support xxd, perl or printf with '%b' directive, in this order

elasticdog · Sep 15, 2024 · 29ee59f · 29ee59f
1 parent 054adb3
commit 29ee59f
Show file tree

Hide file tree

Showing 3 changed files with 25 additions and 1 deletion.
diff --git a/INSTALL.md b/INSTALL.md
@@ -6,6 +6,8 @@ The requirements to run transcrypt are minimal:
 - Git
 - OpenSSL
 - `column` command (on Ubuntu/Debian install `bsdmainutils`)
+- if using OpenSSL version 3, one of `xxd` (on Ubuntu/Debian is included with `vim`)
+  or `perl` or `printf` (with %b directive) command
 
 ...and optionally:
 

diff --git a/README.md b/README.md
@@ -56,6 +56,8 @@ The requirements to run transcrypt are minimal:
 - Git
 - OpenSSL
 - `column` and `hexdump` commands (on Ubuntu/Debian install `bsdmainutils`)
+- if using OpenSSL version 3, one of `xxd` (on Ubuntu/Debian is included with `vim`)
+  or `perl` or `printf` (with %b directive) command
 
 ...and optionally:
 

diff --git a/transcrypt b/transcrypt
@@ -188,6 +188,24 @@ is_salt_prefix_workaround_required() {
 # (keyed with a combination of the filename and transcrypt password), and
 # then use the last 16 bytes of that HMAC for the file's unique salt.
 
+# shellcheck disable=SC2155
+readonly IS_PRINTF_BIN_SUPPORTED=$([[ "$(echo -n "41" | sed "s/../\\\\x&/g" | xargs -0 printf "%b")" == "A" ]] && echo 'true' || echo 'false')
+
+hex_to_bin() {
+	if command -v "xxd" >/dev/null; then
+		# alternative 1 but xxd only comes with vim
+		xxd -r -p
+	elif command -v "perl" >/dev/null; then
+		# alternative 2 as perl is fairly common
+		perl -pe "s/([0-9A-Fa-f]{2})/chr(hex(\$1))/eg"
+	elif $IS_PRINTF_BIN_SUPPORTED; then
+		# alternative 3 but requires printf that supports "%b" e.g. macOS /usr/bin/printf doesn't
+		sed "s/../\\\\x&/g" | xargs -0 printf "%b"
+	else
+		die 'required command not found: xxd or perl or printf that supports "%%b"'
+	fi
+}
+
 git_clean() {
 	context=$(extract_context_name_from_name_value_arg "$1")
 	[[ "$context" ]] && shift
@@ -216,7 +234,7 @@ git_clean() {
 		if [ "$(is_salt_prefix_workaround_required)" == "true" ]; then
 			# Encrypt the file to base64, ensuring it includes the prefix 'Salted__' with the salt. #133
 			(
-				echo -n "Salted__" && echo -n "$salt" | sed "s/../\\\\x&/g" | xargs -0 printf "%b" &&
+				echo -n "Salted__" && echo -n "$salt" | hex_to_bin &&
 					# Encrypt file to binary ciphertext
 					ENC_PASS=$password "$openssl_path" enc -e "-${cipher}" -md MD5 -pass env:ENC_PASS -S "$salt" -in "$tempfile"
 			) |
@@ -397,6 +415,8 @@ run_safety_checks() {
 		command -v "$cmd" >/dev/null || die 'required command "%s" was not found' "$cmd"
 	done
 
+	echo -n "41" | hex_to_bin >/dev/null
+
 	# ensure the repository is clean (if it has a HEAD revision) so we can force
 	# checkout files without the destruction of uncommitted changes
 	if [[ $requires_clean_repo ]] && [[ $HEAD_EXISTS ]] && [[ $IS_BARE == 'false' ]]; then