fix: per-tier master-key retrievers for mixed-cipher profiles (#579)

* fix: per-tier master-key retrievers for mixed-cipher profiles

Author: moonD4rk

browser/browser.go

@@ -111,11 +111,11 @@ func pickFromConfigs(configs []types.BrowserConfig, opts PickOptions) ([]Browser
 	return browsers, nil
 }
 
-// retrieverSetter is an optional capability interface. Chromium variants
-// implement it to receive a master-key retriever chain; Firefox and Safari
-// do not.
-type retrieverSetter interface {
-	SetRetriever(keyretriever.KeyRetriever)
+// keyRetrieversSetter is an optional capability interface. Chromium variants implement it to
+// receive the per-tier master-key retrievers (V10 / V11 / V20) as a single Retrievers struct;
+// Firefox and Safari do not.
+type keyRetrieversSetter interface {
+	SetKeyRetrievers(keyretriever.Retrievers)
 }
 
 // resolveGlobs expands glob patterns in browser configs' UserDataDir.

browser/browser_darwin.go

@@ -171,23 +171,23 @@ type keychainPasswordSetter interface {
 // no longer triggers a password prompt.
 func newPlatformInjector(opts PickOptions) func(Browser) {
 	var (
-		password  string
-		retriever keyretriever.KeyRetriever
-		resolved  bool
+		password   string
+		retrievers keyretriever.Retrievers
+		resolved   bool
 	)
 	return func(b Browser) {
-		rs, needsRetriever := b.(retrieverSetter)
+		rs, needsRetrievers := b.(keyRetrieversSetter)
 		kps, needsKeychainPassword := b.(keychainPasswordSetter)
-		if !needsRetriever && !needsKeychainPassword {
+		if !needsRetrievers && !needsKeychainPassword {
 			return
 		}
 		if !resolved {
 			password = resolveKeychainPassword(opts.KeychainPassword)
-			retriever = keyretriever.DefaultRetriever(password)
+			retrievers = keyretriever.DefaultRetrievers(password)
 			resolved = true
 		}
-		if needsRetriever {
-			rs.SetRetriever(retriever)
+		if needsRetrievers {
+			rs.SetKeyRetrievers(retrievers)
 		}
 		if needsKeychainPassword {
 			kps.SetKeychainPassword(password)

browser/browser_linux.go

@@ -67,13 +67,16 @@ func platformBrowsers() []types.BrowserConfig {
 	}
 }
 
-// newPlatformInjector returns a closure that injects the Chromium master-key
-// retriever chain into each Browser.
+// newPlatformInjector returns a closure that wires the Linux Chromium master-key retrievers into
+// each Browser. Linux has two tiers: V10 uses the "peanuts" hardcoded password (kV10Key); V11
+// uses the D-Bus Secret Service keyring (kV11Key). V20 is nil — App-Bound Encryption is Windows-
+// only. Both V10 and V11 run independently so a profile carrying mixed cipher prefixes decrypts
+// both tiers.
 func newPlatformInjector(_ PickOptions) func(Browser) {
-	retriever := keyretriever.DefaultRetriever()
+	retrievers := keyretriever.DefaultRetrievers()
 	return func(b Browser) {
-		if s, ok := b.(retrieverSetter); ok {
-			s.SetRetriever(retriever)
+		if s, ok := b.(keyRetrieversSetter); ok {
+			s.SetKeyRetrievers(retrievers)
 		}
 	}
 }

browser/browser_windows.go

@@ -125,13 +125,15 @@ func platformBrowsers() []types.BrowserConfig {
 	}
 }
 
-// newPlatformInjector returns a closure that injects the Chromium master-key
-// retriever chain into each Browser.
+// newPlatformInjector returns a closure that wires the Windows v10 (DPAPI) and v20 (ABE) Chromium
+// master-key retrievers into each Browser. Per issue #578 the two tiers are orthogonal — a single
+// Chrome profile upgraded from pre-127 carries v20 cookies alongside v10 passwords — so both
+// retrievers run independently rather than as a first-success chain.
 func newPlatformInjector(_ PickOptions) func(Browser) {
-	retriever := keyretriever.DefaultRetriever()
+	retrievers := keyretriever.DefaultRetrievers()
 	return func(b Browser) {
-		if s, ok := b.(retrieverSetter); ok {
-			s.SetRetriever(retriever)
+		if s, ok := b.(keyRetrieversSetter); ok {
+			s.SetKeyRetrievers(retrievers)
 		}
 	}
 }

