The Basics
- Nextcloud Server version (e.g., 29.x.x):
30.0.12(originally ownCloud 10.15, upgraded to NextCloud 25 and then running the major updates)
- Operating system and version (e.g., Ubuntu 24.04):
hosting provide, don't know
- Web server and version (e.g, Apache 2.4.25):
dito
- Reverse proxy and version _(e.g. nginx 1.27.2)
nginx
- PHP version (e.g, 8.3):
8.1.19
- Is this the first time you’ve seen this error? (Yes / No):
Yes
- When did this problem seem to first start?
after updating
- Installation method (e.g. AlO, NCP, Bare Metal/Archive, etc.)
don't know
- Are you using CloudfIare, mod_security, or similar? (Yes / No)
don't know
Summary of the issue you are facing:
Some files in some folders can’t be accessed from web/android app/windows client, except I set encryption_skip_signature_check to true
I had encryption enabled, but then I used decrypt-allthis morning, but it didn’t change a thing. The log still said Bad Signature afterwards and the file remains encrypted.
I assume, it has something to do with a previous update attempt from oc to NC that didn’t completely work out because of wrong permissions for files and folders, but having Windows client and App accessing the files maybe messed up something.
I still have the ownCloud backup, if that helps.
I would like to understand, what exactly the signature is and what role it has. It more sounds like some checksum, rather than an absolutely crucial part of the decryption process (because else, how could I access the files with skipped signature check?)
Is there any way to say “throw away the signatures and recalculate them”?
Steps to replicate it (hint: details matter!):
- set
encryption_skip_signature_checktofalse - try accessing file in web interface
- see internal server error
Log entries
{
"reqId": "aFaDRSxAShkKmoOTZuotHwAAABw",
"level": 3,
"time": "2025-06-21T10:02:46+00:00",
"remoteAddr": "71.171.10.182",
"user": "Flominator",
"app": "no app in context",
"method": "GET",
"url": "/index.php/core/preview?fileId=157612&x=250&y=250",
"message": "Couldn't re-calculate unencrypted size for files/Flo Test.txt",
"userAgent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:139.0) Gecko/20100101 Firefox/139.0",
"version": "30.0.12.2",
"exception": {
"Exception": "OC\\Encryption\\Exceptions\\DecryptionFailedException",
"Message": "Encryption library: Decryption (symmetric) of content failed: error:0607A082:digital envelope routines:EVP_CIPHER_CTX_set_key_length:invalid key length",
"Code": 0,
"Trace": [
{
"file": "/var/www/..../httpdocs/clowd/apps/encryption/lib/Crypto/Crypt.php",
"line": 438,
"function": "decrypt",
"class": "OCA\\Encryption\\Crypto\\Crypt",
"type": "->",
"args": [
"*** sensitive parameters replaced ***"
]
},
{
"file": "/var/www/.../httpdocs/clowd/apps/encryption/lib/Crypto/Encryption.php",
"line": 317,
"function": "symmetricDecryptFileContent",
"class": "OCA\\Encryption\\Crypto\\Crypt",
"type": "->",
"args": [
"*** sensitive parameters replaced ***"
]
},
{
"file": "/var/www/.../httpdocs/clowd/lib/private/Files/Storage/Wrapper/Encryption.php",
"line": 584,
"function": "decrypt",
"class": "OCA\\Encryption\\Crypto\\Encryption",
"type": "->",
"args": [
"*** sensitive parameters replaced ***"
]
},
{
"file": "/var/www/.../httpdocs/clowd/lib/private/Files/Storage/Wrapper/Encryption.php",
"line": 505,
"function": "fixUnencryptedSize",
"class": "OC\\Files\\Storage\\Wrapper\\Encryption",
"type": "->",
"args": [
"*** sensitive parameters replaced ***"
]
},
{
"file": "/var/www/.../httpdocs/clowd/lib/private/Files/Storage/Wrapper/Encryption.php",
"line": 149,
"function": "verifyUnencryptedSize",
"class": "OC\\Files\\Storage\\Wrapper\\Encryption",
"type": "->",
"args": [
"*** sensitive parameters replaced ***"
]
},
{
"file": "/var/www/.../httpdocs/clowd/lib/private/Files/Storage/Wrapper/Encryption.php",
"line": 397,
"function": "filesize",
"class": "OC\\Files\\Storage\\Wrapper\\Encryption",
"type": "->",
"args": [
"*** sensitive parameters replaced ***"
]
},
{
"file": "/var/www/.../httpdocs/clowd/lib/private/Files/View.php",
"line": 1207,
"function": "fopen",
"class": "OC\\Files\\Storage\\Wrapper\\Encryption",
"type": "->",
"args": [
"*** sensitive parameters replaced ***",
"r"
]
},
{
"file": "/var/www/.../httpdocs/clowd/lib/private/Files/View.php",
"line": 1035,
"function": "basicOperation",
"class": "OC\\Files\\View",
"type": "->",
"args": [
"fopen",
"/Flominator/files/Flo Test.txt",
[
"read"
],
"r"
]
},
{
"file": "/var/www/.../httpdocs/clowd/lib/private/Files/Node/File.php",
"line": 95,
"function": "fopen",
"class": "OC\\Files\\View",
"type": "->",
