gitea-mirror/git-crypt
1
0
Fork 0
mirror of https://github.com/AGWA/git-crypt.git synced 2025-12-16 01:20:45 -08:00
Code Issues Packages Projects Releases Wiki Activity

Improve usability of 'git-crypt keygen'

Browse Source 
* Display message asking user to move the mouse, etc. to generate more
   entropy.
 * Disable buffering on the fstream so we don't read more randomness
   than we have to.
 * Refuse to overwrite an existing key file.
This commit is contained in:
Andrew Ayer
2013-04-28 09:33:17 -07:00
parent 9654cb6044
commit 33f6d73a0c
1 changed files with 10 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
commands.cpp
View File

@@ -282,6 +282,10 @@ void init (const char* argv0, const char* keyfile)
void keygen (const char* keyfile)
{
if (access(keyfile, F_OK) == 0) {
std::clog << keyfile << ": File already exists - please remove before continuing\n";
std::exit(1);
}
mode_t old_umask = umask(0077); // make sure key file is protected
std::ofstream keyout(keyfile);
if (!keyout) {
@@ -289,11 +293,16 @@ void keygen (const char* keyfile)
std::exit(1);
}
umask(old_umask);
std::ifstream randin("/dev/random");
std::ifstream randin;
randin.rdbuf()->pubsetbuf(0, 0); // disable vuffering so we don't take more entropy than needed
randin.open("/dev/random", std::ios::binary);
if (!randin) {
perror("/dev/random");
std::exit(1);
}
std::clog << "Generating key... this may take a while. Please type on the keyboard, move the\n";
std::clog << "mouse, utilize the disks, etc. to give the random number generator more entropy.\n";
std::clog.flush();
char buffer[AES_KEY_BITS/8 + HMAC_KEY_LEN];
randin.read(buffer, sizeof(buffer));
if (randin.gcount() != sizeof(buffer)) {