core icon indicating copy to clipboard operation
core copied to clipboard

Published 20 hours ago verified publisher icon owncloud

File decryption fails with no errors

Open d3xt3r01 opened this issue 2 years ago • 1 comments

Steps to reproduce

sudo -u apache php ./occ encryption:enable
sudo -u apache php ./occ encryption:decrypt-all

Expected behaviour I’d expect all files to be decrypted

Actual behaviour I’m sure this is old… the files seem to be base64 encoded rather than the newer binary which seems to have been decoded. It seems the file is ignored and considered as being succesfully decrypted.

The ones with this did not get decoded HBEGIN:cipher:AES-256-CFB:HEND

The ones with this headergot decoded: HBEGIN:oc_encryption_module:OC_DEFAULT_MODULE:cipher:AES-256-CTR:signed:true:encoding:binary:HEND

Both have ----- padding 'till the 8192 mark.

$ file IMG_4180.JPG

IMG_4180.JPG: ASCII text, with very long lines (65536), with no line terminators

$ sha256sum IMG_4180.JPG

5ae05120363e8b5ab48b2993e4577495632f59d0f7fdaeaa7e027641e87e6abb IMG_4180.JPG

$ sudo -u apache php ./occ encryption:enable

Encryption enabled

Default module: OC_DEFAULT_MODULE

$ sudo -u apache php ./occ encryption:decrypt-all

Disable server side encryption… done.

You are about to start to decrypt all files stored in your ownCloud.
It will depend on the encryption module and your setup if this is possible.
Depending on the number and size of your files this can take some time
Please make sure that no user accesses their files during this process!

Do you really want to continue? (y/n) y
prepare encryption modules…
done.

%message%
[>---------------------------]
Prepare “Default encryption module”

Configuring encryption module for decryption with user based keys
decrypt files for user dexter (1 of 1): /dexter/files/Photos/XXXREDACTEDXXX/IMG_4181.JPG
[-------------->-------------]

starting to decrypt files… finished
[============================]

all files could be decrypted successfully!

$ sha256sum IMG_4180.JPG

5ae05120363e8b5ab48b2993e4577495632f59d0f7fdaeaa7e027641e87e6abb IMG_4180.JPG

$ file IMG_4180.JPG

IMG_4180.JPG: ASCII text, with very long lines (65536), with no line terminators

$ dd if=IMG_4180.JPG bs=8192 count=1
HBEGIN:cipher:AES-256-CFB:HEND--------------…

Server configuration Operating system: Gentoo

Web server: Apache 2.4.52 Database: mariadb 10.5.13

PHP version: 7.4

ownCloud version: 10.9.1

Updated from an older ownCloud or fresh install: always updated since a loooong time ago

Where did you install ownCloud from: tar.gz

The content of config/config.php:

{
“system”: {
“loglevel”: 2,
“instanceid”: “oceb871cbff2”,
“passwordsalt”: “REMOVED SENSITIVE VALUE”,
“updatechecker”: false,
“knowledgebaseenabled”: false,
“trusted_domains”: [
“XXX”
],
“appstoreenabled”: true,
“appstoreurl”: “https://marketplace.owncloud.com/”,
“datadirectory”: “/var/www/XXX/htdocs/owncloud/data”,
“dbtype”: “mysql”,
“version”: “10.9.1.2”,
“dbname”: “owncloud”,
“files_external_allow_create_new_local”: “true”,
“dbhost”: “localhost”,
“dbtableprefix”: “oc_”,
“dbuser”: “REMOVED SENSITIVE VALUE”,
“dbpassword”: “REMOVED SENSITIVE VALUE”,
“installed”: true,
“forcessl”: true,
“mail_domain”: “REMOVED SENSITIVE VALUE”,
“mail_from_address”: “REMOVED SENSITIVE VALUE”,
“mail_smtpmode”: “smtp”,
“mail_smtphost”: “REMOVED SENSITIVE VALUE”,
“mail_smtpauth”: 1,
“mail_smtpauthtype”: “LOGIN”,
“mail_smtpname”: “REMOVED SENSITIVE VALUE”,
“mail_smtppassword”: “REMOVED SENSITIVE VALUE”,
“theme”: “”,
“secret”: “REMOVED SENSITIVE VALUE”,
“trashbin_retention_obligation”: “180, auto”,
“overwrite.cli.url”: “/owncloud”,
“maintenance”: false,
“cache_path”: “”,
“filelocking.enabled”: true,
“memcache.locking”: “\OC\Memcache\Redis”,
“memcache.local”: “\OC\Memcache\Redis”,
“redis”: {
“host”: “/var/run/redis/redis.sock”,
“port”: 0,
“timeout”: 0,
“dbindex”: 0
},
“apps_paths”: [
{
“path”: “/var/www/XXX/htdocs/owncloud/apps”,
“url”: “/apps”,
“writable”: true
}
],
“htaccess.RewriteBase”: “/owncloud”,
“mail_smtpport”: “587”,
“mail_smtpsecure”: “tls”,
“singleuser”: false,
“allow_user_to_change_mail_address”: “”
}
}

