[FIXED JENKINS-25937] Treat BadPaddingException as an unloadable key …

…and continue.
jenkinsci · Dec 5, 2014 · 6318b8d · 6318b8d
1 parent e4c5c71
commit 6318b8d
Show file tree

Hide file tree

Showing 2 changed files with 10 additions and 1 deletion.
diff --git a/changelog.html b/changelog.html
@@ -55,7 +55,9 @@
 <!-- Record your changes in the trunk here. -->
 <div id="trunk" style="display:none"><!--=TRUNK-BEGIN=-->
 <ul class=image>
-  <li class=>
+  <li class=bug>
+    After recent Java security updates, Jenkins would not gracefully recover from a deleted <code>secrets/master.key</code>.
+    (<a href="https://issues.jenkins-ci.org/browse/JENKINS-25937">issue 25937</a>)
 </ul>
 </div><!--=TRUNK-END=-->
 

diff --git a/core/src/main/java/jenkins/security/DefaultConfidentialStore.java b/core/src/main/java/jenkins/security/DefaultConfidentialStore.java
@@ -16,6 +16,7 @@
 import java.io.IOException;
 import java.security.GeneralSecurityException;
 import java.security.SecureRandom;
+import javax.crypto.BadPaddingException;
 import org.apache.commons.io.IOUtils;
 
 /**
@@ -107,6 +108,12 @@ protected byte[] load(ConfidentialKey key) throws IOException {
             return verifyMagic(bytes);
         } catch (GeneralSecurityException e) {
             throw new IOException("Failed to load the key: "+key.getId(),e);
+        } catch (IOException x) {
+            if (x.getCause() instanceof BadPaddingException) {
+                return null; // broken somehow
+            } else {
+                throw x;
+            }
         } finally {
             IOUtils.closeQuietly(cis);
             IOUtils.closeQuietly(fis);