Sanitizer: How to use decryptFile command


Another question.
How to use the decryptFile option of sanitizer-0.16.jar?

Should I use a file form d or from m folder? I tried both with no error, but at the end no file was decrypted.

All you need to do is add the --vault parameter, everything else will then be asked via the CLI:

$ java -jar /Users/sebastian/Desktop/sanitizer-0.16.jar decryptFile --vault /Users/sebastian/Desktop/testvault
# Cryptomator vault sanitizer v0.16 #

Vault password: 
Enter absolute path of an encrypted file: /Users/sebastian/Desktop/testvault/d/3D/AQ56PYSCXIZFWJQOW2UTAIZWISH3IC/4SAWGHFAJPTJPRCUGGPZFADDAQOUUX2RT3436FNQXOMHTD6OGLAQ====
Enter absolute path of decrypted output: /Users/sebastian/Desktop/testfile
File successfully decrypted.

All files are stored in the d directory. Make sure not to use anything starting with a 0 or 1S. Those aren’t files but directories and symlinks.

I use the “check -deep” command to check the vault.

How to fix these errors, not supported by the tool:

This is supported by the command line tool:

OrphanDirectory are directories that should no longer exist but survived because they could not be deleted for some reason. Just a warning, nothing that you need to care about.

A ContentMismatch is reported when there are files that don’t belong into the vault structure. Also just a warning that some other processes have been doing stuff inside these folders where they shouldn’t, but it doesn’t lead to errors.

MissingDirectory and EmptyEncryptedFile on the other hand are serious problems and not recoverable. MissingDirectory is the opposite of OrphanDirectory. A directory should be present but was deleted. EmptyEncryptedFile means that an encrypted file is empty (no shit!) and does not even contain any metadata.

The errors indicate that parts of your vault is being tampered with. If it just was a few "EmptyEncryptedFile"s, I would suggest to restore those files from a backup. But since you even have whole missing directories, I’d rather restore the whole vault.

Thanks for the answer.

Which means I can delete the files/folders which are mentioned in the report as:

How to find out which decrypted directory belongs to this error?
I can restore them from my decrypted backup

I couldn’t make it work until I noticed that the “output” should be a filename instead of a folder name.
Could you make it more obvious, in Sanitizer, that we need to provide the destination filename ourselves ?
Current question (v0.16) for the decryptFile function is :

 `Enter absolute path of decrypted output:`

where many people will probably answer with a folder path.