Context
The cross-host workflow needs the origin host's browser data copied to the analyst host before keys import. That copy step is currently manual and awkward.
Motivation
- Full
User Data is huge (caches), but only a few small files are needed to decrypt.
- On Windows the live SQLite files (
Cookies, Login Data) are locked → a naive copy fails.
- Paths contain spaces; profile markers vary (
Preferences vs Preferences_02).
Discovery already resolves exactly which files matter per category — the only missing piece is collecting them into a portable archive.
Proposal
A command (e.g. keys archive -b <browser> -o data.zip) that:
- collects only decryption-relevant files (
Login Data, Cookies, Web Data, History, … + Local State + Preferences), excluding caches → small zip;
- reads locked files via
filemanager.Session (the existing Windows locked-file bypass);
- keeps the relative
User Data layout, so the analyst can unzip and keys import -p <unzipped> directly.
Workflow
origin: keys export -o keys.json # keys
keys archive -o data.zip # data (this feature)
analyst: unzip data.zip && keys import -i keys.json -b <browser> -p ./data
Related: #605; import-discovery bug #606.
Context
The cross-host workflow needs the origin host's browser data copied to the analyst host before
keys import. That copy step is currently manual and awkward.Motivation
User Datais huge (caches), but only a few small files are needed to decrypt.Cookies,Login Data) are locked → a naive copy fails.PreferencesvsPreferences_02).Discovery already resolves exactly which files matter per category — the only missing piece is collecting them into a portable archive.
Proposal
A command (e.g.
keys archive -b <browser> -o data.zip) that:Login Data,Cookies,Web Data,History, … +Local State+Preferences), excluding caches → small zip;filemanager.Session(the existing Windows locked-file bypass);User Datalayout, so the analyst can unzip andkeys import -p <unzipped>directly.Workflow
Related: #605; import-discovery bug #606.