[PM-28824] Catch error initializing provider keys

[quexten]

🎟️ Tracking

https://bitwarden.atlassian.net/browse/PM-28824

📔 Objective

The key service derives the public key in order to encrypt provider keys to look like org keys. This was a hotfix that was introduced a few months ago in response to provider-key issues on SDK. If the private key fails to derive a public key, then this observable breaks, and the SDK never initializes. Thus, a corrupt private key would cause the the SDK domain decryption to fail.

📸 Screenshots

⏰ Reminders before review

• Contributor guidelines followed
• All formatters and local linters executed and passed
• Written new unit and / or integration tests where applicable
• Protected functional changes with optionality (feature flags)
• Used internationalization (i18n) for all UI strings
• CI builds passed
• Communicated to DevOps any deployment requirements
• Updated any necessary documentation (Confluence, contributing docs) or informed the documentation team

🦮 Reviewer guidelines

• 👍 (:+1:) or similar for great changes
• 📝 (:memo:) or ℹ️ (:information_source:) for notes or general info
• ❓ (:question:) for questions
• 🤔 (:thinking:) or 💭 (:thought_balloon:) for more open inquiry that's not quite a confirmed issue and could potentially benefit from discussion
• 🎨 (:art:) for suggestions / improvements
• ❌ (:x:) or ⚠️ (:warning:) for more significant problems or concerns needing attention
• 🌱 (:seedling:) or ♻️ (:recycle:) for future improvements or indications of technical debt
• ⛏ (:pick:) for minor or nitpick changes

[github-actions]

Checkmarx One – Scan Summary & Details – 7f393f6e-5c52-43e3-92b4-b7447f188275

Great job! No new security vulnerabilities introduced in this pull request

[claude]

Claude finished @quexten's task —— View job

---

Code Review Complete

Summary: This PR adds error handling to prevent SDK initialization failure when deriving public keys from corrupted private keys. The change is focused and appropriate, addressing the critical issue where a corrupt private key would break SDK initialization. I've noted a couple of areas worth considering.

---

Findings

Finding 1 (💭): Missing similar error handling in cipherDecryptionKeys$ method - The cipherDecryptionKeys$ method performs similar operations and could encounter the same errors. Worth considering for consistency.

Finding 2 (💭): Error handling returns empty object - This achieves the goal of allowing SDK initialization, but users will have zero org keys available with only a log message. Consider if users need notification about org access failure.

Finding 3 (💭): PR description scope - The description focuses on "provider keys" but the fix applies to all organization key encryption (both provider-encrypted and user-encrypted orgs), since the error can occur at derivePublicKey on line 917.

---

PR Metadata

✅ Title: Clear and specific

⚠️ Test Plan: Not provided - consider documenting how to verify SDK initializes with corrupted private key and appropriate error logging occurs

---

The core fix is solid and addresses the blocking issue effectively. The inline comments highlight areas for discussion but don't block this hotfix.

[codecov]

Codecov Report

❌ Patch coverage is 0% with 2 lines in your changes missing coverage. Please review.
✅ Project coverage is 41.54%. Comparing base (ab543b9) to head (252ada8).
⚠️ Report is 21 commits behind head on main.
✅ All tests successful. No failed tests found.

Files with missing lines	Patch %	Lines
libs/key-management/src/key.service.ts	0.00%	2 Missing ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##             main   #17672      +/-   ##
==========================================
- Coverage   41.54%   41.54%   -0.01%     
==========================================
  Files        3550     3550              
  Lines      102258   102260       +2     
  Branches    15341    15341              
==========================================
- Hits        42486    42485       -1     
- Misses      57982    57984       +2     
- Partials     1790     1791       +1     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.