First, thanks for this package!

There is a bug on Windows.

This line converts a byte slice to a Go string. This is fine if the byte slice is utf8, however Windows likes to store strings as utf16 it seems like the content of this blob is application defined. Nonetheless when the content is utf16, the result of the cast is an invalid Go string.

The fix would be to validate the byte slice and convert it to utf8 prior to casting it into a Go string.

Edit: I've looked into this somewhat and have realized there's no easy way to do this conversion in general, without knowing the encoding ahead of time.

Thanks for the issue!
Do you want to create a pr to fix it?

@JackMordaunt How do you create those secrets that are wrongly encoded from go-keyring perspective? are they created via go-keyring or in another way?

@JackMordaunt How do you create those secrets that are wrongly encoded from go-keyring perspective? are they created via go-keyring or in another way?

I'm not sure how this came about, as it was a reported by someone else without a reproducer.

I suspect it was a third-party application that they used to write the initial value (perhaps Windows Credential Manager writes utf16 under certain configurations?)