nextcloud / end_to_end_encryption

:closed_lock_with_key: Server API to support End-to-End Encryption
https://apps.nextcloud.com/apps/end_to_end_encryption
GNU Affero General Public License v3.0
276 stars 34 forks source link

E2EE files no longer accessible because "encryption information is missing" #802

Open Nothing4You opened 1 month ago

Nothing4You commented 1 month ago

How to use GitHub

Steps to reproduce

  1. Try to synchronize existing e2ee files using Nextcloud Desktop (tested on Windows and macOS)

Expected behaviour

Files should be available

Actual behaviour

Client reports File path/to/file cannot be downloaded because encryption information is missing..

Server configuration

Operating system: Debian 12

Web server: Apache

Database: MySQL

PHP version: 8.2.24

Nextcloud version: Nextcloud Hub 9 (30.0.1)

Updated from an older Nextcloud/ownCloud or fresh install: updated plenty of times since the original installation, not sure when exactly this started popping up

Where did you install Nextcloud from: nextcloud.com

Signing status: No errors have been found.

Signing status ``` No errors have been found. ```

List of activated apps:

end_to_end_encryption: 1.16.1

Nextcloud configuration:

Config report ``` { "system": { "instanceid": "***REMOVED SENSITIVE VALUE***", "passwordsalt": "***REMOVED SENSITIVE VALUE***", "secret": "***REMOVED SENSITIVE VALUE***", "trusted_domains": [ "***REMOVED SENSITIVE VALUE***" ], "datadirectory": "***REMOVED SENSITIVE VALUE***", "dbtype": "mysql", "version": "30.0.1.2", "overwrite.cli.url": "https:\/\/***REMOVED SENSITIVE VALUE***", "htaccess.RewriteBase": "\/", "dbname": "***REMOVED SENSITIVE VALUE***", "dbhost": "***REMOVED SENSITIVE VALUE***", "dbport": "", "dbtableprefix": "***REMOVED SENSITIVE VALUE***", "mysql.utf8mb4": true, "dbuser": "***REMOVED SENSITIVE VALUE***", "dbpassword": "***REMOVED SENSITIVE VALUE***", "installed": true, "mail_from_address": "***REMOVED SENSITIVE VALUE***", "mail_smtpmode": "smtp", "mail_sendmailmode": "smtp", "mail_domain": "***REMOVED SENSITIVE VALUE***", "mail_smtpsecure": "ssl", "mail_smtpauthtype": "PLAIN", "mail_smtpauth": 1, "mail_smtphost": "***REMOVED SENSITIVE VALUE***", "mail_smtpname": "***REMOVED SENSITIVE VALUE***", "mail_smtppassword": "***REMOVED SENSITIVE VALUE***", "mail_smtpport": "465", "twofactor_enforced": "true", "twofactor_enforced_groups": [ "admin" ], "twofactor_enforced_excluded_groups": [], "trusted_proxies": "***REMOVED SENSITIVE VALUE***", "overwriteprotocol": "https", "maintenance": false, "theme": "", "loglevel": 2, "updater.release.channel": "stable", "app_install_overwrite": [ "twofactor_webauthn" ], "default_phone_region": "DE", "maintenance_window_start": 1 } } ```

Are you using external storage, if yes which one: local

Are you using encryption: yes (e2ee, not server side)

Are you using an external user-backend, if yes which one: no

Client configuration

Browser: N/A

Operating system: Windows 10, macOS 14.7

Logs

Web server error log

No errors logged

Nextcloud log (data/nextcloud.log)

