From b003318d811c7cced4d7a90db8410d77e0d000ed Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=C3=85smund=20Grammeltvedt?= <asmundg@snap.tv>
Date: Mon, 13 Oct 2014 21:31:58 +0200
Subject: [PATCH 1/4] Update .gitignore when registering new files

To reduce the risk of accidentally adding plaintext secrets, ignore
registered plaintext files.
---
 bin/blackbox_register_new_file | 12 +++++++++++-
 1 file changed, 11 insertions(+), 1 deletion(-)

diff --git a/bin/blackbox_register_new_file b/bin/blackbox_register_new_file
index b370adf..2030999 100755
--- a/bin/blackbox_register_new_file
+++ b/bin/blackbox_register_new_file
@@ -8,10 +8,11 @@
 # to systems that need the plaintext (unencrypted) versions, run
 # blackbox_postdeploy.sh to decrypt all the files.
 
-# TODO(tlim): Add the unencrypted file to .gitignore
+# TODO(tlim): Add the unencrypted file to .hgignore
 
 set -e
 . _blackbox_common.sh
+_determine_vcs_base_and_type
 
 unencrypted_file=$(get_unencrypted_filename "$1")
 encrypted_file=$(get_encrypted_filename "$1")
@@ -45,6 +46,15 @@ if $SECRETSEXPOSED ; then
 else
   COMMIT_FILES="$BB_FILES $encrypted_file"
 fi
+
+IGNOREFILE=".${VCS_TYPE}ignore"
+if [[ $VCS_TYPE = 'git' ]]; then
+    if ! grep -Fsx >/dev/null "$unencrypted_file" "$IGNOREFILE"; then
+        echo "$unencrypted_file" >>"$IGNOREFILE"
+        COMMIT_FILES="$COMMIT_FILES $IGNOREFILE"
+    fi
+fi
+
 echo 'NOTE: "already tracked!" messages are safe to ignore.'
 vcs_add $BB_FILES $encrypted_file
 vcs_commit "registered in blackbox: ${unencrypted_file}" $COMMIT_FILES

From 574bbf50ade8f9bf2232948a2d7678f46d7d6b9f Mon Sep 17 00:00:00 2001
From: "tlimoncelli@stackexchange.com" <tlimoncelli@stackexchange.com>
Date: Tue, 14 Oct 2014 14:22:52 +0000
Subject: [PATCH 2/4] "make test" should have more clear output on failure.

---
 Makefile | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/Makefile b/Makefile
index ba12ec1..9742e09 100644
--- a/Makefile
+++ b/Makefile
@@ -37,4 +37,8 @@ unlock:
 test:
 	echo "You don't want to run this."
 	exit 1
-	pkill gpg-agent ; rm -rf /tmp/tmp.* ; export PATH=/home/tlimoncelli/gitwork/blackbox/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/sbin:/usr/sbin:/sbin ; cd ~/gitwork/blackbox;tools/confidence_test.sh;ls -lad /home/tlimoncelli/.gnupg || true
+	pkill gpg-agent ; rm -rf /tmp/tmp.* ; \
+		export PATH=/home/tlimoncelli/gitwork/blackbox/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/sbin:/usr/sbin:/sbin ; \
+		cd ~/gitwork/blackbox ; \
+		tools/confidence_test.sh ; \
+		if [[ -e ~/.gnupg ]]; then echo ERROR: '~/.gnupg' should not exist ; false ; fi

From 225909cdf3e99c004d9f06b4e21a342da4481679 Mon Sep 17 00:00:00 2001
From: "tlimoncelli@stackexchange.com" <tlimoncelli@stackexchange.com>
Date: Tue, 14 Oct 2014 14:23:34 +0000
Subject: [PATCH 3/4] For git, add plaintext files to .gitignore to prevent
 accidental additions.

---
 bin/blackbox_register_new_file | 10 ++++---
 tools/confidence_test.sh       | 48 ++++++++++++++++++++++++++++------
 2 files changed, 46 insertions(+), 12 deletions(-)

diff --git a/bin/blackbox_register_new_file b/bin/blackbox_register_new_file
index 2030999..77ec97e 100755
--- a/bin/blackbox_register_new_file
+++ b/bin/blackbox_register_new_file
@@ -49,10 +49,12 @@ fi
 
