User who does not have encryption enabled seeing "Invalid private key for Encryption App. Please update your private key password in your personal settings to recover access to your encrypted files."

[posita]

I'm not sure how this happened, but a user is seeing the following message:

Invalid private key for [Encryption](https://cloud.bogosian.net/index.php/settings/personal?sectionid=encryption) App. Please update your private key password in your personal settings to recover access to your encrypted files.

The user has no idea what the old login password was, and is confident no encrypted files exist, but is perplexed how to address the warning.

I can confirm the following:

> SELECT COUNT(*) FROM oc_filecache WHERE encrypted <> 0 ;
+----------+
| COUNT(*) |
+----------+
|        0 |
+----------+
1 row in set (0.11 sec)

[posita]

Hmmm…this is unexpected. It looks like the encryption app is enabled:

> SELECT * FROM oc_appconfig WHERE appid = 'encryption';
+------------+--------------------+----------------------+
| appid      | configkey          | configvalue          |
+------------+--------------------+----------------------+
| encryption | enabled            | yes                  |
| encryption | encryptHomeStorage | 0                    |
| encryption | installed_version  | 1.5.1                |
| encryption | masterKeyId        | master_xxxxxxxx      |
| encryption | publicShareKeyId   | pubShare_xxxxxxxx    |
| encryption | recoveryKeyId      | recoveryKey_xxxxxxxx |
| encryption | types              | filesystem           |
| encryption | userSpecificKey    | 1                    |
+------------+--------------------+----------------------+
8 rows in set (0.10 sec)

Is this safe to disable without side effects given that no files in oc_filecache appear to be encrypted? Where are user keys stored and can they be safely deleted if there are no encrypted files?

[posita]

This might belong in owncloud/encryption? Possibly related to owncloud/encryption#144? I am also seeing these messages in the logs constantly for that user:

owncloud {"reqId":"…","level":2,"time":"…","remoteAddr":"…","user":"…","app":"no app in context","method":"PROPFIND","url":"\/remote.php\/dav\/files\/…\/","message":"Could not decrypt the private key from user \"…\"\" during login. Assume password change on the user back-end. Error message: Bad Signature"}

[github-actions]

This issue has been automatically marked as stale because it has not had recent activity. It will be closed in 10 days if no further activity occurs. Thank you for your contributions.

[github-actions]

This issue has been automatically closed.