Nextcloud log ``` {"reqId":"Fh3a8NHUqgPdyQD61Fg7","level":3,"time":"2024-10-21T01:15:26+00:00","remoteAddr":"***REMOVED SENSITIVE VALUE***","user":"myusername","app":"no app in context","method":"GET","url":"/ocs/v2.php/apps/end_to_end_encryption/api/v2/meta-data/23373?format=json","message":"/appdata_randomstring/end_to_end_encryption/meta-data/23373/meta.data.signature","userAgent":"Mozilla/5.0 (Macintosh) mirall/3.14.1daily (Nextcloud, macos-23.6.0 ClientArchitecture: arm64 OsArchitecture: arm64)","version":"30.0.1.2","exception":{"Exception":"OCP\\Files\\NotFoundException","Message":"/appdata_randomstring/end_to_end_encryption/meta-data/23373/meta.data.signature","Code":0,"Trace":[{"file":"/path/to/nextcloud-install/lib/private/Files/Node/Folder.php","line":114,"function":"get","class":"OC\\Files\\Node\\Root","type":"->"},{"file":"/path/to/nextcloud-install/lib/private/Files/SimpleFS/SimpleFolder.php","line":56,"function":"get","class":"OC\\Files\\Node\\Folder","type":"->"},{"file":"/path/to/nextcloud-install/apps/end_to_end_encryption/lib/MetaDataStorage.php","line":239,"function":"getFile","class":"OC\\Files\\SimpleFS\\SimpleFolder","type":"->"},{"file":"/path/to/nextcloud-install/apps/end_to_end_encryption/lib/Controller/MetaDataController.php","line":103,"function":"readSignature","class":"OCA\\EndToEndEncryption\\MetaDataStorage","type":"->"},{"file":"/path/to/nextcloud-install/lib/private/AppFramework/Http/Dispatcher.php","line":208,"function":"getMetaData","class":"OCA\\EndToEndEncryption\\Controller\\MetaDataController","type":"->"},{"file":"/path/to/nextcloud-install/lib/private/AppFramework/Http/Dispatcher.php","line":114,"function":"executeController","class":"OC\\AppFramework\\Http\\Dispatcher","type":"->"},{"file":"/path/to/nextcloud-install/lib/private/AppFramework/App.php","line":161,"function":"dispatch","class":"OC\\AppFramework\\Http\\Dispatcher","type":"->"},{"file":"/path/to/nextcloud-install/lib/private/Route/Router.php","line":302,"function":"main","class":"OC\\AppFramework\\App","type":"::"},{"file":"/path/to/nextcloud-install/ocs/v1.php","line":43,"function":"match","class":"OC\\Route\\Router","type":"->"},{"file":"/path/to/nextcloud-install/ocs/v2.php","line":7,"args":["/path/to/nextcloud-install/ocs/v1.php"],"function":"require_once"}],"File":"/path/to/nextcloud-install/lib/private/Files/Node/Root.php","Line":187,"message":"/appdata_randomstring/end_to_end_encryption/meta-data/23373/meta.data.signature","exception":{},"CustomMessage":"/appdata_randomstring/end_to_end_encryption/meta-data/23373/meta.data.signature"}} {"reqId":"RbbGrGicIgKTz92DDqGj","level":3,"time":"2024-10-21T01:15:26+00:00","remoteAddr":"***REMOVED SENSITIVE VALUE***","user":"myusername","app":"no app in context","method":"GET","url":"/ocs/v2.php/apps/end_to_end_encryption/api/v2/meta-data/23399?format=json","message":"/appdata_randomstring/end_to_end_encryption/meta-data/23399/meta.data.signature","userAgent":"Mozilla/5.0 (Macintosh) mirall/3.14.1daily (Nextcloud, macos-23.6.0 ClientArchitecture: arm64 OsArchitecture: arm64)","version":"30.0.1.2","exception":{"Exception":"OCP\\Files\\NotFoundException","Message":"/appdata_randomstring/end_to_end_encryption/meta-data/23399/meta.data.signature","Code":0,"Trace":[{"file":"/path/to/nextcloud-install/lib/private/Files/Node/Folder.php","line":114,"function":"get","class":"OC\\Files\\Node\\Root","type":"->"},{"file":"/path/to/nextcloud-install/lib/private/Files/SimpleFS/SimpleFolder.php","line":56,"function":"get","class":"OC\\Files\\Node\\Folder","type":"->"},{"file":"/path/to/nextcloud-install/apps/end_to_end_encryption/lib/MetaDataStorage.php","line":239,"function":"getFile","class":"OC\\Files\\SimpleFS\\SimpleFolder","type":"->"},{"file":"/path/to/nextcloud-install/apps/end_to_end_encryption/lib/Controller/MetaDataController.php","line":103,"function":"readSignature","class":"OCA\\EndToEndEncryption\\MetaDataStorage","type":"->"},{"file":"/path/to/nextcloud-install/lib/private/AppFramework/Http/Dispatcher.php","line":208,"function":"getMetaData","class":"OCA\\EndToEndEncryption\\Controller\\MetaDataController","type":"->"},{"file":"/path/to/nextcloud-install/lib/private/AppFramework/Http/Dispatcher.php","line":114,"function":"executeController","class":"OC\\AppFramework\\Http\\Dispatcher","type":"->"},{"file":"/path/to/nextcloud-install/lib/private/AppFramework/App.php","line":161,"function":"dispatch","class":"OC\\AppFramework\\Http\\Dispatcher","type":"->"},{"file":"/path/to/nextcloud-install/lib/private/Route/Router.php","line":302,"function":"main","class":"OC\\AppFramework\\App","type":"::"},{"file":"/path/to/nextcloud-install/ocs/v1.php","line":43,"function":"match","class":"OC\\Route\\Router","type":"->"},{"file":"/path/to/nextcloud-install/ocs/v2.php","line":7,"args":["/path/to/nextcloud-install/ocs/v1.php"],"function":"require_once"}],"File":"/path/to/nextcloud-install/lib/private/Files/Node/Root.php","Line":187,"message":"/appdata_randomstring/end_to_end_encryption/meta-data/23399/meta.data.signature","exception":{},"CustomMessage":"/appdata_randomstring/end_to_end_encryption/meta-data/23399/meta.data.signature"}} ```

Browser log

N/A

More information

Both folders only contain a meta.data file, no meta.data.signature file.

Both meta.data files look like this:

{
    "files": {
        // ...
    },
    "metadata": {
        "checksum": "...",
        "metadataKey": "...",
        "version": 1.1
    }
}
joshtrichards commented 2 weeks ago
    "version": 1.1

This looks weird. I think only 1 / 1.2 / 2.0 are valid values.

Are these particularly old files?

Any idea what client and client version last successfully modified/accessed these files?

Nothing4You commented 2 weeks ago

Unfortunately I don't know what time they were last successfully accessed or which client version it was on. These files have mostly been sitting there for archival purposes and I recently attempted to upload new files to the folders.

Last modified on the filesystem for both meta.data files shows 19th of August, 2023.

joshtrichards commented 2 weeks ago

You can try adjusting (adding a check for 1.1 here like the other versions) to see if they open since they won't have a signature file anyway (that's what this bit of code is for handling):

https://github.com/nextcloud/end_to_end_encryption/blob/b887f3c12467be8bd095c4703f84080fc29f53b8/lib/MetaDataStorage.php#L224-L238