browser/chromium/chromium.go

@@ -1,7 +1,6 @@
 package chromium
 
 import (
-	"fmt"
 	"os"
 	"path/filepath"
 	"time"
@@ -17,14 +16,14 @@ import (
 type Browser struct {
 	cfg         types.BrowserConfig
 	profileDir  string                               // absolute path to profile directory
-	retriever   keyretriever.KeyRetriever            // set via SetRetriever after construction
+	retrievers  keyretriever.Retrievers              // per-tier key sources (V10 / V11 / V20; unused tiers nil)
 	sources     map[types.Category][]sourcePath      // Category → candidate paths (priority order)
 	extractors  map[types.Category]categoryExtractor // Category → custom extract function override
 	sourcePaths map[types.Category]resolvedPath      // Category → discovered absolute path
 }
 
 // NewBrowsers discovers Chromium profiles under cfg.UserDataDir and returns
-// one Browser per profile. Call SetRetriever on each returned browser before
+// one Browser per profile. Call SetKeyRetrievers on each returned browser before
 // Extract to enable decryption of sensitive data (passwords, cookies, etc.).
 func NewBrowsers(cfg types.BrowserConfig) ([]*Browser, error) {
 	sources := sourcesForKind(cfg.Kind)
@@ -52,11 +51,19 @@ func NewBrowsers(cfg types.BrowserConfig) ([]*Browser, error) {
 	return browsers, nil
 }
 
-// SetRetriever sets the key retriever used by Extract to obtain the
-// master encryption key. Must be called before Extract if encrypted
-// data (passwords, cookies, credit cards) needs to be decrypted.
-func (b *Browser) SetRetriever(r keyretriever.KeyRetriever) {
-	b.retriever = r
+// SetKeyRetrievers wires the per-tier master-key retrievers used by Extract. Each slot
+// (V10 / V11 / V20) is populated only on platforms where that cipher tier is used:
+//
+//   - Windows: V10 (DPAPI) + V20 (ABE). V11 nil — Chromium does not emit v11 prefix on Windows.
+//   - Linux:   V10 ("peanuts" kV10Key) + V11 (D-Bus Secret Service kV11Key). V20 nil.
+//   - macOS:   V10 (Keychain chain). V11 and V20 nil.
+//
+// Slots are independent — a failure or absence in one tier does not affect others. A single
+// Chromium profile can carry mixed cipher-prefix ciphertexts (the motivation for issue #578), so
+// every configured retriever runs at extract time and decryptValue picks the matching key per
+// ciphertext.
+func (b *Browser) SetKeyRetrievers(r keyretriever.Retrievers) {
+	b.retrievers = r
 }
 
 func (b *Browser) BrowserName() string { return b.cfg.Name }
@@ -79,18 +86,15 @@ func (b *Browser) Extract(categories []types.Category) (*types.BrowserData, erro
 
 	tempPaths := b.acquireFiles(session, categories)
 
-	masterKey, err := b.getMasterKey(session)
-	if err != nil {
-		log.Debugf("get master key for %s: %v", b.BrowserName()+"/"+b.ProfileName(), err)
-	}
+	keys := b.getMasterKeys(session)
 
 	data := &types.BrowserData{}
 	for _, cat := range categories {
 		path, ok := tempPaths[cat]
 		if !ok {
 			continue
 		}
-		b.extractCategory(data, cat, masterKey, path)
+		b.extractCategory(data, cat, keys, path)
 	}
 	return data, nil
 }
@@ -170,43 +174,46 @@ func (b *Browser) acquireFiles(session *filemanager.Session, categories []types.
 	return tempPaths
 }
 
