Cannot decrypt this file, probably this is a shared file. [NC 27.0.2 + SSE]

[Dominion0815]

Describe the bug Opening an existing docx file from NC26 fails with server-side encryption enabled. Error message says it could not be decrypted and I should request the share to be reshared.

To Reproduce Steps to reproduce the behavior:

1. Update NC from 26 to 27.0.2 (docker)
2. Open an existing document from NC 26
3. see logfile

Expected behavior It should open the file fine.

Screenshots If applicable, add screenshots to help explain your problem.

Client details:

• OS: [e.g. iOS]
• Browser [e.g. chrome, safari]
• Version [e.g. 22]
• Device: [e.g. iPhone6, desktop]

Server details

Docker version 24.0.6, build ed223bc

Nextcloud version: 27.0.2

Version of the richdocuments app: 8.2.0

Version of Collabora Online: image: collabora/code:latest

Nextcloud log (data/nextcloud.log)

WOPI getFile fails with Cannot decrypt this file, probably this is a shared file. Please ask the file owner to reshare the file with you

What I see is that the encryption keys have new timestamp and "fileKey" is missing. https://github.com/nextcloud/richdocuments/issues/2996#issuecomment-1721734888

[grutzifix]

I can reproduce this behaviour.

To reproduce Steps to reproduce the behavior:

Update NC from 26 to 27.0.2 (docker) Open an existing document from NC 26 (in my case a .odt file) see logfile

Expected behavior It should open the file fine.

Server details

AIO Version Nextcloud AIO v7.1.1 Docker version 24.0.6,

Nextcloud version: 27.0.2

Server-side encryption: enabled

Version of the richdocuments app: 8.2.0

Version of Collabora Online: image: collabora/code:latest

Nextcloud log (data/nextcloud.log)

"[no app in context] Fehler: Cannot decrypt this file, probably this is a shared file. Please ask the file owner to reshare the file with you.

GET /index.php/apps/richdocuments/wopi/files/6709_ocx30y9ndlc7/contents?access_token=lTOZKxyip57rfwYOLhkflnpc4QcXtCBw&access_token_ttl=1694887769000"

[YoannPa]

I have the same issue after upgrading to Nextcloud 27.0.2 I wrote a temporary first draft of a protocol to solve the issue (but this doesn't address the bug introduced in the first place). https://github.com/nextcloud/richdocuments/issues/2996#issuecomment-1722392044

[Dominion0815]

isn't it enough to get the keys from the backup? decryption is no longer possible if the key no longer fits.

[YoannPa]

@Dominion0815 I think it is probably enough yes. In my case I have several backups for users' files : 2 of them have been updated since the problem happened (I can't stop the backup for too long unfortunately) so the keys have been updated in the backups too. And a 3rd backup that is a bit older... which does not contain the files recently created, before the upgrade. So restoring the keys only is not really a possibility anymore in my case. It also mean digging into user's files, which I don't want.

Here I just update the keys by re-uploading everything. Which isn't the best option (as it erases the links a user generated to share his files... and also mean re-uploading ALL the files). If there is a simpler solution, I am absolutely open to it.

[YoannPa]

@Dominion0815 it seems that the bug solves itself with the Nextcloud version upgrade to Nextcloud 27.1.1. Could you, or anyone else reading this, confirm it is the case, please ?

[Dominion0815]

it's running, no complaints so far

[wynnchel]

Can't confirm. Running 27.1.1. But I'd happily provide needed information.

[YoannPa]

@wynnchel if you have some .docx, .xlsx, .pptx, .odt, .ods or .odp files stored on a Nextcloud account, which have been stored on your Nextcloud server before the upgrade to 27.0.2, then it would be interesting to see if, after the next upgrade to 27.1.1, these files open correctly in Nextcloud Office Collabora. It is now the case on my nextcloud server. But if someone else could confirm this that would be great :) .