encryption
encryption copied to clipboard
Published
20 hours ago •
owncloud
owncloud
keys on external storage do not get deleted on user deletion
- set up external storage
- as "user1" place a file in that storage
- check that
data/files_encryption/keys/files/<storage-name>/<file-name>/OC_DEFAULT_MODULE/user1.shareKeyexists - delete "user1"
the keys of user1 should be deleted, but user1.shareKey still exists
also:
- as "user1" place a file called "text1.txt" in the external storage
- delete "user1"
- create "user1" again
- login as "user1" to create the keys
- MOVE a file via webdav to overwrite "text1.txt" e.g.
curl -u user1:user1 http://localhost/owncloud-core/remote.php/dav/files/user1/welcome.txt -X MOVE -H "Destination: http://localhost/owncloud-core/remote.php/dav/files/user1/local_storage/test/text1.txt"
{"reqId":"Q2mbuuuWhK6iXqMxReYJ","level":4,"time":"2018-08-14T11:21:06+00:00","remoteAddr":"127.0.0.1","user":"uu1","app":"webdav","method":"MOVE","url":"\/owncloud-core\/remote.php\/dav\/files\/uu1\/textfile1.txt","message":"Exception: multikeydecrypt with share key failed:error:0906D06C:PEM routines:PEM_read_bio:no start line: {\"Exception\":\"OCA\\\\Encryption\\\\Exceptions\\\\MultiKeyDecryptException\",\"Message\":\"multikeydecrypt with share key failed:error:0906D06C:PEM routines:PEM_read_bio:no start line\",\"Code\":0,\"Trace\":\"#0 \\\/home\\\/artur\\\/www\\\/owncloud-core\\\/apps\\\/encryption\\\/lib\\\/KeyManager.php(424): OCA\\\\Encryption\\\\Crypto\\\\Crypt->multiKeyDecrypt('I\\\\xEFsgl\\\\x86\\\\xF2\\\\x97\\\\xA8\\\\f?8\\\\xE5\\\\xF2\\\\x87...', '\\\\xC8\\\\xD5m]\\\\xF2\\\\x1C\\\\x93\\\\xB9U$\\\\xCCB\\\\xB2\\\\xF0\\\\xEE...', '-----BEGIN PRIV...')\\n#1 \\\/home\\\/artur\\\/www\\\/owncloud-core\\\/apps\\\/encryption\\\/lib\\\/Crypto\\\/Encryption.php(188): OCA\\\\Encryption\\\\KeyManager->getFileKey('\\\/uu1\\\/files\\\/loca...', 'uu1')\\n#2 \\\/home\\\/artur\\\/www\\\/owncloud-core\\\/lib\\\/private\\\/Files\\\/Stream\\\/Encryption.php(258): OCA\\\\Encryption\\\\Crypto\\\\Encryption->begin('\\\/uu1\\\/files\\\/loca...', 'uu1', 'r', Array, Array, NULL)\\n#3 [internal function]: OC\\\\Files\\\\Stream\\\\Encryption->stream_open('ocencryption:\\\/\\\/', 'r', 0, NULL)\\n#4 \\\/home\\\/artur\\\/www\\\/owncloud-core\\\/lib\\\/private\\\/Files\\\/Stream\\\/Encryption.php(199): fopen('ocencryption:\\\/\\\/', 'r', false, Resource id #102)\\n#5 \\\/home\\\/artur\\\/www\\\/owncloud-core\\\/lib\\\/private\\\/Files\\\/Stream\\\/Encryption.php(181): OC\\\\Files\\\\Stream\\\\Encryption::wrapSource(Resource id #101, Resource id #102, 'ocencryption', 'OC\\\\\\\\Files\\\\\\\\Stream...', 'r')\\n#6 \\\/home\\\/artur\\\/www\\\/owncloud-core\\\/lib\\\/private\\\/Files\\\/Storage\\\/Wrapper\\\/Encryption.php(476): OC\\\\Files\\\\Stream\\\\Encryption::wrap(Resource id #101, 'test\\\/sssss.txt', '\\\/uu1\\\/files\\\/loca...', Array, 'uu1', Object(OCA\\\\Encryption\\\\Crypto\\\\Encryption), Object(OC\\\\Files\\\\Storage\\\\Wrapper\\\\PermissionsMask), Object(OC\\\\Files\\\\Storage\\\\Wrapper\\\\Encryption), Object(OC\\\\Encryption\\\\Util), Object(OC\\\\Encryption\\\\File), 'r', 8308, 15, 8192, true, NULL)\\n#7 \\\/home\\\/artur\\\/www\\\/owncloud-core\\\/lib\\\/private\\\/Files\\\/Storage\\\/Wrapper\\\/Checksum.php(58): OC\\\\Files\\\\Storage\\\\Wrapper\\\\Encryption->fopen('test\\\/sssss.txt', 'r')\\n#8 \\\/home\\\/artur\\\/www\\\/owncloud-core\\\/lib\\\/private\\\/Files\\\/Storage\\\/Wrapper\\\/Wrapper.php(294): OC\\\\Files\\\\Storage\\\\Wrapper\\\\Checksum->fopen('test\\\/sssss.txt', 'r')\\n#9 \\\/home\\\/artur\\\/www\\\/owncloud-core\\\/lib\\\/private\\\/Files\\\/Storage\\\/Wrapper\\\/Encryption.php(777): OC\\\\Files\\\\Storage\\\\Wrapper\\\\Wrapper->fopen('test\\\/sssss.txt', 'r')\\n#10 \\\/home\\\/artur\\\/www\\\/owncloud-core\\\/lib\\\/private\\\/Files\\\/Storage\\\/Wrapper\\\/Encryption.php(631): OC\\\\Files\\\\Storage\\\\Wrapper\\\\Encryption->copyBetweenStorage(Object(OCA\\\\Files_Trashbin\\\\Storage), 'test\\\/sssss.txt', 'files_trashbin\\\/...', true, true)\\n#11 \\\/home\\\/artur\\\/www\\\/owncloud-core\\\/lib\\\/private\\\/Files\\\/Storage\\\/Wrapper\\\/Wrapper.php(569): OC\\\\Files\\\\Storage\\\\Wrapper\\\\Encryption->moveFromStorage(Object(OCA\\\\Files_Trashbin\\\\Storage), 'test\\\/sssss.txt', 'files_trashbin\\\/...')\\n#12 \\\/home\\\/artur\\\/www\\\/owncloud-core\\\/lib\\\/private\\\/Files\\\/Storage\\\/Wrapper\\\/Wrapper.php(569): OC\\\\Files\\\\Storage\\\\Wrapper\\\\Wrapper->moveFromStorage(Object(OCA\\\\Files_Trashbin\\\\Storage), 'test\\\/sssss.txt', 'files_trashbin\\\/...')\\n#13 \\\/home\\\/artur\\\/www\\\/owncloud-core\\\/apps\\\/files_trashbin\\\/lib\\\/Trashbin.php(325): OC\\\\Files\\\\Storage\\\\Wrapper\\\\Wrapper->moveFromStorage(Object(OCA\\\\Files_Trashbin\\\\Storage), 'test\\\/sssss.txt', 'files_trashbin\\\/...')\\n#14 \\\/home\\\/artur\\\/www\\\/owncloud-core\\\/apps\\\/files_trashbin\\\/lib\\\/Storage.php(184): OCA\\\\Files_Trashbin\\\\Trashbin::move2trash('local_storage\\\/t...')