Skip to content

Linux chrome masterkey error #482

New issue
New issue
Open
Open
Linux chrome masterkey error#482
Labels
bugSomething isn't working
@aamaanaa

Description

@aamaanaa
aamaanaa
opened on Apr 30, 2025

Describe the bug

On linux with latest chrome i get the following error when getting the master key from dbus:

Failed to get all items: Object does not exist at path “/org/freedesktop/secrets/collection/login/87”

i have rust code that works, so there must be some kind of bug in the go dbus package. maybe in the go dbus method
col.GetAllItems() its returning a error to fast while it should continue.... idk.

i am on fedora 42, with seahorse i can see the chrome master key so it is there, and the bottom rust code can get it.

Expected vs Actual Behavior

I expected to see the secret when printing it out.

Desktop (please complete the following information):

Select the operating system(s) you are using:

  • Windows

  • macOS

  • Linux

  • OS Version: Fedora 42

  • OS Architecture: 64-bit

  • Browser Name: chrome

  • Browser Version: 135.0.7049.114

Additional Details

  • I ran hack-browser-data with administrator/root privileges.

Checklist

Screenshots/Videos

If applicable, add screenshots or videos to help explain your problem.

Additional context

The following rust code works:

fn get_key(&self) -> Result<Box<[u8]>, &str> {
        let ss = SecretService::new(EncryptionType::Dh).unwrap();
        let collection = ss.get_default_collection().unwrap();
        

        let collection_label = collection.get_label().unwrap_or_else(|_| "Unknown".to_string());
        println!("Got default collection with label: {}", collection_label);

        let items = collection.get_all_items().unwrap();

        for item in items {
            let label = item.get_label().unwrap();
            println!("Iterating item with label: {}", label);

            if label == "Chrome Safe Storage" {
                let secret = item.get_secret().unwrap();
                
                if let Ok(secret_str) = std::str::from_utf8(&secret) {
                    println!("Chrome Safe Storage secret (string): {}", secret_str);
                }

                let mut res: [u8; 16] = [0x00; 16]; // it uses aes128 with 128-bit keys
                let salt = "saltysalt";
                pbkdf2::pbkdf2::<Hmac<Sha1>>(&secret[..], salt.as_bytes(), 1, &mut res);
                return Ok(Box::new(res));
            }
        }

        Err("oops")
    }

maybe since rust supports EncryptionType::Dh and the go dbus only supports PLAIN, maybe this is the issue?

the rust code works fine:

Got default collection with label: Login
Iterating item with label: Chrome Safe Storage Control
Iterating item with label:  # ignore this
Iterating item with label: # ignore this
Iterating item with label: Chrome Safe Storage
Chrome Safe Storage secret (string): redactedbase64string==

Metadata

Metadata

Assignees

No one assigned

    Labels

    bugSomething isn't working

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions