You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Please use the 馃憤 reaction to show that you are affected by the same issue.
Please don't comment if you have no relevant information to add. It's just extra noise for everyone subscribed to this issue.
Subscribe to receive notifications on status change and new comments.
When encryption is enabled in both the home storage and in groupfolders and an encrypted file is moved from the home storage into a groupfolder the file is no longer decrypted when needed. That is, trying to download or open the file with a viewer in Nextcloud will show the encrypted content.
During the move the file is properly decrypted and encrypted again and the keys moved. However, the problem is that the file is marked as not encrypted in the file cache. This can be verified by manually modifying the database to set encrypted = 1 in oc_filecache for the file once moved into the groupfolder and then trying to download or view the file.
Interestingly, in the View object that triggers the move in the cache (through the cache updater) $targetStorage is a OCA\Files_Trashbin\Storage that wraps a OC\Files\Storage\Wrapper\Encryption.
I am afraid that I do not know why or how the storage used by the cache ends being a different one, but hopefully the information above is somehow useful :-)
Steps to reproduce
Enable the default encryption module (occ app:enable encryption)
encryption column in filecache is the problem, it鈥檚 1 intsead of 0. Calling encryption:fix-encrypted-version fixes it correctly.
In the Encryption wrapper, updateEncryptedVersion does get called. The content of $cacheInformation is {"encrypted":true,"encryptedVersion":1} and $isRename is true so the put is done on source storage. I tried to switch to target storage but it does not help.
How to use GitHub
When encryption is enabled in both the home storage and in groupfolders and an encrypted file is moved from the home storage into a groupfolder the file is no longer decrypted when needed. That is, trying to download or open the file with a viewer in Nextcloud will show the encrypted content.
During the move the file is properly decrypted and encrypted again and the keys moved. However, the problem is that the file is marked as not encrypted in the file cache. This can be verified by manually modifying the database to set
encrypted = 1
inoc_filecache
for the file once moved into the groupfolder and then trying to download or view the file.The file is marked as not encrypted because the storage in the
Cache
object does not have an encryption wrapper;$this->storage
is aOCA\Files_Trashbin\Storage
that wraps aOC\Files\Storage\LocalRootStorage
(so$this->hasEncryptionWrapper()
returns false).Interestingly, in the
View
object that triggers the move in the cache (through the cache updater)$targetStorage
is aOCA\Files_Trashbin\Storage
that wraps aOC\Files\Storage\Wrapper\Encryption
.I am afraid that I do not know why or how the storage used by the cache ends being a different one, but hopefully the information above is somehow useful :-)
Steps to reproduce
occ app:enable encryption
)occ config:app:set --value=yes --type string core encryption_enabled
)occ config:app:set groupfolders enable_encryption --value="true"
)Expected beaviour
The downloaded file is not encrypted
Actual behaviour
The downloaded file is encrypted
The text was updated successfully, but these errors were encountered: