Bad signature in NC13

Support intro

Sorry to hear you’re facing problems :slightly_frowning_face: is for home/non-enterprise users. If you’re running a business, paid support can be accessed via where we can ensure your business keeps running smoothly.

In order to help you as quickly as possible, before clicking Create Topic please provide as much of the below as you can. Feel free to use a pastebin service for logs, otherwise either indent short log examples with four spaces:


Or for longer, use three backticks above and below the code snippet:


Some or all of the below information will be requested if it isn’t supplied; for fastest response please provide as much as you can :heart:

Nextcloud version (eg, 12.0.2): 13.0.2
Operating system and version (eg, Ubuntu 17.04): Raspbian 8 (jessie)
Apache or nginx version (eg, Apache 2.4.25): nginx/1.6.2
PHP version (eg, 7.1): 5.6.30

The issue you are facing: In my logfile I will be spamed with fatal errors. It is telling me bad signature.

Is this the first time you’ve seen this error? (Y/N): Y

The output of your Nextcloud log in Admin > Logging:

OCP\Encryption\Exceptions\GenericEncryptionException: Bad Signature

    /var/www/nextcloud/apps/encryption/lib/Crypto/Crypt.php - line 465: OCA\Encryption\Crypto\Crypt->checkSignature('fSbZhYc9aT2ijwj...', ' \xAF8\xB0\x9D\x90\xC5\xB1\xC2\xEA\x1F\x82\xF5\x95/...', '5ea40bdb199fbf1...')
    /var/www/nextcloud/apps/encryption/lib/Crypto/Encryption.php - line 380: OCA\Encryption\Crypto\Crypt->symmetricDecryptFileContent('fSbZhYc9aT2ijwj...', ' \xAF8\xB0\x9D\x90\xC5\xB1\xC2\xEA\x1F\x82\xF5\x95/...', 'AES-256-CTR', 41, 0)
    /var/www/nextcloud/lib/private/Files/Stream/Encryption.php - line 464: OCA\Encryption\Crypto\Encryption->decrypt(*** sensitive parameters replaced ***)
    /var/www/nextcloud/lib/private/Files/Stream/Encryption.php - line 295: OC\Files\Stream\Encryption->readCache()
    [internal function] OC\Files\Stream\Encryption->stream_read(8192)
    /var/www/nextcloud/3rdparty/icewind/streams/src/Wrapper.php - line 83: fread(Resource id #40, 8192)
    /var/www/nextcloud/3rdparty/icewind/streams/src/CallbackWrapper.php - line 91: Icewind\Streams\Wrapper->stream_read(8192)
    [internal function] Icewind\Streams\CallbackWrapper->stream_read(8192)
    /var/www/nextcloud/3rdparty/sabre/http/lib/Sapi.php - line 84: fread(Resource id #43, 8192)
    /var/www/nextcloud/3rdparty/sabre/dav/lib/DAV/Server.php - line 498: Sabre\HTTP\Sapi sendResponse(Object(Sabre\HTTP\Response))
    /var/www/nextcloud/3rdparty/sabre/dav/lib/DAV/Server.php - line 254: Sabre\DAV\Server->invokeMethod(Object(Sabre\HTTP\Request), Object(Sabre\HTTP\Response))
    /var/www/nextcloud/apps/dav/lib/Server.php - line 283: Sabre\DAV\Server->exec()
    /var/www/nextcloud/apps/dav/appinfo/v2/remote.php - line 35: OCA\DAV\Server->exec()
    /var/www/nextcloud/remote.php - line 164: require_once('/var/www/nextcl...')

What can I do to avoid this error? And how can I get rid of it?

Kind regards

On server-side encryption, the encrypted files are signed after that with data from the database. So if you do manual changes to the database, restore a different version of the database and the files, the signature check can fail.

If you have the file on the desktop client unencrypted, I’d move it out of the sync folder, then make sure it is not in Nextcloud any more and then move it back to Nextcloud. This will upload and encrypt the file on Nextcloud again.