Corrupted File

Paul Richard Ramer free10pro at
Thu Mar 18 05:48:36 CET 2010

Hash: SHA256

Hello James,

On Mon, 15 Mar 2010 18:02:41 -0700 (PDT) James Board wrote:
> I have a fairly large file (about 10 mbytes) that was corrupted on 
disk.  About 5-10 pages of the file (4096-byte blocks) were lost and
set to zero.  The file is a PGP encryption of a another file which
is a 'tar' file of other smaller ASCII text files.
> I would like to decrypt as much of this file as possible.  I know 
with several blank pages, I can never fully recover the file.  However,
most of the data is still legitimate.  Is it possible to recover it
with the gpg tools?  To this point, I had been using the older PGP 5.0
version, but I can try gpg if it can decrypt most of the file.

Have you tried decrypting the file with either PGP or GnuPG?  Also,
where in the file is the corruption?

If the head of the file is corrupted, then you won't get your data back.
 The reason why is that with an OpenPGP message the file is encrypted
with a symmetric encryption key (a.k.a. session key), and then the
symmetric key is encrypted with the recipient's asymmetric encryption
key (a.k.a. public key) and stored in a "packet" inside the encrypted
file.  This packet precedes the data packet, which contains the
encrypted data.

An OpenPGP message would look something like this:

| Various packets, including | <--- Without this ...
|    session key packet      |
|                            |
|       Data packet          | <--- ... you can't decrypt that.
|                            |

However, if only the data packet is damaged, you may be able to get some
of the data back.  I experimented with this by using a tar file of a few
ASCII files in order to simulate your situation.  I corrupted the
beginning of the file, and gpg couldn't recognize it as an OpenPGP
message.  Then I tried corrupting some of the end of the file, and I
could successfully decrypt and extract the text files from the tar file.
 Out of four text files in the tar file, three were good and the last
was damaged too badly to understand what its original content was.

Restoring from a backup would be best, if you have one.  Also, if
anything that I said was unclear to you, just let me know.

- -Paul

- --
New Windows 7: Double the DRM, Double the fun! Learn more:

| PGP Key ID: 0x3DB6D884                                              |
| PGP Fingerprint: EBA7 88B3 6D98 2D4A E045  A9F7 C7C6 6ADF 3DB6 D884 |
Version: GnuPG v1.4.10 (GNU/Linux)


More information about the Gnupg-users mailing list