\\n#15 \\\/home\\\/artur\\\/www\\\/owncloud-core\\\/apps\\\/files_trashbin\\\/lib\\\/Storage.php(119): OCA\\\\Files_Trashbin\\\\Storage->doDelete('test\\\/sssss.txt', 'unlink')\\n#16 \\\/home\\\/artur\\\/www\\\/owncloud-core\\\/lib\\\/private\\\/Files\\\/View.php(1182): OCA\\\\Files_Trashbin\\\\Storage->unlink('test\\\/sssss.txt')\\n#17 \\\/home\\\/artur\\\/www\\\/owncloud-core\\\/lib\\\/private\\\/Files\\\/View.php(733): OC\\\\Files\\\\View->basicOperation('unlink', '\\\/local_storage\\\/...', Array)\\n#18 \\\/home\\\/artur\\\/www\\\/owncloud-core\\\/lib\\\/public\\\/Events\\\/EventEmitterTrait.php(50): OC\\\\Files\\\\View->OC\\\\Files\\\\{closure}(Array)\\n#19 \\\/home\\\/artur\\\/www\\\/owncloud-core\\\/lib\\\/private\\\/Files\\\/View.php(744): OC\\\\Files\\\\View->emittingCall(Object(Closure), Array, 'file', 'delete')\\n#20 \\\/home\\\/artur\\\/www\\\/owncloud-core\\\/apps\\\/dav\\\/lib\\\/Connector\\\/Sabre\\\/File.php(407): OC\\\\Files\\\\View->unlink('\\\/local_storage\\\/...')\\n#21 \\\/home\\\/artur\\\/www\\\/owncloud-core\\\/lib\\\/composer\\\/sabre\\\/dav\\\/lib\\\/DAV\\\/Tree.php(179): OCA\\\\DAV\\\\Connector\\\\Sabre\\\\File->delete()\\n#22 \\\/home\\\/artur\\\/www\\\/owncloud-core\\\/lib\\\/composer\\\/sabre\\\/dav\\\/lib\\\/DAV\\\/CorePlugin.php(637): Sabre\\\\DAV\\\\Tree->delete('files\\\/uu1\\\/local...')\\n#23 [internal function]: Sabre\\\\DAV\\\\CorePlugin->httpMove(Object(Sabre\\\\HTTP\\\\Request), Object(Sabre\\\\HTTP\\\\Response))\\n#24 \\\/home\\\/artur\\\/www\\\/owncloud-core\\\/lib\\\/composer\\\/sabre\\\/event\\\/lib\\\/EventEmitterTrait.php(105): call_user_func_array(Array, Array)\\n#25 \\\/home\\\/artur\\\/www\\\/owncloud-core\\\/lib\\\/composer\\\/sabre\\\/dav\\\/lib\\\/DAV\\\/Server.php(479): Sabre\\\\Event\\\\EventEmitter->emit('method:MOVE', Array)\\n#26 \\\/home\\\/artur\\\/www\\\/owncloud-core\\\/lib\\\/composer\\\/sabre\\\/dav\\\/lib\\\/DAV\\\/Server.php(254): Sabre\\\\DAV\\\\Server->invokeMethod(Object(Sabre\\\\HTTP\\\\Request), Object(Sabre\\\\HTTP\\\\Response))\\n#27 \\\/home\\\/artur\\\/www\\\/owncloud-core\\\/apps\\\/dav\\\/lib\\\/Server.php(295): Sabre\\\\DAV\\\\Server->exec()\\n#28 \\\/home\\\/artur\\\/www\\\/owncloud-core\\\/apps\\\/dav\\\/appinfo\\\/v2\\\/remote.php(31): OCA\\\\DAV\\\\Server->exec()\\n#29 \\\/home\\\/artur\\\/www\\\/owncloud-core\\\/remote.php(175): require_once('\\\/home\\\/artur\\\/www...')\\n#30 {main}\",\"File\":\"\\\/home\\\/artur\\\/www\\\/owncloud-core\\\/apps\\\/encryption\\\/lib\\\/Crypto\\\/Crypt.php\",\"Line\":653}"}
It might depend on external storage type.
If the external storage was mounted as personal storage for the user, the storage will get deleted so I'd expect that the matching keys would get deleted too. Hmmmm, but I don't remember any hooks related to storage deletion.
Seems I've reported this in the past https://github.com/owncloud/core/issues/11175 and the former maintainer closed it.
Tagged as bug that we need to look into at some point as I think we should clean up stray stuff.