-// getMasterKey retrieves the Chromium master encryption key.
-//
-// On Windows, the key is read from the Local State file and decrypted via DPAPI.
-// On macOS, the key is derived from Keychain (Local State is not needed).
-// On Linux, the key is derived from D-Bus Secret Service or a fallback password.
-//
-// The retriever is always called regardless of whether Local State exists,
-// because macOS/Linux retrievers don't need it.
-func (b *Browser) getMasterKey(session *filemanager.Session) ([]byte, error) {
-	if b.retriever == nil {
-		return nil, fmt.Errorf("key retriever not set for %s", b.cfg.Name)
-	}
-
-	// Try to locate and copy Local State (needed on Windows, ignored on macOS/Linux).
-	// Multi-profile layout: Local State is in the parent of profileDir.
-	// Flat layout (Opera): Local State is alongside data files in profileDir.
+// getMasterKeys retrieves the Chromium master keys for every configured tier. Chrome mixes
+// cipher tiers on the same profile — v20 for new cookies alongside v10 passwords on Windows; v10
+// (peanuts) alongside v11 (keyring) on Linux after session-mode changes — so every retriever in
+// b.retrievers runs independently and keyretriever.NewMasterKeys assembles the results. Any tier
+// key may be nil if its retriever failed or is not configured for this platform; decryptValue
+// treats a missing tier key as "that tier cannot decrypt" so partial success is still reported.
+func (b *Browser) getMasterKeys(session *filemanager.Session) keyretriever.MasterKeys {
+	label := b.BrowserName() + "/" + b.ProfileName()
+
+	// Locate and copy Local State (needed on Windows, ignored on macOS/Linux). Multi-profile
+	// layout: Local State is in the parent of profileDir. Flat layout (Opera): Local State is
+	// alongside data files in profileDir.
 	var localStateDst string
 	for _, dir := range []string{filepath.Dir(b.profileDir), b.profileDir} {
 		candidate := filepath.Join(dir, "Local State")
-		if fileutil.FileExists(candidate) {
-			localStateDst = filepath.Join(session.TempDir(), "Local State")
-			if err := session.Acquire(candidate, localStateDst, false); err != nil {
-				return nil, err
-			}
+		if !fileutil.FileExists(candidate) {
+			continue
+		}
+		dst := filepath.Join(session.TempDir(), "Local State")
+		if err := session.Acquire(candidate, dst, false); err != nil {
+			log.Debugf("acquire Local State for %s: %v", label, err)
 			break
 		}
+		localStateDst = dst
+		break
 	}
 
-	return b.retriever.RetrieveKey(b.cfg.Storage, localStateDst)
+	keys, err := keyretriever.NewMasterKeys(b.retrievers, b.cfg.Storage, localStateDst)
+	if err != nil {
+		log.Warnf("%s: master key retrieval: %v", label, err)
+	}
+	return keys
 }
 
 // extractCategory calls the appropriate extract function for a category.
 // If a custom extractor is registered for this category (via extractorsForKind),
 // it is used instead of the default switch logic.
-func (b *Browser) extractCategory(data *types.BrowserData, cat types.Category, masterKey []byte, path string) {
+func (b *Browser) extractCategory(data *types.BrowserData, cat types.Category, keys keyretriever.MasterKeys, path string) {
 	if ext, ok := b.extractors[cat]; ok {
-		if err := ext.extract(masterKey, path, data); err != nil {
+		if err := ext.extract(keys, path, data); err != nil {
 			log.Debugf("extract %s for %s: %v", cat, b.BrowserName()+"/"+b.ProfileName(), err)
 		}
 		return
@@ -215,17 +222,17 @@ func (b *Browser) extractCategory(data *types.BrowserData, cat types.Category, m
 	var err error
 	switch cat {
 	case types.Password:
-		data.Passwords, err = extractPasswords(masterKey, path)
+		data.Passwords, err = extractPasswords(keys, path)
 	case types.Cookie:
-		data.Cookies, err = extractCookies(masterKey, path)
+		data.Cookies, err = extractCookies(keys, path)
 	case types.History:
 		data.Histories, err = extractHistories(path)
 	case types.Download:
 		data.Downloads, err = extractDownloads(path)
 	case types.Bookmark:
 		data.Bookmarks, err = extractBookmarks(path)
 	case types.CreditCard:
-		data.CreditCards, err = extractCreditCards(masterKey, path)
+		data.CreditCards, err = extractCreditCards(keys, path)
 	case types.Extension:
 		data.Extensions, err = extractExtensions(path)
 	case types.LocalStorage: