Description
In src/Servy.Core/Security/ProtectedKeyProvider.cs (lines 140–155), when backward-compatible decryption without entropy succeeds, the code attempts to re-encrypt with entropy (key migration). If SaveProtected fails (disk full, permissions), the catch block silently ignores the error.
This means every subsequent startup will retry the failing migration — performing DPAPI operations and disk writes that always fail — with zero logging. The keys remain in the less-secure no-entropy format indefinitely.
Frequency
Every service startup and every application startup that accesses encrypted credentials.
Suggested fix
Log the migration failure so it can be diagnosed:
catch (Exception ex)
{
Logger.Warn($"Key migration to entropy-protected format failed: {ex.Message}");
}
Description
In
src/Servy.Core/Security/ProtectedKeyProvider.cs(lines 140–155), when backward-compatible decryption without entropy succeeds, the code attempts to re-encrypt with entropy (key migration). IfSaveProtectedfails (disk full, permissions), the catch block silently ignores the error.This means every subsequent startup will retry the failing migration — performing DPAPI operations and disk writes that always fail — with zero logging. The keys remain in the less-secure no-entropy format indefinitely.
Frequency
Every service startup and every application startup that accesses encrypted credentials.
Suggested fix
Log the migration failure so it can be diagnosed: