-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathgit-passwd-crypto
executable file
·142 lines (124 loc) · 4.26 KB
/
git-passwd-crypto
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
#!/bin/bash
########################################################
# Here starts the arg variant
########################################################
if [[ $# -eq 1 ]]; then
echo "Crypto password change with URL variant: script will download repository, change the password and commit it before you know it!"
echo -n Old password:
read -s OLDPASSWORD
printf '\n'
echo -n New password:
read -s NEWPASSWORD
printf '\n'
echo -n Repeat new password:
read -s CONFIRMPASSWORD
printf '\n'
if [ "$NEWPASSWORD" != "$CONFIRMPASSWORD" ]; then
echo "New passwords don't match"
exit
fi
REPO=$1
DIRECTORY=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | head -n 1)
CRYPTO_DIR=".git/.crypto"
CLEAN_FILTER="$CRYPTO_DIR/cleanFilter"
SMUDGE_FILTER="$CRYPTO_DIR/smudgeFilter"
DIFF_FILTER="$CRYPTO_DIR/diffFilter"
git clone-crypto $REPO $DIRECTORY $OLDPASSWORD
cd $DIRECTORY
########################################################
rm -rf $CRYPTO_DIR
mkdir $CRYPTO_DIR
########################################################
echo "#!/bin/bash" >> $CLEAN_FILTER
echo "" >> $CLEAN_FILTER
echo "SALT=7F23" >> $CLEAN_FILTER
echo "" >> $CLEAN_FILTER
echo "PASS=$NEWPASSWORD" >> $CLEAN_FILTER
echo "" >> $CLEAN_FILTER
echo 'openssl enc -e -base64 -aes-128-cfb -S $SALT -k $PASS' >> $CLEAN_FILTER
echo "" >> $CLEAN_FILTER
chmod +x $CLEAN_FILTER
########################################################
echo "#!/bin/bash" >> $SMUDGE_FILTER
echo "" >> $SMUDGE_FILTER
echo "PASS=$NEWPASSWORD" >> $SMUDGE_FILTER
echo "" >> $SMUDGE_FILTER
echo 'openssl enc -d -base64 -aes-128-cfb -k $PASS' >> $SMUDGE_FILTER
echo "" >> $SMUDGE_FILTER
chmod +x $SMUDGE_FILTER
########################################################'
echo "#!/bin/bash" >> $DIFF_FILTER
echo "" >> $DIFF_FILTER
echo "PASS=$NEWPASSWORD" >> $DIFF_FILTER
echo "" >> $DIFF_FILTER
echo 'openssl enc -d -base64 -aes-128-cfb -k $PASS -in "$1" || cat "$1"' >> $DIFF_FILTER
echo "" >> $DIFF_FILTER
chmod +x $DIFF_FILTER
########################################################
git rm --cached -r *
git commit -m "Changing crypto password part 1 of 2"
git add *
git commit -m "Changing crypto password part 2 of 2"
git push origin master
cd ..
rm -rf $DIRECTORY
fi
########################################################
# Here starts the no-arg variant
########################################################
if [[ $# -eq 0 ]]; then
echo "Crypto password change with local repository variant: script will change password on already downloaded repository and commit it before you know it!"
echo -n New password:
read -s NEWPASSWORD
printf '\n'
echo -n Repeat new password:
read -s CONFIRMPASSWORD
printf '\n'
if [ "$NEWPASSWORD" != "$CONFIRMPASSWORD" ]; then
echo "New passwords don't match"
exit
fi
CRYPTO_DIR=".git/.crypto"
CLEAN_FILTER="$CRYPTO_DIR/cleanFilter"
SMUDGE_FILTER="$CRYPTO_DIR/smudgeFilter"
DIFF_FILTER="$CRYPTO_DIR/diffFilter"
if [ ! -d "$CRYPTO_DIR" ]; then
echo "This directory does not contain crypto dir .git/.crypto - check if you're in the right place"
exit
fi
########################################################
rm -rf $CRYPTO_DIR
mkdir $CRYPTO_DIR
########################################################
echo "#!/bin/bash" >> $CLEAN_FILTER
echo "" >> $CLEAN_FILTER
echo "SALT=7F23" >> $CLEAN_FILTER
echo "" >> $CLEAN_FILTER
echo "PASS=$NEWPASSWORD" >> $CLEAN_FILTER
echo "" >> $CLEAN_FILTER
echo 'openssl enc -e -base64 -aes-128-cfb -S $SALT -k $PASS' >> $CLEAN_FILTER
echo "" >> $CLEAN_FILTER
chmod +x $CLEAN_FILTER
########################################################
echo "#!/bin/bash" >> $SMUDGE_FILTER
echo "" >> $SMUDGE_FILTER
echo "PASS=$NEWPASSWORD" >> $SMUDGE_FILTER
echo "" >> $SMUDGE_FILTER
echo 'openssl enc -d -base64 -aes-128-cfb -k $PASS' >> $SMUDGE_FILTER
echo "" >> $SMUDGE_FILTER
chmod +x $SMUDGE_FILTER
########################################################'
echo "#!/bin/bash" >> $DIFF_FILTER
echo "" >> $DIFF_FILTER
echo "PASS=$NEWPASSWORD" >> $DIFF_FILTER
echo "" >> $DIFF_FILTER
echo 'openssl enc -d -base64 -aes-128-cfb -k $PASS -in "$1" || cat "$1"' >> $DIFF_FILTER
echo "" >> $DIFF_FILTER
chmod +x $DIFF_FILTER
########################################################
git rm --cached -r *
git commit -m "Changing crypto password part 1 of 2"
git add *
git commit -m "Changing crypto password part 2 of 2"
git push origin master
fi