Security concern
In SecureData, the cryptographic key fields _v1MasterKey, _v1StaticIv, _v2EncryptionKey, and _v2HmacKey are stored as byte[] and persist for the lifetime of the singleton. They are never zeroed, despite the class documenting "strict memory-zeroing protocols."
While temporary key material is cleared (e.g. masterKey in the constructor), the cloned copies remain:
_v1MasterKey = (byte[])masterKey.Clone();
_v1StaticIv = (byte[])v1StaticIv.Clone();
Impact
If the process memory is dumped (crash dump, debugger attach, memory forensics), all AES key material is recoverable in plaintext.
Suggested fix
Implement IDisposable on SecureData and zero all key byte arrays in Dispose() using CryptographicOperations.ZeroMemory() or Array.Clear().
File
src/Servy.Core/Security/SecureData.cs — lines 58-60
Security concern
In
SecureData, the cryptographic key fields_v1MasterKey,_v1StaticIv,_v2EncryptionKey, and_v2HmacKeyare stored asbyte[]and persist for the lifetime of the singleton. They are never zeroed, despite the class documenting "strict memory-zeroing protocols."While temporary key material is cleared (e.g.
masterKeyin the constructor), the cloned copies remain:Impact
If the process memory is dumped (crash dump, debugger attach, memory forensics), all AES key material is recoverable in plaintext.
Suggested fix
Implement
IDisposableonSecureDataand zero all key byte arrays inDispose()usingCryptographicOperations.ZeroMemory()orArray.Clear().File
src/Servy.Core/Security/SecureData.cs— lines 58-60