#!/bin/sh
# Execute a command in an environment which encrypts, decrypts, and
# verifies files on demand.
#
# Copyright (C) 2016 Free Software Foundation, Inc.
#
# This file is part of the GNU Hurd.
#
# The GNU Hurd is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License as
# published by the Free Software Foundation; either version 2, or (at
# your option) any later version.
#
# The GNU Hurd is distributed in the hope that it will be useful, but
# WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
# General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
#

USAGE="Usage:
    [gpg-env] encrypt for RECIPIENT [RECIPIENT...] -- [OPTION...] [COMMAND...]
    [gpg-env] encrypt with password                   [OPTION...] [COMMAND...]
    [gpg-env] decrypt                                 [OPTION...] [COMMAND...]
    [gpg-env] decrypt with password                   [OPTION...] [COMMAND...]
    [gpg-env] verify                                  [OPTION...] [COMMAND...]"
DOC="Execute COMMAND in an environment where files are automatically
encrypted, decrypted and verified."

help()
{
    [ "$1" ] && echo "$1
"
    echo "$USAGE"
    echo ""
    echo "$DOC"
    echo ""
    echo "  -?, --help                 Give this help list"
    echo "      --usage                Give a short usage message"
    echo "  -V, --version              Print program version"
    [ "$1" ] && exit 1 || exit 0
}

if [ "$(basename $0)" = "gpg-env.sh" ] \
   || [ "$(basename $0)" = "gpg-env" ]; then
    ACTION="$1"
    if [ ! "$ACTION" ]; then
	help "No action given."
    fi
    shift
else
    ACTION="$(basename $0)"
fi

case "$ACTION" in
    "encrypt") ;;
    "decrypt") ;;
    "verify") ;;
    *)
	help "Invalid action '$ACTION'."
esac

ENCRYPT=""
if [ "$ACTION" = "encrypt" ]; then
    if [ "$1" = "with" ] && [ "$2" = "password" ]; then
	ENCRYPT="--symmetric"
	shift 2
    elif [ "$1" = "for" ]; then
	shift
	while [ "$#" -gt 0 ] && [ "x$1" != "x--" ]; do
	    ENCRYPT="$ENCRYPT --recipient $1"
	    shift
	done
	if [ "$ENCRYPT" = "" ]; then
	    echo "No recipients given."
	    exit 1
	fi
	if [ "x$1" = "x--" ]; then
	    shift
	elif [ "$#" -eq 0 ]; then
	    # it's ok if there are no more arguments
	    :
	else
	    echo "Recipient list must be terminated using '--'."
	    exit 1
	fi
    fi
fi

while [ "$#" -gt 0 ]; do
  case "$1" in
    --help|"-?")
      help
      ;;
    --usage)
      echo "$USAGE"
      echo "Options: [-V?] [--help] [--usage] [--version]"
      exit 0;;
    --version|-V)
      echo "STANDARD_HURD_VERSION_gpg-env_"; exit 0;;
    --)
      shift
      break
      ;;
    *)
      break
  esac
done

if [ $# -eq 0 ]; then
  set -- ${SHELL:-/bin/sh}
fi

# We exec settrans, which execs the target command in the chroot
# context provided by /hurd/gpg.
exec /bin/settrans \
     --chroot-chdir "$PWD" \
     --chroot "$@" -- \
     / /hurd/gpg $ENCRYPT