"args": [
"/Flominator/files/Flo Test.txt",
"r"
]
},
{
"file": "/var/www/.../httpdocs/clowd/lib/private/Preview/TXT.php",
"line": 37,
"function": "fopen",
"class": "OC\\Files\\Node\\File",
"type": "->",
"args": [
"r"
]
},
{
"file": "/var/www/.../httpdocs/clowd/lib/private/Preview/GeneratorHelper.php",
"line": 45,
"function": "getThumbnail",
"class": "OC\\Preview\\TXT",
"type": "->",
"args": [
{
"__class__": "OC\\Files\\Node\\File"
},
4096,
4096
]
},
{
"file": "/var/www/.../httpdocs/clowd/lib/private/Preview/Generator.php",
"line": 337,
"function": "getThumbnail",
"class": "OC\\Preview\\GeneratorHelper",
"type": "->",
"args": [
{
"__class__": "OC\\Preview\\TXT"
},
{
"__class__": "OC\\Files\\Node\\File"
},
4096,
4096
]
},
{
"file": "/var/www/.../httpdocs/clowd/lib/private/Preview/Generator.php",
"line": 313,
"function": "generateProviderPreview",
"class": "OC\\Preview\\Generator",
"type": "->",
"args": [
{
"__class__": "OC\\Files\\SimpleFS\\SimpleFolder"
},
{
"__class__": "OC\\Files\\Node\\File"
},
4096,
4096,
"*** sensitive parameters replaced ***",
true,
"text/plain",
"*** sensitive parameters replaced ***"
]
},
{
"file": "/var/www/.../httpdocs/clowd/lib/private/Preview/Generator.php",
"line": 119,
"function": "getMaxPreview",
"class": "OC\\Preview\\Generator",
"type": "->",
"args": [
{
"__class__": "OC\\Files\\SimpleFS\\SimpleFolder"
},
[],
{
"__class__": "OC\\Files\\Node\\File"
},
"text/plain",
"*** sensitive parameters replaced ***"
]
},
{
"file": "/var/www/.../httpdocs/clowd/lib/private/Preview/Generator.php",
"line": 90,
"function": "generatePreviews",
"class": "OC\\Preview\\Generator",
"type": "->",
"args": [
{
"__class__": "OC\\Files\\Node\\File"
},
[
{
"width": 250,
"height": 250,
"crop": true,
"mode": "fill"
}
],
"text/plain",
true
]
},
{
"file": "/var/www/.../httpdocs/clowd/lib/private/PreviewManager.php",
"line": 158,
"function": "getPreview",
"class": "OC\\Preview\\Generator",
"type": "->",
"args": [
{
"__class__": "OC\\Files\\Node\\File"
},
250,
250,
true,
"fill",
null,
true
]
},
{
"file": "/var/www/.../httpdocs/clowd/core/Controller/PreviewController.php",
"line": 159,
"function": "getPreview",
"class": "OC\\PreviewManager",
"type": "->",
"args": [
{
"__class__": "OC\\Files\\Node\\File"
},
250,
250,
true,
"fill"
]
},
{
"file": "/var/www/.../httpdocs/clowd/core/Controller/PreviewController.php",
"line": 123,
"function": "fetchPreview",
"class": "OC\\Core\\Controller\\PreviewController",
"type": "->",
"args": [
{
"__class__": "OC\\Files\\Node\\File"
},
250,
250,
"*** sensitive parameters replaced ***",
true,
"fill",
"*** sensitive parameters replaced ***"
]
},
{
"file": "/var/www/.../httpdocs/clowd/lib/private/AppFramework/Http/Dispatcher.php",
"line": 208,
"function": "getPreviewByFileId",
"class": "OC\\Core\\Controller\\PreviewController",
"type": "->",
"args": [
157612,
250,
250,
"*** sensitive parameters replaced ***",
true,
"fill",
"*** sensitive parameters replaced ***"
]
},
{
"file": "/var/www/.../httpdocs/clowd/lib/private/AppFramework/Http/Dispatcher.php",
"line": 114,
"function": "executeController",
"class": "OC\\AppFramework\\Http\\Dispatcher",
"type": "->",
"args": [
{
"__class__": "OC\\Core\\Controller\\PreviewController"
},
"getPreviewByFileId"
]
},
{
"file": "/var/www/.../httpdocs/clowd/lib/private/AppFramework/App.php",
"line": 161,
"function": "dispatch",
"class": "OC\\AppFramework\\Http\\Dispatcher",
"type": "->",
"args": [
{
"__class__": "OC\\Core\\Controller\\PreviewController"
},
"getPreviewByFileId"
]
},
{
"file": "/var/www/.../httpdocs/clowd/lib/private/Route/Router.php",
"line": 303,
"function": "main",
"class": "OC\\AppFramework\\App",
"type": "::",
"args": [
"OC\\Core\\Controller\\PreviewController",
"getPreviewByFileId",
{
"__class__": "OC\\AppFramework\\DependencyInjection\\DIContainer"
},
{
"_route": "core.preview.getpreviewbyfileid"
}
]
},
{
"file": "/var/www/.../httpdocs/clowd/lib/base.php",
"line": 1010,
"function": "match",
"class": "OC\\Route\\Router",
"type": "->",
"args": [
"/core/preview"
]
},
{
"file": "/var/www/.../httpdocs/clowd/index.php",
"line": 24,
"function": "handleRequest",
"class": "OC",
"type": "::",
"args": []
}
],
"File": "/var/www/.../httpdocs/clowd/apps/encryption/lib/Crypto/Crypt.php",
"Line": 552,
"Hint": "Encryption library: Decryption (symmetric) of content failed: error:0607A082:digital envelope routines:EVP_CIPHER_CTX_set_key_length:invalid key length",
"message": "Couldn't re-calculate unencrypted size for files/Flo Test.txt",
"exception": {},
"CustomMessage": "Couldn't re-calculate unencrypted size for files/Flo Test.txt"
}
}
Thanks a lot