#!/bin/bash

# Unsecure implementation of a simple encrypted file editor
# The file is saved IN PLAIN TEXT when editing,
# this script only takes care of storing the file 
# encrypted

function helpexit() {
    echo "Edit a GPG encrypted file with vim.
####################################################
# UNSECURE IMPLEMENTATION, since the file is saved #
# IN PLAIN TEXT when editing,                      #
# this script only takes care of storing the file  #
# encrypted.                                       #
####################################################

Modified file is always backed up as .old

Usage: $( basename $0 ) textfile.gpg

Vim additions: H to unhide all lines
               h to hide lines except cursor

"
    exit
}
[[ -z "$1" ]] && helpexit
[[ "$1" = "-h" ]] && helpexit
RM=rm
which shred &> /dev/null && RM="shred -u"

if [[ ! "$1" == *\.gpg ]]; then
  echo "source is not .gpg"
  exit 1
fi
unc="${1%.gpg}"
if [ -e "$unc" ]; then 
  echo "$unc already exists. exiting"
  exit 1
fi
if [ ! -e "$1" ]; then
  echo "File $1 does not exist. Creating empty file"
  echo " " > "$unc"
else 
    gpg --decrypt "$1" > "$unc"
fi
LIB=$( dirname $( readlink -f $0 ) )/crypted.vim
edit=`date +%s -r $unc`
if [ -s "$unc" ]; then 
  vim -i NONE -S "$LIB" -n -c "call Hide()" "$unc"    
else 
  echo Error in decrypting
  $RM "$unc"
  exit 1
fi

afteredit=`date +%s -r "$unc"`

if (( $edit != $afteredit )); then 
  cat "$unc" | gpg -ca > "$1".tmp
  if [ -s "$1".tmp ]; then 
    [[ -e "$1" ]] && mv -f "$1" "$1".old
    mv -f "$1".tmp "$1"
  fi
fi
$RM "$unc"