Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Tool to migrate a git-crypt revamp branch key
// Migrate an old-style git-crypt revamp branch key to a new-style git-crypt revamp branch key.
// Reads old key from stdin and writes new key to stdout.
// Compile with: c++ -o migrate-revamp-key migrate-revamp-key.cpp
#include <iostream>
#include <cstdlib>
#include <cstring>
static void grab (char* p, std::streamsize len)
{
std::cin.read(p, len);
if (std::cin.gcount() != len) {
std::clog << "Input ended prematurely." << std::endl;
std::exit(1);
}
}
int main ()
{
// header
// old: "\x00GITCRYPTKEY\x00\x00\x00\x01"
char old_preamble[16];
grab(old_preamble, 16);
if (std::memcmp(old_preamble, "\x00GITCRYPTKEY\x00\x00\x00\x01", 16) != 0) {
std::clog << "Input is not a git-crypt key." << std::endl;
return 1;
}
// new: "\x00GITCRYPTKEY\x00\x00\x00\x02\x00\x00\x00\x00"
std::cout.write("\x00GITCRYPTKEY\x00\x00\x00\x02\x00\x00\x00\x00", 20);
// for each key
while (std::cin.peek() != -1) {
// old: [4 byte VERSION] || [32 byte AES KEY] || [64 byte HMAC KEY]
char version[4];
char aes_key[32];
char hmac_key[64];
grab(version, 4);
grab(aes_key, 32);
grab(hmac_key, 64);
// new: "\x00\x00\x00\x01\x00\x00\x00\x04" || [4 byte VERSION] || "\x00\x00\x00\x03\x00\x00\x00\x20" || [32 byte AES KEY] || "\x00\x00\x00\x05\x00\x00\x00\x40" || [64 byte AES KEY] || "\x00\x00\x00\x00"
std::cout.write("\x00\x00\x00\x01\x00\x00\x00\x04", 8);
std::cout.write(version, 4);
std::cout.write("\x00\x00\x00\x03\x00\x00\x00\x20", 8);
std::cout.write(aes_key, 32);
std::cout.write("\x00\x00\x00\x05\x00\x00\x00\x40", 8);
std::cout.write(hmac_key, 64);
std::cout.write("\x00\x00\x00\x00", 4);
}
if (!std::cout) {
std::clog << "Unable to fully write to stdout." << std::endl;
return 1;
}
return 0;
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.