Encryption destroys files

Support intro

Sorry to hear you’re facing problems :slightly_frowning_face:

help.nextcloud.com is for home/non-enterprise users. If you’re running a business, paid support can be accessed via portal.nextcloud.com where we can ensure your business keeps running smoothly.

In order to help you as quickly as possible, before clicking Create Topic please provide as much of the below as you can. Feel free to use a pastebin service for logs, otherwise either indent short log examples with four spaces:

example

Or for longer, use three backticks above and below the code snippet:


Some or all of the below information will be requested if it isn’t supplied; for fastest response please provide as much as you can :heart:

Nextcloud version (eg, 18.0.2): 19.0.4
Operating system and version (eg, Ubuntu 20.04): Ubuntu 20.04
Apache or nginx version (eg, Apache 2.4.25): Apache/2.4.41 (Ubuntu)
PHP version (eg, 7.1): 7.4

The issue you are facing:
After enabling encryption every new uploaded file is visible in the users file list, but unreadable. Trying to download results in Internal Server Error. When sharing a link to a encrypted file, it downloads a small file with html content saying "Error
Can’t read file
multikeydecrypt with share key failed:error:0407109F:rsa routines:RSA_padding_check_PKCS1_type_2:pkcs decoding error
When disabling encryption everything works fine, but occ is not able to decrypt files.

Is this the first time you’ve seen this error? (Y/N): Y

Steps to replicate it:

  1. Enabling encryption
  2. Uploading new file
  3. Download or share new file

The output of your Nextcloud log in Admin > Logging:

