#!/bin/bash
# -*- ENCODING: UTF-8 -*-

# picasig
#
# Encrypt and sign.
#
# Copyright (c) 2013-2026: Alexis Puente Montiel   < pica (a) picalibre.org >
#
# Licensed according to GNU AGPL version 3.0.
#
# It is libre/free software; you can use, redistribute and/or modify it according to the terms of GNU AGPL as published by GNU, version 3.0, 19 November 2007.
#
# It is distributed in the hope that it will be useful, but without any warranty. Read GNU AGPL version 3.0 for additional details.
#
# A copy of GNU AGPL version 3.0 is available at /usr/share/doc/<software-package-name>/agpl-3.0.txt (additionally on Internet as text at https://www.gnu.org/licenses/agpl-3.0.txt and as HTML at https://www.gnu.org/licenses/agpl-3.0-standalone.html ).
#
# Note: Additionally to the official e-mails, picalibre.org is strictly the only official site for this software project, please consider using it to download, report bugs and contribute.
#
# Depends: bash, coreutils, dialog | yad | yad-pica | zenity, gawk | mawk | original-awk, gnupg, grep, sed
# Recommends: codecrypt, lxterminal | sakura | xfce4-terminal, x11-xkb-utils
# Suggests: dpkg-sig


### SCRIPT VARIABLES ########################################

CNAME="picasig"
VERSION="1.3.1"
TITLE="PicaSig"
ICON="/usr/share/icons/picasig.png"

# Translations
if [ "$LANG" = "" ] ; then export $(cat /etc/default/locale | grep -a 'LANG=') ; fi
TEXTDOMAIN=picasig
TEXTDOMAINDIR=/usr/share/locale/

# Write errors to log
ERRORLOG="$HOME/.${CNAME}.log"
if [ -e "$ERRORLOG" ] ; then
	mv -f $ERRORLOG ${ERRORLOG}.ant
fi
if [ -e "$ERRORLOG" ] ; then rm -rf "$ERRORLOG" ; fi

for i in /etc/pica-global.dist /etc/pica-global.orig /etc/pica-global /etc/pica-global.local ~/.pica-global ~/pica-global ; do
	if [ -f "$i" ] ; then
	cat "$i"
	source "$i"
	source <(cat $i | sed -e "s/=\(YES\|Yes\|yes\|y\|SÍ\|SI\|Sí\|Si\|sí\|si\|S\|s\)/=Y/g" -e "s/=\(No\|no\|n\)/=N/g" -e "s/=\"\(YES\|Yes\|yes\|y\|SÍ\|SI\|Sí\|Si\|sí\|si\|S\|s\)\"/=Y/g" -e "s/=\"\(No\|no\|n\)\"/=N/g")
	fi
done
if [ "$DEBUG" = "Y" ] ; then
	set -xv
	DEBUG="Y"
else
	ERRORLOG="/tmp/.${CNAME}_$(id -nu).log"
	if [ -e "$ERRORLOG" ] ; then mv -f $ERRORLOG ${ERRORLOG}.ant ; fi
	if [ -e "$ERRORLOG" ] ; then rm -rf "$ERRORLOG" ; fi
fi
if [ "$DEBUG" = "" ] ; then DEBUG="N" ; fi
if [ "$DEBUG" != "N" ] ; then
exec > >(tee -a "$ERRORLOG") 2>&1
echo "$0" "$*" >> "$ERRORLOG"
echo "$CNAME" "$VERSION" >> "$ERRORLOG"
echo $(date +%Y-%m-%d_%H:%M:%S) $"Start" >> "$ERRORLOG"
echo "env:" >> "$ERRORLOG"
env >> "$ERRORLOG"
echo "set:" >> "$ERRORLOG"
set >> "$ERRORLOG"
#else
#exec 2>>"$ERRORLOG"
fi

# Description:
BDESCRIP=$"Encrypt and sign."
LDESCRIP=$"$TITLE is a tool to encrypt and sign."

# Documentation:
docu_info () {
echo "$CNAME ($VERSION) - $BDESCRIP"
echo 
echo $"Usage:" $CNAME [$"OPTIONS"]
echo 
echo $"Options:"
echo -e "$ODESCRIP"
echo 
echo $"'man $CNAME' for more information."
echo 
}
ODESCRIP=" -t""\t"$"Use terminal interface.""\n"" -k""\t"$"Use 'kdialog' if possible.""\n"" -y""\t"$"Use 'yad' if possible (by default in graphical sessions).""\n"" -z""\t"$"Use 'zenity' if possible.""\n"" -x""\t"$"Show help documentation."

while getopts tkyzx OPTION ; do
	case $OPTION in
		t )   T="Y" ; G="N"      ;;
		k )   SDIALOG="kdialog"  ;;
		y )   SDIALOG="yad"      ;;
		z )   SDIALOG="zenity"   ;;
		x )   docu_info ; exit 0 ;;
	esac
done


### DIALOG ########################################

#DEFAULTDIALOGLIST="yad zenity kdialog"
DEFAULTDIALOGLIST="yad zenity"

