From 33f6d73a0cf06d91a8aaf4f7caff907e6c53eee9 Mon Sep 17 00:00:00 2001
From: Andrew Ayer <agwa@andrewayer.name>
Date: Sun, 28 Apr 2013 09:33:17 -0700
Subject: [PATCH] Improve usability of 'git-crypt keygen'

 * Display message asking user to move the mouse, etc. to generate more
   entropy.
 * Disable buffering on the fstream so we don't read more randomness
   than we have to.
 * Refuse to overwrite an existing key file.
---
 commands.cpp | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

diff --git a/commands.cpp b/commands.cpp
index fc2baea..ceb1678 100644
--- a/commands.cpp
+++ b/commands.cpp
@@ -282,6 +282,10 @@ void init (const char* argv0, const char* keyfile)
 
 void keygen (const char* keyfile)
 {
+	if (access(keyfile, F_OK) == 0) {
+		std::clog << keyfile << ": File already exists - please remove before continuing\n";
+		std::exit(1);
+	}
 	mode_t		old_umask = umask(0077); // make sure key file is protected
 	std::ofstream	keyout(keyfile);
 	if (!keyout) {
@@ -289,11 +293,16 @@ void keygen (const char* keyfile)
 		std::exit(1);
 	}
 	umask(old_umask);
-	std::ifstream	randin("/dev/random");
+	std::ifstream	randin;
+	randin.rdbuf()->pubsetbuf(0, 0); // disable vuffering so we don't take more entropy than needed
+	randin.open("/dev/random", std::ios::binary);
 	if (!randin) {
 		perror("/dev/random");
 		std::exit(1);
 	}
+	std::clog << "Generating key... this may take a while. Please type on the keyboard, move the\n";
+	std::clog << "mouse, utilize the disks, etc. to give the random number generator more entropy.\n";
+	std::clog.flush();
 	char		buffer[AES_KEY_BITS/8 + HMAC_KEY_LEN];
 	randin.read(buffer, sizeof(buffer));
 	if (randin.gcount() != sizeof(buffer)) {