I have just tested RsynCrypto version 1.12 (on WinXP) for this issue (see email below).
Rsyncrypto indeed works with a tmp file now. After the error message is generated, rsyncrypto bails out, leaving my original file intact. But it also leaves the tmp file on my disc. Would it be possible to delete it ?
Another thing I noticed, is that the filename is now removed from the error message.
==== BEGIN OUTPUT =====
D:\Test>"D:\test\RsynCrypto\RsynCrypto.exe" -d "D:\Test\EncryptedFiles\testfile.pdf" "D:\Test\ClearFiles\testfile.pdf" "D:\Test\keys\testfile.pdf" "D:\Test\Certificate\Cert.key"
error:0407A079:rsa routines:RSA_padding_check_PKCS1_OAEP:oaep decoding error
===== END OUTPUT ======
Thanks in advance.
Van: Jan Alphenaar [mailto:
Verzonden: zaterdag 19 juli 2008 11:44
CC: 'Shachar Shemesh'
Onderwerp: File size zero after decrypting with wrong certificate
Sorry for keeping you busy lately. I now have some kind of theoretical question.
When I encrypt my file with a certificate, let’s say certificate A. And I copy this encrypted file to a CD. Assume I do this on a daily basis. At some point in time my certificate gets corrupted and I have to generate a new one (certificate B). This would obviously make my in the past created backups useless...
Now I start creating backups with this new certificate for the next couple of months, so far so good. Then something happens and I decide to restore (decrypt) a file from the CD. But - silly me - I use a file which is encrypted with certificate A, resulting in the following rsyncrypto error.
======== BEGIN OUTPUT ========
"D:\Restore\test001.txt" error:0407A079:rsa routines:RSA_padding_check_PKCS1_OAEP:oaep decoding error:
========= END OUTPUT =========
The file which needed to be overwritten was still on my disk before I did this, but after the decryption my file has size 0, leaving me with nothing.
Would it be possible/desirable to make rsyncrypto generate an error message and leave the file intact when it tries to decrypt a file with the wrong certificate, in stead of zeroing it out?