Initial code for encrypting a whole tree

5ac5cb99 · rhatto · fa8b699d · 5ac5cb99
Commit 5ac5cb99 authored Aug 17, 2013 by rhatto
--- a/share/keyringer/encrypt
+++ b/share/keyringer/encrypt
@@ -7,48 +7,62 @@
 LIB="`dirname $0`/../../lib/keyringer/functions"
 source "$LIB" || exit 1

-# Aditional parameters
-if [ ! -z "$3" ]; then
-  UNENCRYPTED_FILE="$2"
-  keyringer_get_new_file "$3"
+# Encrypt a secret
+function keyringer_encrypt {
+  # Set recipients file
+  keyringer_set_recipients "$FILE"

-  if [ ! -f "$UNENCRYPTED_FILE" ]; then
-    echo "Error: cannot encrypted $UNENCRYPTED_FILE: file not found."
-    exit 1
+  # Encrypt
+  mkdir -p "$KEYDIR/`dirname $FILE`"
+
+  if [ "$BASENAME" == "encrypt" ]; then
+    # Only display directions if we're running encrypt, not encrypt-batch
+    if [ "$UNENCRYPTED_FILE" == "-" ]; then
+      echo "Type your message and finish your input with EOF (Ctrl-D)."
+    fi
  fi
-else
-  UNENCRYPTED_FILE="-"
-  keyringer_get_new_file "$2"
-fi

-# Set recipients file
-keyringer_set_recipients "$FILE"
+  $GPG --use-agent --armor -e -s $(keyringer_recipients "$RECIPIENTS_FILE") --yes --output "$KEYDIR/$FILE" $UNENCRYPTED_FILE

-# Encrypt
-mkdir -p "$KEYDIR/`dirname $FILE`"
+  err="$?"

-if [ "$BASENAME" == "encrypt" ]; then
-  # Only display directions if we're running encrypt, not encrypt-batch
-  if [ "$UNENCRYPTED_FILE" == "-" ]; then
-    echo "Type your message and finish your input with EOF (Ctrl-D)."
+  if [ "$err" != "0" ]; then
+    exit "$err"
  fi
-fi

-$GPG --use-agent --armor -e -s $(keyringer_recipients "$RECIPIENTS_FILE") --yes --output "$KEYDIR/$FILE" $UNENCRYPTED_FILE
+  if [ "$UNENCRYPTED_FILE" != "-" ]; then
+    echo "Now make to wipe the non-encrypted $UNENCRYPTED_FILE."
+  fi

-err="$?"
+  # Stage
+  if [ -d "$BASEDIR/.git" ]; then
+    keyringer_exec git "$BASEDIR" add "keys/$FILE"
+  fi

-if [ "$err" != "0" ]; then
-  exit "$err"
-fi
+  exit "$?"
+}

-if [ "$UNENCRYPTED_FILE" != "-" ]; then
-  echo "Now make to wipe the non-encrypted $UNENCRYPTED_FILE."
-fi
+# Aditional parameters
+if [ ! -z "$3" ]; then
+  UNENCRYPTED_FILE="$2"
+  keyringer_get_new_file "$3"

-# Stage
-if [ -d "$BASEDIR/.git" ]; then
-  keyringer_exec git "$BASEDIR" add "keys/$FILE"
-fi
+  if [ ! -e "$UNENCRYPTED_FILE" ]; then
+    echo "Error: cannot encrypt $UNENCRYPTED_FILE: file not found."
+    exit 1
+  fi
+
+  # TODO: $FILE shall be prepended by unencrypted file's relative pathname
+  if [ -d "$UNENCRYPTED_FILE" ];
+    for UNENCRYPTED_FILE in `find -type f $INPUTS`; do
+      keyringer_encrypt
+    done
+  else
+    keyringer_encrypt
+  fi

-exit "$?"
+else
+  UNENCRYPTED_FILE="-"
+  keyringer_get_new_file "$2"
+  keyringer_encrypt
+fi