Corrupted File

Paul Richard Ramer free10pro at gmail.com
Thu Mar 18 05:48:36 CET 2010 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Hello James,

On Mon, 15 Mar 2010 18:02:41 -0700 (PDT) James Board wrote:
> I have a fairly large file (about 10 mbytes) that was corrupted on 
disk.  About 5-10 pages of the file (4096-byte blocks) were lost and
set to zero.  The file is a PGP encryption of a another file which
is a 'tar' file of other smaller ASCII text files.
> 
> I would like to decrypt as much of this file as possible.  I know 
with several blank pages, I can never fully recover the file.  However,
most of the data is still legitimate.  Is it possible to recover it
with the gpg tools?  To this point, I had been using the older PGP 5.0
version, but I can try gpg if it can decrypt most of the file.

Have you tried decrypting the file with either PGP or GnuPG?  Also,
where in the file is the corruption?

If the head of the file is corrupted, then you won't get your data back.
 The reason why is that with an OpenPGP message the file is encrypted
with a symmetric encryption key (a.k.a. session key), and then the
symmetric key is encrypted with the recipient's asymmetric encryption
key (a.k.a. public key) and stored in a "packet" inside the encrypted
file.  This packet precedes the data packet, which contains the
encrypted data.

An OpenPGP message would look something like this:

+----------------------------+
| Various packets, including | <--- Without this ...
|    session key packet      |
+----------------------------+
|                            |
|       Data packet          | <--- ... you can't decrypt that.
|                            |
+----------------------------+

However, if only the data packet is damaged, you may be able to get some
of the data back.  I experimented with this by using a tar file of a few
ASCII files in order to simulate your situation.  I corrupted the
beginning of the file, and gpg couldn't recognize it as an OpenPGP
message.  Then I tried corrupting some of the end of the file, and I
could successfully decrypt and extract the text files from the tar file.
 Out of four text files in the tar file, three were good and the last
was damaged too badly to understand what its original content was.

Restoring from a backup would be best, if you have one.  Also, if
anything that I said was unclear to you, just let me know.


- -Paul

- --
New Windows 7: Double the DRM, Double the fun! Learn more:
<http://windows7sins.org>

+---------------------------------------------------------------------+
| PGP Key ID: 0x3DB6D884                                              |
| PGP Fingerprint: EBA7 88B3 6D98 2D4A E045  A9F7 C7C6 6ADF 3DB6 D884 |
+---------------------------------------------------------------------+
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iQGcBAEBCAAGBQJLobCPAAoJEJhBiuhgbQLI3QYL/0EWtWOc/0AC01jOD/uEW27O
8CJkSM0qJaDQQB+oCUeDsPUIWcX6si2v90+dpFvl7ecMi0x/aizSdVjWC9Pd6/u2
X+JWKsHw/2OKG7yKcgpozwSwdOP8fi1FjGkcKllnWrYbT0GC3G0ewCxidqs5aG4p
zsojJ6pmkfqlHdw5HYreJlmBS8MGujDy48Z5hY5xhgbDboTbZoSdyWarQfOODLYR
9zYh8bOKv8oDjCMcoQuexfwxAOn9y8YdxTiunqAcW026NfZ32d4C3X0xjYCAzja8
DkGzuKtipreEG1amKG0JO44TY8hb/6/BkGNQAl4BwonGgWXEWbiWCe7OJdq77FEJ
GE3wdG3T7cgi6P6TuafUm3OOL36Ay9xwBe901OfM5qW/yH9QoIJ9+5y2Ibi9fiqF
JISIA3XFC40bvybizLV7kU1YP52g+g0H8QDbuv97Ssxg27MHUE8cuQT2LzOEnbQN
/NSG2W3a/Y4FmaFDr5GZrQVLk3Rt52zu9Gz+RR824A==
=eLxS
-----END PGP SIGNATURE-----

More information about the Gnupg-users mailing list