Rationale:
* /dev/random blocks unpredictably on Linux, leading to slow
key generation.
* OpenSSL's RNG is more cross-platform than /dev/(u)random.
Some platforms might not have a (u)random device, or worse,
have a /dev/(u)random that produces insecure random numbers
(like Cygwin, apparently).
* Display message asking user to move the mouse, etc. to generate more
entropy.
* Disable buffering on the fstream so we don't read more randomness
than we have to.
* Refuse to overwrite an existing key file.
At some point between Git 1.7.1 and Git 1.8.1.3, both 'git reset' and
'git status' stopped noticing that files were modified after their
smudge filter changed. Consequentially, 'git reset --hard HEAD' would
not decrypt existing encrypted files in the repo.
This commit changes 'git-crypt init' to use 'git checkout -f HEAD
/top/of/repo' instead, which does the job.
Untracked files are not touched by git reset, so git-crypt init
is safe even with untracked files present.
This relies on the -u option to git-status, which was added in Git
1.6.0, which was released in 2008. Add Git 1.6.0 as a requirement in
the README.
* Correctly check for existence of HEAD (use 'git rev-parse' instead
of 'git show-ref'). Fixes bug where hard reset might be skipped
after running 'git init'.
* Don't require working directory to be clean if HEAD doesn't exist.
(If HEAD doesn't exist, we won't be hard resetting so the working
directory doesn't need to be clean.)
* Overwrite existing git config values (instead of --add'ing them) so
'git-crypt init' can be idempotent.
* In the error message for a disrty working directory, advise user to
commit changes or 'git stash' them.