 IGNOREFILE=".${VCS_TYPE}ignore"
 if [[ $VCS_TYPE = 'git' ]]; then
-    if ! grep -Fsx >/dev/null "$unencrypted_file" "$IGNOREFILE"; then
-        echo "$unencrypted_file" >>"$IGNOREFILE"
-        COMMIT_FILES="$COMMIT_FILES $IGNOREFILE"
-    fi
+  ignored_file="$(echo "$unencrypted_file" | sed 's/^\([!#]\)/\\\1/')"
+  if ! grep -Fsx >/dev/null "$ignored_file" "$IGNOREFILE"; then
+    echo "$ignored_file" >>"$IGNOREFILE"
+    COMMIT_FILES="$COMMIT_FILES $IGNOREFILE"
+  fi
+  vcs_add "$IGNOREFILE"
 fi
 
 echo 'NOTE: "already tracked!" messages are safe to ignore.'
diff --git a/tools/confidence_test.sh b/tools/confidence_test.sh
index bd977af..67674a3 100755
--- a/tools/confidence_test.sh
+++ b/tools/confidence_test.sh
@@ -52,6 +52,30 @@ function assert_file_group() {
     exit 1
   fi
 }
+function assert_line_not_exists() {
+  local target="$1"
+  local file="$2"
+  assert_file_exists "$file"
+  if grep -F -x -s -q >/dev/null "$target" "$file" ; then
+    echo "ASSERT FAILED: line '$target' should not exist in file $file"
+    echo ==== file contents: START "$file"
+    cat "$file"
+    echo ==== file contents: END "$file"
+    exit 1
+  fi
+}
+function assert_line_exists() {
+  local target="$1"
+  local file="$2"
+  assert_file_exists "$file"
+  if ! grep -F -x -s -q >/dev/null "$target" "$file" ; then
+    echo "ASSERT FAILED: line '$target' should not exist in file $file"
+    echo ==== file contents: START "$file"
+    cat "$file"
+    echo ==== file contents: END "$file"
+    exit 1
+  fi
+}
 
 make_tempdir test_repository
 cd "$test_repository"
@@ -210,13 +234,7 @@ rm secret.txt
 
 PHASE 'Bob removes alice.'
 blackbox_removeadmin alice@example.com
-if grep -xs >dev/null 'alice@example.com' keyrings/live/blackbox-admins.txt ; then
-  echo "ASSERT FAILED: alice@example.com should be removed from keyrings/live/blackbox-admins.txt"
-  echo ==== file start
-  cat keyrings/live/blackbox-admins.txt
-  echo ==== file end
-  exit 1
-fi
+assert_line_not_exists 'alice@example.com' keyrings/live/blackbox-admins.txt
 
 PHASE 'Bob reencrypts files so alice can not access them.'
 blackbox_update_all_files
@@ -266,6 +284,20 @@ assert_file_exists to/relsecrets.txt.gpg
 assert_file_md5hash to/relsecrets.txt "c47f9c3c8ce03d895b883ac22384cb67"
 cd ../..
 
+PHASE 'Bob enrolls !important!.txt'
+echo A very important file >'!important!.txt'
+blackbox_register_new_file '!important!.txt'
+assert_file_missing '!important!.txt'
+assert_file_exists '!important!.txt'.gpg
+assert_line_exists '\!important!.txt' .gitignore
+
+PHASE 'Bob enrolls #andpounds.txt'
+echo A very commented file >'#andpounds.txt'
+blackbox_register_new_file '#andpounds.txt'
+assert_file_missing '#andpounds.txt'
+assert_file_exists '#andpounds.txt'.gpg
+assert_line_exists '\#andpounds.txt' .gitignore
+
 # TODO(tlim): Add test to make sure that now alice can NOT decrypt.
 
 #
@@ -277,7 +309,7 @@ if [[ -e $HOME/.gnupg ]]; then
   exit 1
 fi
 
-find * -ls
+find .git?* * -type f -ls
 echo cd "$test_repository"
 echo rm "$test_repository"
 echo DONE.

From 8a180325c1d4117f673d6a3ed0eaff642ddc2534 Mon Sep 17 00:00:00 2001
From: "tlimoncelli@stackexchange.com" <tlimoncelli@stackexchange.com>
Date: Tue, 14 Oct 2014 14:26:24 +0000
Subject: [PATCH 4/4] Add TODO

---
 bin/blackbox_register_new_file | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/bin/blackbox_register_new_file b/bin/blackbox_register_new_file
index 77ec97e..f855ad8 100755
--- a/bin/blackbox_register_new_file
+++ b/bin/blackbox_register_new_file
@@ -47,6 +47,8 @@ else
   COMMIT_FILES="$BB_FILES $encrypted_file"
 fi
 
+# TODO(tlim): This should be moved to _blackbox_common.sh in a
+# VCS-independent way.
 IGNOREFILE=".${VCS_TYPE}ignore"
 if [[ $VCS_TYPE = 'git' ]]; then
   ignored_file="$(echo "$unencrypted_file" | sed 's/^\([!#]\)/\\\1/')"