{"reqId":"7EcfejBZHgsIK1ALuPYe","level":4,"time":"2020-10-29T07:43:22+00:00","remoteAddr":"87.79.0.250","user":"admin","app":"webdav","method":"GET","url":"/nextcloud/remote.php/webdav/Key_Labelling_Tool_(de).zip","message":{"Exception":"Sabre\\DAV\\Exception\\ServiceUnavailable","Message":"Encryption not ready: multikeydecrypt with share key failed:error:0407109F:rsa routines:RSA_padding_check_PKCS1_type_2:pkcs decoding error","Code":0,"Trace":[{"file":"/var/www/nextcloud/apps/dav/lib/Connector/Sabre/File.php","line":435,"function":"convertToSabreException","class":"OCA\\DAV\\Connector\\Sabre\\File","type":"->"},{"file":"/var/www/nextcloud/3rdparty/sabre/dav/lib/DAV/CorePlugin.php","line":90,"function":"get","class":"OCA\\DAV\\Connector\\Sabre\\File","type":"->"},{"file":"/var/www/nextcloud/3rdparty/sabre/event/lib/WildcardEmitterTrait.php","line":89,"function":"httpGet","class":"Sabre\\DAV\\CorePlugin","type":"->"},{"file":"/var/www/nextcloud/3rdparty/sabre/dav/lib/DAV/Server.php","line":474,"function":"emit","class":"Sabre\\DAV\\Server","type":"->"},{"file":"/var/www/nextcloud/3rdparty/sabre/dav/lib/DAV/Server.php","line":251,"function":"invokeMethod","class":"Sabre\\DAV\\Server","type":"->"},{"file":"/var/www/nextcloud/3rdparty/sabre/dav/lib/DAV/Server.php","line":319,"function":"start","class":"Sabre\\DAV\\Server","type":"->"},{"file":"/var/www/nextcloud/apps/dav/appinfo/v1/webdav.php","line":82,"function":"exec","class":"Sabre\\DAV\\Server","type":"->"},{"file":"/var/www/nextcloud/remote.php","line":167,"args":["/var/www/nextcloud/apps/dav/appinfo/v1/webdav.php"],"function":"require_once"}],"File":"/var/www/nextcloud/apps/dav/lib/Connector/Sabre/File.php","Line":667,"Previous":{"Exception":"OCA\\Encryption\\Exceptions\\MultiKeyDecryptException","Message":"multikeydecrypt with share key failed:error:0407109F:rsa routines:RSA_padding_check_PKCS1_type_2:pkcs decoding error","Code":0,"Trace":[{"file":"/var/www/nextcloud/apps/encryption/lib/KeyManager.php","line":446,"function":"multiKeyDecrypt","class":"OCA\\Encryption\\Crypto\\Crypt","type":"->"},{"file":"/var/www/nextcloud/apps/encryption/lib/Crypto/Encryption.php","line":201,"function":"getFileKey","class":"OCA\\Encryption\\KeyManager","type":"->"},{"file":"/var/www/nextcloud/lib/private/Files/Stream/Encryption.php","line":268,"function":"begin","class":"OCA\\Encryption\\Crypto\\Encryption","type":"->"},{"function":"stream_open","class":"OC\\Files\\Stream\\Encryption","type":"->"},{"file":"/var/www/nextcloud/lib/private/Files/Stream/Encryption.php","line":207,"function":"fopen"},{"file":"/var/www/nextcloud/lib/private/Files/Stream/Encryption.php","line":187,"function":"wrapSource","class":"OC\\Files\\Stream\\Encryption","type":"::"},{"file":"/var/www/nextcloud/lib/private/Files/Storage/Wrapper/Encryption.php","line":473,"function":"wrap","class":"OC\\Files\\Stream\\Encryption","type":"::"},{"file":"/var/www/nextcloud/lib/private/Files/Storage/Wrapper/Wrapper.php","line":300,"function":"fopen","class":"OC\\Files\\Storage\\Wrapper\\Encryption","type":"->"},{"file":"/var/www/nextcloud/lib/private/Files/View.php","line":1159,"function":"fopen","class":"OC\\Files\\Storage\\Wrapper\\Wrapper","type":"->"},{"file":"/var/www/nextcloud/lib/private/Files/View.php","line":995,"function":"basicOperation","class":"OC\\Files\\View","type":"->"},{"file":"/var/www/nextcloud/apps/dav/lib/Connector/Sabre/File.php","line":433,"function":"fopen","class":"OC\\Files\\View","type":"->"},{"file":"/var/www/nextcloud/3rdparty/sabre/dav/lib/DAV/CorePlugin.php","line":90,"function":"get","class":"OCA\\DAV\\Connector\\Sabre\\File","type":"->"},{"file":"/var/www/nextcloud/3rdparty/sabre/event/lib/WildcardEmitterTrait.php","line":89,"function":"httpGet","class":"Sabre\\DAV\\CorePlugin","type":"->"},{"file":"/var/www/nextcloud/3rdparty/sabre/dav/lib/DAV/Server.php","line":474,"function":"emit","class":"Sabre\\DAV\\Server","type":"->"},{"file":"/var/www/nextcloud/3rdparty/sabre/dav/lib/DAV/Server.php","line":251,"function":"invokeMethod","class":"Sabre\\DAV\\Server","type":"->"},{"file":"/var/www/nextcloud/3rdparty/sabre/dav/lib/DAV/Server.php","line":319,"function":"start","class":"Sabre\\DAV\\Server","type":"->"},{"file":"/var/www/nextcloud/apps/dav/appinfo/v1/webdav.php","line":82,"function":"exec","class":"Sabre\\DAV\\Server","type":"->"},{"file":"/var/www/nextcloud/remote.php","line":167,"args":["/var/www/nextcloud/apps/dav/appinfo/v1/webdav.php"],"function":"require_once"}],"File":"/var/www/nextcloud/apps/encryption/lib/Crypto/Crypt.php","Line":681,"Hint":"multikeydecrypt with share key failed:error:0407109F:rsa routines:RSA_padding_check_PKCS1_type_2:pkcs decoding error"},"CustomMessage":"--"},"userAgent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:81.0) Gecko/20100101 Firefox/81.0","version":"19.0.4.2","id":"5f9a73aad6c96"}kk

The output of your config.php file in /path/to/nextcloud (make sure you remove any identifiable information!):

<?php
$CONFIG = array (
  'passwordsalt' => 'xxxxj6AU',
  'secret' => 'xxxx7PgOYY4pM',
  'trusted_domains' => 
  array (
    0 => 'localhost',
    1 => 'xxxxx.megasrv.de',
    2 => 'x.x.x.233',
    3 => 'xxx.de',
    4 => 'www.xxx.de',
  ),
  'datadirectory' => '/var/www/nextcloud/data',
  'dbtype' => 'mysql',
  'version' => '19.0.4.2',
  'overwrite.cli.url' => 'http://localhost',
  'dbname' => 'nextcloud',
  'dbhost' => 'localhost',
  'dbport' => '',
  'dbtableprefix' => 'oc_',
  'mysql.utf8mb4' => true,
  'dbuser' => 'nextcloud',
  'dbpassword' => 'xxxeng0',
  'installed' => true,
  'instanceid' => 'xxxwuh',
  'maintenance' => false,
  'theme' => '',
  'loglevel' => 2,
  'updater.releacdse.channel' => 'stable',
);

Thank you very much in advance

Simon