Tool to migrate a git-crypt revamp branch key

migrate-revamp-key.cpp

// Migrate an old-style git-crypt revamp branch key to a new-style git-crypt revamp branch key.
// Reads old key from stdin and writes new key to stdout.
// Compile with: c++ -o migrate-revamp-key migrate-revamp-key.cpp

#include <iostream>
#include <cstdlib>
#include <cstring>

static void grab (char* p, std::streamsize len)
{
	std::cin.read(p, len);
	if (std::cin.gcount() != len) {
		std::clog << "Input ended prematurely." << std::endl;
		std::exit(1);
	}
}

int main ()
{
	// header
	// old: "\x00GITCRYPTKEY\x00\x00\x00\x01"
	char old_preamble[16];
	grab(old_preamble, 16);
	if (std::memcmp(old_preamble, "\x00GITCRYPTKEY\x00\x00\x00\x01", 16) != 0) {
		std::clog << "Input is not a git-crypt key." << std::endl;
		return 1;
	}

	// new: "\x00GITCRYPTKEY\x00\x00\x00\x02\x00\x00\x00\x00"
	std::cout.write("\x00GITCRYPTKEY\x00\x00\x00\x02\x00\x00\x00\x00", 20);

	// for each key
	while (std::cin.peek() != -1) {
		// old: [4 byte VERSION] || [32 byte AES KEY] || [64 byte HMAC KEY]
		char	version[4];
		char	aes_key[32];
		char	hmac_key[64];
		grab(version, 4);
		grab(aes_key, 32);
		grab(hmac_key, 64);

		// new: "\x00\x00\x00\x01\x00\x00\x00\x04" || [4 byte VERSION] || "\x00\x00\x00\x03\x00\x00\x00\x20" || [32 byte AES KEY] || "\x00\x00\x00\x05\x00\x00\x00\x40" || [64 byte AES KEY] || "\x00\x00\x00\x00"
		std::cout.write("\x00\x00\x00\x01\x00\x00\x00\x04", 8);
		std::cout.write(version, 4);
		std::cout.write("\x00\x00\x00\x03\x00\x00\x00\x20", 8);
		std::cout.write(aes_key, 32);
		std::cout.write("\x00\x00\x00\x05\x00\x00\x00\x40", 8);
		std::cout.write(hmac_key, 64);
		std::cout.write("\x00\x00\x00\x00", 4);
	}
	if (!std::cout) {
		std::clog << "Unable to fully write to stdout." << std::endl;
		return 1;
	}
	return 0;
}