List of activated apps:

Enabled:
  - dav:
    - Version: 0.7.0
    - Path: /var/www/XXX/htdocs/owncloud/apps/dav
  - encryption:
    - Version: 1.5.1
    - Path: /var/www/XXX/htdocs/owncloud/apps/encryption
  - federatedfilesharing:
    - Version: 0.5.0
    - Path: /var/www/XXX/htdocs/owncloud/apps/federatedfilesharing
  - federation:
    - Version: 0.1.0
    - Path: /var/www/XXX/htdocs/owncloud/apps/federation
  - files:
    - Version: 1.5.2
    - Path: /var/www/XXX/htdocs/owncloud/apps/files
  - files_external:
    - Version: 0.8.0
    - Path: /var/www/XXX/htdocs/owncloud/apps/files_external
  - files_mediaviewer:
    - Version: 1.0.5
    - Path: /var/www/XXX/htdocs/owncloud/apps/files_mediaviewer
  - files_pdfviewer:
    - Version: 1.0.1
    - Path: /var/www/XXX/htdocs/owncloud/apps/files_pdfviewer
  - files_sharing:
    - Version: 0.14.0
    - Path: /var/www/XXX/htdocs/owncloud/apps/files_sharing
  - files_versions:
    - Version: 1.3.0
    - Path: /var/www/XXX/htdocs/owncloud/apps/files_versions
  - gallery:
    - Version: 16.1.2
    - Path: /var/www/XXX/htdocs/owncloud/apps/gallery
  - market:
    - Version: 0.6.2
    - Path: /var/www/XXX/htdocs/owncloud/apps/market
  - notifications:
    - Version: 0.5.4
    - Path: /var/www/XXX/htdocs/owncloud/apps/notifications
  - provisioning_api:
    - Version: 0.5.0
    - Path: /var/www/XXX/htdocs/owncloud/apps/provisioning_api
  - systemtags:
    - Version: 0.3.0
    - Path: /var/www/XXX/htdocs/owncloud/apps/systemtags
  - updatenotification:
    - Version: 0.2.1
    - Path: /var/www/XXX/htdocs/owncloud/apps/updatenotification
Disabled:
  - calendar:
    - Path: /var/www/XXX/htdocs/owncloud/apps/calendar
  - comments:
    - Path: /var/www/XXX/htdocs/owncloud/apps/comments
  - configreport:
    - Path: /var/www/XXX/htdocs/owncloud/apps/configreport
  - contacts:
    - Path: /var/www/XXX/htdocs/owncloud/apps/contacts
  - external:
    - Path: /var/www/XXX/htdocs/owncloud/apps/external
  - files_texteditor:
    - Path: /var/www/XXX/htdocs/owncloud/apps/files_texteditor
  - files_trashbin:
    - Path: /var/www/XXX/htdocs/owncloud/apps/files_trashbin
  - firstrunwizard:
    - Path: /var/www/XXX/htdocs/owncloud/apps/firstrunwizard
  - user_external:
    - Path: /var/www/XXX/htdocs/owncloud/apps/user_external

Are you using external storage, if yes which one: NO

Are you using encryption: yes

Are you using an external user-backend, if yes which one: NO

Client configuration

Browser: Any

Operating system: Any

Logs

Nothing

d3xt3r01 avatar Mar 08 '22 15:03 d3xt3r01

Hi, are you able to access your files via the ownCloud clients? The problem occurs only in the decryption process? Are you using master-key encryption or user-key encryption?

Simi5599 avatar Apr 25 '22 16:04 Simi5599

This issue has been automatically marked as stale because it has not had recent activity. It will be closed in 10 days if no further activity occurs. Thank you for your contributions.

github-actions[bot] avatar Oct 23 '22 01:10 github-actions[bot]

This issue has been automatically closed.

github-actions[bot] avatar Nov 02 '22 01:11 github-actions[bot]