#!/bin/bash
#
# Load a key from a menu.
#

# Parameters
BASENAME="`basename $0`"
KEYS="$HOME/.ssh/keys"

# Check
if [ ! -d "$KEYS" ]; then
  echo "$BASENAME: folder not found: $KEYS"
  exit 1
fi

# Get available keys
function __query {
  (
  cd $KEYS && find -name '*.pub' | sed -e 's/.pub$//' | grep -v decomissioned | while read line; do
    # See https://security.stackexchange.com/questions/129724/how-to-check-if-an-ssh-private-key-has-passphrase-or-not#129727
    #if grep -q ',ENCRYPTED' $line; then
    if ! ssh-keygen -y -P "" -f $line &> /dev/null; then
      handle="`echo $line | cut -d '/' -f 3`"
      type="`echo $line | cut -d '/' -f 2`"
      echo "$handle ($type)"
    fi
  done
  )
}

# List available keys
function __list {
  n="0"
  __query | sort | uniq | while read key; do
    echo -en "$n. $key"
    echo ""
    let ++n
  done | column -t -c 6
}

# Display the keys available in the agent
function __loaded {
  #ssh-add -L | cut -d ' ' -f 3 | sed -e 's/^/\t/'

  ssh-add -L | while read line; do
    type="`echo $line | cut -d ' ' -f 1 | sed -e 's/^ssh-//'`"
    handle="`echo $line | cut -d ' ' -f 3-`"

    if [ -e "$handle" ]; then
      handle="`basename $handle`"
    fi

    echo "$handle ($type)"
  done | sort | column -t -c 6
}

# Key chooser mennu
function __chooser {
  echo "Usage: $BASENAME <keytype> <handle>"
  echo ""
  echo "Available keys"
  echo ""
  __list | sed -e 's/^/\t/'
  echo ""

  if [ "`LC_ALL=C ssh-add -L`" != "The agent has no identities." ]; then
    echo "Current loaded keys:"
    echo ""
    __loaded | sed -e 's/^/\t/'
    echo ""
  fi

  read -rep "Choose key: " n

  # Check the selected option
  if [ ! -z "$n" ]; then
    key="$(__list | grep -E "(^$n.| $n:)" | sed -e "s/^[0-9]*. //" | cut -d : -f 1)"

    if [ ! -z "$key" ]; then
      __load $key
    fi
  fi
}

# Load a key
function __load {
  HANDLE="$1"
  TYPE="`echo $2 | sed -e 's/(//' -e 's/)//'`"
  KEY="$KEYS/$TYPE/$HANDLE"

  # Check if the selected option has a custom procedure (monkeysphere, keyringer, etc)
  if [ -x "$KEY.askpass" ]; then
    # SSH-ADD(1) says: "Note that on some machines it may be necessary to redirect the input from /dev/null to make this work".
    SSH_ASKPASS="$KEY.askpass" ssh-add $KEY < /dev/null
  else
    ssh-add $KEY
  fi

  # UX
  if [ "$?" == "0" ]; then
    if which awesome-client &> /dev/null; then
      echo "naughty.notify({title = \"SSH:\", text =\"Loaded $HANDLE ($TYPE)\", timeout = 2})" | awesome-client &> /dev/null

      # Cancel the last command exit status in casa awesome is not available
      true
    fi
  fi
}

# Dispatch
if [ ! -z "$2" ]; then
  __load $2 $1
else
  __chooser
fi