Occ encryption:decrypt-all, error multikeydecrypt with share key failed:error:04065072:rsa routines:rsa_ossl_private_decrypt:padding check failed

encryption

#1

Steps to reproduce

  1. sudo -u www-data php /var/www/owncloud/occ maintenance:singleuser --on
  2. sudo -u www-data php occ encryption:decrypt-all --method recovery

Expected behaviour

should decrypt all files of all users and disable encryption

Actual behaviour

some files with error:
multikeydecrypt with share key failed:error:04065072:rsa routines:rsa_ossl_private_decrypt:padding check failed

Server configuration

Ubuntu 18.04

Web server:
Apache 2.4.29

Database:
MySQL 5.7.25

PHP version:
7.2.15

ownCloud version: (see ownCloud admin page)
10.1.0

Updated from an older ownCloud or fresh install:
Updated from 9.1.6

Where did you install ownCloud from:
tar

The content of config/config.php:

$CONFIG = array (
‘instanceid’ => ‘CUT’,
‘passwordsalt’ => ‘CUT’,
‘secret’ => ‘CUT’,
‘trusted_domains’ =>
array (
0 => ‘CUT’,
1 => ‘CUT’,
2 => ‘CUT’,
3 => ‘CUT’,
),
‘datadirectory’ => ‘/var/www/owncloud/data’,
‘overwrite.cli.url’ => ‘CUT’,
‘dbtype’ => ‘mysql’,
‘version’ => ‘10.1.0.4’,
‘dbname’ => ‘owncloud’,
‘dbhost’ => ‘localhost’,
‘dbtableprefix’ => ‘oc_’,
‘dbuser’ => ‘owncloud’,
‘dbpassword’ => ‘CUT’,
‘logtimezone’ => ‘UTC’,
‘installed’ => true,
‘integrity.check.disabled’ => false,
‘mail_from_address’ => ‘CUT’,
‘mail_smtpmode’ => ‘smtp’,
‘mail_domain’ => ‘CUT’,
‘memcache.local’ => ‘\OC\Memcache\Redis’,
‘filelocking.enabled’ => ‘true’,
‘memcache.distributed’ => ‘\OC\Memcache\Redis’,
‘memcache.locking’ => ‘\OC\Memcache\Redis’,
‘redis’ =>
array (
‘host’ => ‘localhost’,
‘port’ => 6379,
‘timeout’ => 0,
‘dbindex’ => 0,
),
‘trusted_proxies’ =>
array (
0 => ‘CUT’,
1 => ‘CUT’,
),
‘ldapIgnoreNamingRules’ => false,
‘mail_smtphost’ => ‘CUT’,
‘mail_smtpport’ => ‘25’,
‘loglevel’ => 0,
‘appstore.experimental.enabled’ => true,
‘maintenance’ => false,
‘updatechecker’ => false,
‘singleuser’ => true,

List of activated apps:
Enabled:

  • comments: 0.3.0
  • configreport: 0.1.1
  • dav: 0.4.0
  • encryption: 1.3.0
  • federatedfilesharing: 0.3.0
  • federation: 0.1.0
  • files: 1.5.1
  • files_external: 0.7.1
  • files_pdfviewer: 0.10.0
  • files_sharing: 0.11.0
  • files_texteditor: 2.3.0
  • files_versions: 1.3.0
  • files_videoplayer: 0.9.8
  • impersonate: 0.5.0
  • market: 0.4.0
  • notes: 2.0.4
  • notifications: 0.4.1
  • provisioning_api: 0.5.0
  • qownnotesapi: 19.1.0
  • systemtags: 0.3.0
  • templateeditor: 0.4.0
  • updatenotification: 0.2.1
  • user_ldap: 0.13.0
    Disabled:
  • announcementcenter
  • external
  • files_trashbin
  • firstrunwizard
  • user_external

Are you using encryption:
yes

Are you using an external user-backend, if yes which one:
LDAP