[NC 20+] Legacy encryption - mitigation and documentation thereof

[Kuphi]

With Nextcloud 20, the term "Legacy encryption" was introduced. The documentation does say little about what legacy encryption is: https://docs.nextcloud.com/server/20/admin_manual/configuration_files/encryption_migration.html
I found another document, which gives hints about what could be meant: https://eprint.iacr.org/2020/1439.pdf

I run the command
occ encryption:scan:legacy-format
with output similar to this:
sudo -u www-data php /var/www/nextcloud/occ encryption:scan:legacy-format Scanning all files for legacy encryption Scanning all files for username /username/files_trashbin/files/file1.odt.d1592989576 does not have a proper header /username/files_trashbin/versions/folder1/file2.xls.v1585723230 does not have a proper header /username/files_versions/folder2/file3.xls.v1189677150 does not have a proper header

Now I got some files with inproper headers. Does my nextcloud still use legacy encryption for all files or does it use a more secure encryption? What are the differences?

When running occ encryption I also encountered a new command:
Command "encryption" is not defined.
Did you mean one of these?
encryption:change-key-storage-root
encryption:decrypt-all
encryption:disable
encryption:disable-master-key
encryption:enable
encryption:enable-master-key
encryption:encrypt-all
encryption:list-modules
encryption:migrate-key-storage-format
encryption:recover-user
encryption:scan:legacy-format
encryption:set-default-module
encryption:show-key-storage-root
encryption:status

There is no documentation about encryption:migrate-key-storage-format but an excerpt from the file /nextcloud/core/Command/Encryption/MigrateKeyStorage.php - https://fossies.org/linux/nextcloud/core/Command/Encryption/MigrateKeyStorage.php
75 ->setName('encryption:migrate-key-storage-format') 76 ->setDescription('Migrate the format of the keystorage to a newer format')

Am I supposed to use this command? I have key-type: user keys ( https://docs.nextcloud.com/server/20/admin_manual/configuration_files/encryption_details.html#key-type-user-key )
Will I still be able to use user keys after running this command, and is it save to run it?

My feature request is: please answer this questions and update the documentation of nextcloud.
Thank you very much for maintaining nextcloud! :)

[Kuphi]

For the documentation record:
The command encryption:migrate-key-storage-format can not be run successfully, when your nextcloud is in maintenance mode.
user@server:/home/user# sudo -u www-data php /var/www/nextcloud/occ encryption:migrate-key-storage-format Nextcloud is in maintenance mode - no apps have been loaded Updating key storage format Start to update the keys: 4 [----->----------------------] In Manager.php line 187: Module with ID: OC_DEFAULT_MODULE does not exist. encryption:migrate-key-storage-format
You have to turn off maintenance mode first:
sudo -u www-data php /var/www/nextcloud/occ maintenance:mode --off
then it runs smoothly, but without any notice before start. Does it not bear any risks?:

user@server:/home/user# sudo -u www-data php /var/www/nextcloud/occ encryption:list-modules
OC_DEFAULT_MODULE: Default encryption module [default*]

user@server:/home/user# sudo -u www-data php /var/www/nextcloud/occ encryption:migrate-key-storage-format
Updating key storage format
Start to update the keys:
20 [============================]Key storage format successfully updated

After the migration, occ encryption:scan:legacy-format does still output the same files as "does not have a proper header". Am I supposed to delete those files? Can I simply rm them and then do occ files:scan? (All my files with inproper header are either in the trashbin or in the folder files_versions.

[mark-orion]

Please someone explain what these "...does not have a proper header" error messages mean and how they can be fixed.

[leblitzdick]

Please someone explain what these "...does not have a proper header" error messages mean and how they can be fixed.

I also have the same question, can i set "encryption.legacy_format_support" to false without any problems?

[BenedictBauerHHN]

I have the same output on occ encryption:scan:legacy-format of course to other files then the OP. Could it lead to problems if I set encryption.legacy_format_support to false?

[developerrespig]

I would also be interested in some more information about that issue from an official side. Besides of that I just had a look into the legacy format scanner where this message is originating from (you can find the source code of that checker here: https://github.com/nextcloud/server/blob/1448b7c923d079c9616f87df3ffa52a4656ac6cc/apps/encryption/lib/Command/ScanLegacyFormat.php (I guess)).

With my limited php skills I guess it looks like these messages mean, that the check failed (because the private method returns false and the expected "All scanned files are properly encrypted. You can disable the legacy compatibility mode." doesn't get rendered). Question for me would be now: What to do about them? As far as I have seen them on my end they are only related to file versions or trash bins. But for now I just leave that configurational entry in the config.php and I guess you should do the same until someone says something different...

Hope to have something official here soon fingers crossed

[Kuphi]

Can we get a comment regarding this issue?

After upgrading to NC 20.0.3, it does anew complain about old server side encryption format. I thought I already resolved this?

"Das alte serverseitige Verschlüsselungsformat ist aktiviert. Wir empfehlen, es zu deaktivieren. Für weitere Einzelheiten sehe bitte in die Dokumentation."

[eckeSolutions]

In many instances the problem are old versions of files that are a few months old or even years.
Cleaning those versions with "occ versions:cleanup" removed all does “not have a proper header” errors for me.
Proceed with care!!! Might delete necessary file versions!!!
running "occ encryption:scan:legacy-format" after that tells me it is save do set encryption.legacy_format_support to false

This is not a general solution, but should work for some people with this problem (if “/versions/” is included in the file urls).
A solution to set the proper header would be nice though.

[Kuphi]

In many instances the problem are old versions of files that are a few months old or even years.
Cleaning those versions with "occ versions:cleanup" removed all does “not have a proper header” errors for me.
Proceed with care!!! Might delete necessary file versions!!!
running "occ encryption:scan:legacy-format" after that tells me it is save do set encryption.legacy_format_support to false

This is not a general solution, but should work for some people with this problem (if “/versions/” is included in the file urls).
A solution to set the proper header would be nice though.

Proceed with care? "occ versions:cleanup" does delete ALL previous versions of all files. This is only a solution if you do not need any previous versions at all.

[eckeSolutions]

Proceed with care? "occ versions:cleanup" does delete ALL previous versions of all files. This is only a solution if you do not need any previous versions at all.

Yes, that’s why I added 3 exclamation marks. In my instance it was no problem. And to be on the save side I have daily backups of everything.

[DPTJKKVH]

It is really sad that nobody of the team even acknowledges that encryption:migrate-key-storage-format is undocumented and elaborates in a few words what it does and if we should do it after disabling legacy encryption.

Also @developerrespig seems to be correct. I removed the bad header files manually, ran the check, got the "you can disbale legacy encryption" message and did just that.

I see neither issues nor changes so far which is good. But it drives me nuts that I don't see the point and don't know if we should migrate the storage format because it seems to be security related.

@schiessle @rullzer @nickvergessen can you please explain if we should run encryption:migrate-key-storage-format or not after disabling legacy encryption, even if you don't feel to explain it any further? Just a YES or NO is sufficient for the time being.

Many thanks in advance!

[thomwiggers]

I don't think encryption:migrate-key-storage-format solves this problem. There doesn't seem to be any migration option if I look in the source code of the Encryption module.