#!/bin/sh
set -e
IFS='
'
if ! gpg=$(command -v gpg2) >/dev/null; then
  echo "$0 requires gpg2" >&2
  false
fi

#!/bin/sh
[ -d .pijul ] || {
  echo 'this directory does not seem to be Pijul repositry.' >&2
  false
}
. .pijul/encrypt/scripts.sh
if [ -f .encrypt.d/master_key.gpg ]; then
  echo 'pijul-encrypt already configured!'
  false
fi
recipients="$*"
[ "$recipients" ] || {
  echo 'Specify recipients fingerprints.'
  read -r recipients
}
(
  IFS=' '
  .pijul/encrypt/add-recipients.sh $recipients
)
echo 'generating master key...'
master_key=$($gpg --armor --gen-random 16 512)
echo "master key generated: $master_key"
printf %s "$master_key" | $gpg --batch --passphrase-fd 0 --sign --encrypt --symmetric \
  $(printf -- '--recipient-file\n%s\n' .encrypt.d/recipient/*.asc) \
  --set-filename .encrypt.d/master_key --output .encrypt.d/master_key.gpg
echo "Now add .pijul/encrypt/hook-record.sh to record hook.
edit .pijul/config as below:
\`\`\`
[hooks]
record = ['.pijul/encrypt/hook-record.sh']
\`\`\`
"

set -ex
# 改行以外の空白で文字列を分割しない
IFS='
'

if ! gpg=$(command -v gpg2) >/dev/null; then
  echo "$0 requires gpg2" >&2
  false
fi

. .pijul/encrypt/scripts.sh

      --sign --encrypt-to-default-key --symmetric "$path"

      --sign --encrypt --symmetric \
      $(printf -- "--recipient-file$IFS%s$IFS" .encrypt.d/recipient/*.asc) "$path"

#!/bin/sh
[ -d .pijul ] || {
  echo 'this directory does not seem to be Pijul repositry.' >&2
  false
}
. .pijul/encrypt/scripts.sh
[ "$*" ] || {
  echo 'Please supply the recipients fingerprints as arguments.' >&2
  false
}
mkdir -p .encrypt.d/recipient/
for recipient in "$@"; do
  gpg --armor --export "$recipient" >".encrypt.d/recipient/$recipient.asc"
done