#!/usr/bin/env bash
#
# Re-encrypt files to multiple recipients.
#

# Load functions
LIB="`dirname $0`/../functions"
source "$LIB" readwrite $* || exit 1

# Recrypt a single secret
function keyringer_recrypt {

  # Get file
  keyringer_get_file "$1"

  # Set recipients file
  keyringer_set_recipients "$FILE"

  # Decrypt
  decrypted="$($GPG --use-agent -d "$KEYDIR/$FILE")"

  if [ "$?" != "0" ]; then
    echo "Decryption error on $1."
    exit 1
  fi

  # Recrypt
  recrypted="`echo "$decrypted" | $GPG --use-agent --armor -e -s $(keyringer_recipients "$RECIPIENTS_FILE")`"

  if [ "$?" != "0" ]; then
    echo "Recryption error on $1."
    exit 1
  fi

  unset decrypted
  echo "$recrypted" > "$KEYDIR/$FILE"
}

# Syntax check and dispatcher
if [ ! -z "$2" ]; then
  keyringer_recrypt $2
else
  cd $KEYDIR && find ./ | while read file; do
    if [ ! -d "$KEYDIR/$file" ]; then
      keyringer_recrypt "$file"
    fi
  done
fi