You are not logged in.
- Topics: Active | Unanswered
#1 2023-09-20 14:23:37
- Rstng
- Member
- Registered: 2023-09-20
- Posts: 2
restoring tgz-archive after gnupg --clearsign
If you sign a binary file using --clearsign, the file becomes damaged, is it possible to recover the file in this case? I noticed that gnupg removes the '\x09' byte, has anyone encountered this? Thank you for your attention, have a nice day!
Offline
#2 2023-09-20 17:24:46
- mpan
- Member
- Registered: 2012-08-01
- Posts: 1,600
- Website
Re: restoring tgz-archive after gnupg --clearsign
In general the answer is: no.
Clartext signatures operate under the assumption, that the signed data is text. Under that assumption signing may apply modifications, which would not affect meaning of text, but are destructive to other data. Most notably, as gpg --clear-sign documentation notes, “may modify end-of-line whitespace.”
From theoretical perspective — and this is mostly academic — one might try to undo the operation by locating possible changes and trying each possible set of substitutions. But the number of cases to try grows exponentially with the number of changes and such an attempt quickly becomes unfeasible. One might get lucky with some data formats, where such changes would be rare, but unfortunately the very definition of data compression guarantees they will be frequent⁽¹⁾ in gzip. And then comes the problem of discriminating between corrupted and valid data. As long as gzip succeeds in only one of the possible cases, the answer is clear. But as the number of cases grows, this becomes ugly.
____
⁽¹⁾ On average once per 256 octets for a single type of substitution.
Paperclips in avatars? | Sometimes I seem a bit harsh — don’t get offended too easily!
Offline
#3 2023-09-20 17:48:32
- Rstng
- Member
- Registered: 2023-09-20
- Posts: 2
Re: restoring tgz-archive after gnupg --clearsign
As expected, but thanks anyway. Maybe in the future there will be enough computing power 
Offline
#4 2023-09-20 21:02:22
- mpan
- Member
- Registered: 2012-08-01
- Posts: 1,600
- Website
Re: restoring tgz-archive after gnupg --clearsign
My goal was to indicate, that the “no” from the beginning is not absolute. Recovery is not strictly impossible. It is just unfeasible in the overwhelming majority of cases.
It was not my goal to suggest, that there ever be such a possibility for the general case. There might exist some shortcuts.⁽¹⁾ But other than that the limitation is not merely computing power. While performance of current computers limits performance, the actual hard limit are energy requirements. Exponential growth at this scale means that we quickly move from running a PC for weeks, through running a huge datacenter, through sinking half of yearly energy production on this planet, to consuming entire observable universe.
____
⁽¹⁾ For example: gzip can’t decode arbitrary input; there is some relationship between the kind of compresed data and what he compressed stream contains.
Paperclips in avatars? | Sometimes I seem a bit harsh — don’t get offended too easily!
Offline