https://source.chromium.org/chromium/chromium/src/+/master:components/os_crypt/os_crypt_win.cc;drc=8e721d89fb9dbf5ed62cfa43f44d3d27ee1776de;bpv=1;bpt=1;l=33?originalUrl=https:%2F%2Fcs.chromium.org%2F

It seems there is a new format. Your data has the prefix "v10" in which case the function OSCrypt::DecryptString does not use the basic Windows API anymore, but seems to be using a custom AES-Encryption. The key seems to come from some "local state" -- But I can't seem to figure out where that gets set internally.

[Txoka]

since g_use_mock_key is set to false i think it comes from here but i do not totally understand it sorry

const std::string& GetEncryptionKeyInternal() {
  if (g_use_mock_key) {
    if (GetMockEncryptionKeyFactory().empty())
      GetMockEncryptionKeyFactory().assign(
          crypto::HkdfSha256("peanuts", "salt", "info", kKeyLength));
    DCHECK(!GetMockEncryptionKeyFactory().empty())
        << "Failed to initialize mock key.";
    return GetMockEncryptionKeyFactory();
  }

  DCHECK(!GetEncryptionKeyFactory().empty()) << "No key.";
  return GetEncryptionKeyFactory();
}


std::string& GetEncryptionKeyFactory() {
  static base::NoDestructor<std::string> encryption_key;
  return *encryption_key;
}

Also i can't seem to discover which passwords i can export using Windows api and which not.

[cfstras]

encryption_key is a static pointer in GetEncryptionKeyFactory -- and Init() sets it.
This is filled into local_state
https://source.chromium.org/chromium/chromium/src/+/master:components/os_crypt/os_crypt_win.cc;l=230;drc=977a73777133c13d83cd5d6179497534db0a98b3;bpv=1;bpt=1?originalUrl=https:%2F%2Fcs.chromium.org%2F
and then written into a prefStore but I can't seem to figure out where that is stored on disk.
Once you have the key material from the store, you'd need to implement the same key derivation method and then use AES to decrypt.
Sorry, you're on your own there, I don't have time to work on this currently.