ChromeBased: Handle multiple decryption keys on Linux

[extrwi]

Users may have Chrome, Chromium and VS Code installed at the same time, while all of them store their secret under the names Chrome Safe Storage and Chromium Safe Storage. We need to try all available secrets, unless we also respect the application property of the secret. But the amount of Chrome-based browsers doesn't make this feasible.

Furthermore, under some conditions, Chromium on Linux seems to still store cookies encrypted with the hardcoded v10 secret. Decryption of these didn't work when other secrets were present in the system keyring.

To avoid false positives, validation of the decrypted cookie has been enhanced by verifying correctness of padding bytes and restricting accepted values to the ASCII character set.

Previously, browsercookie would fail with the following error message:

  File "browsercookie/__init__.py", line 548, in chromium
    return Chromium(cookie_files).load()
  File "browsercookie/__init__.py", line 99, in load
    for cookie in sorted(self.get_cookies(), key=lambda cookie: cookie.expires):
  File "browsercookie/__init__.py", line 168, in get_cookies
    value = self._decrypt(item[5], item[6], item[4], item[1], key=key)
  File "browsercookie/__init__.py", line 195, in _decrypt
    return clean(decrypted)
  File "browsercookie/__init__.py", line 188, in clean
    return x[:-last].decode('utf8')
UnicodeDecodeError: 'utf-8' codec can't decode byte 0xb3 in position 0: invalid start byte

This UnicodeDecodeError was replaced with a proper BrowserCookieError.

With these changes applied, I was able to consistently decrypt all my cookies.

[richardpenman]

This is great! Thanks for sending