#if [ -t 0 ] ; then
if [ "$(setxkbmap 1>/dev/null 2>&1 ; echo $? )" -ne 0 ] ; then
	G="N" ; T="Y"
fi

if [ "$G" != "N" ] ; then
	
	if   [ "$SDIALOG" = "kdialog" ] ; then
		DIALOGLIST="kdialog yad zenity"
	elif [ "$SDIALOG" = "yad" ] ; then
		DIALOGLIST="yad zenity kdialog"
	elif [ "$SDIALOG" = "zenity" ] ; then
		DIALOGLIST="zenity yad kdialog"
	else
		DIALOGLIST="$DEFAULTDIALOGLIST"
	fi
	
	if [ "$DIALOGLIST" = "" ] ; then
		if [ "$DEFAULTDIALOGLIST" != "" ] ; then
			DIALOGLIST="$DEFAULTDIALOGLIST"
		else
			DIALOGLIST="yad zenity kdialog"
		fi
	fi
	
	if [ "$(command -v $DIALOGLIST)" = "" ] ; then
		G="N" ; T="Y"
	fi

fi


if [ "$G" = "N" ] ; then

	if [ "$(command -v dialog)" = "" ] ; then
		echo $"ERROR: No supported dialog is installed. $TITLE cannot continue."
		exit 1
	else
		
		DIALOG="dialog --cr-wrap --keep-window --output-fd 1"
		#DIALOG="dialog --cr-wrap --keep-window --output-fd 1 --no-lines --no-shadow"
		if [ "$TITLE" != "" ] ; then
			WICON="--backtitle $(echo $TITLE | sed 's| |-|g')"
		fi
		WTITLE="--title"
		WTEXT=""
		H="0"
		W="0"
		LH="0"
		CALENDAR="--calendar"
		DATEFORMAT="--date-format %Y-%m-%d"
		WTIME="--timebox"
		TIMEFORMAT="--time-format %H:%M:%S"
		DSEL="--dselect"
		FSEL="--fselect"
		WRITE="--inputbox"
		PREWRITE=""
		COLUMN=""
		PRINTCOLUMN1=""
		PRINTCOLUMN2=""
		HIDECOLUMN1=""
		HIDECOLUMN2=""
		#INPUTSEPARATOR="--column-separator"
		#OUTPUTSEPARATOR="--separate-output"
		MONOLIST="--menu"
		#MONOLIST="--radiolist"
		MULTIPLELIST="--separate-output --checklist"
		PRE=""
		POST="off"
		PRES=""
		POSTS="on"

		INFO="--msgbox"
		WAIT="--infobox"

		QYN="--yesno"
		QYNC="--yesno"
		WYN="--yesno"
		WCC="--yesno"
		WYNC="--yesno"
		WM="--msgbox"
		ERROR="--msgbox"

		FORM="--form"
		FORMT=""
		FORMSELPRE=""
		FORMSELPOST=""
		#FORMCALPRE=""
		#FORMCALPOST=""
		#FORMCLPRE=""
		#FORMCLPOST=""
		PRELAB1="1 1"
		POSTLAB1="1 10 999 0"
		PRELAB2="2 1"
		POSTLAB2="2 10 999 0"
		PRELAB3="3 1"
		POSTLAB3="3 10 999 0"

		YES="--yes-label"
		NO="--no-label"
		OK="--ok-label"
		CONTINUE="--ok-label"
		CANCEL="--cancel-label"
		EXTRABUTTON="--extra-button --extra-label"
	
	fi

else

	for i in $DIALOGLIST ; do

		if [ "$(command -v $i)" != "" ] ; then
	
			if [ "$i" = "yad" ] ; then
		
				if [ "$(yad --version | tail -n 1 | cut -d ' ' -f 1 | cut -d '.' -f 1)" -lt 2 ] ; then
					DIALOG="yad --center"  # --selectable-labels (bug in Yad < 2.0) https://github.com/v1cont/yad/blob/master/NEWS
				else
					DIALOG="yad --center --selectable-labels"  # --on-top
				fi
				if [ "$ICON" != "" ] ; then
					WICON="--window-icon $ICON"
				fi
				WTITLE="--title"
				WTEXT="--text"
				H=""
				if [ "$(yad --version | tail -n 1 | grep -aE ^'7.2')" != "" ] ; then
					W="--width=640"
				else
					W="--width=640 --text-width=640 --fixed"  # https://github.com/v1cont/yad/issues/107  https://github.com/v1cont/yad/issues/140
				fi
				LH=""
				CALENDAR="--calendar"
				DATEFORMAT="--date-format %Y-%m-%d"
				WTIME="--separator=\n --columns 3 --form"
				#TIMEFORMAT="--time-format %H:%M:%S"
				DSEL="--file --directory --filename"  # Deleted *-selection alias for --file in Yad 4.0
				FSEL="--file --filename"              # Deleted *-selection alias for --file in Yad 4.0
				WRITE="--entry"
				PREWRITE="--entry-text"
				COLUMN="--column="
				PRINTCOLUMN1="--print-column=01"
				PRINTCOLUMN2="--print-column=02"
				HIDECOLUMN1="--hide-column=01"
				HIDECOLUMN2="--hide-column=02"
				#INPUTSEPARATOR="--item-separator"
				#OUTPUTSEPARATOR="--separator="
				#MONOLIST="--entry"
				MONOLIST="--separator=\n --list --search-column=1 --no-headers"
				MONOLISTH="--separator=\n --list --search-column=1"
				MULTIPLELIST="--separator= --list --checklist --search-column=2 --no-headers"
				MULTIPLELISTH="--separator= --list --checklist --search-column=2"
				PRE="FALSE"
				POST=""
				PRES="TRUE"
				POSTS=""
				# standard gtk keybindings for next and previous search are ctrl+g and ctrl+shift+g while you can redefine them in gtk-keys.css for your theme  # https://github.com/v1cont/yad/issues/127
			
				INFO="--image=/usr/share/icons/picalibre/rm/play.png --button="$"OK"
				WAIT="--image=/usr/share/icons/picalibre/rm/play.png --no-buttons"
			
				QYN="--image=/usr/share/icons/picalibre/rm/question.png --button="$"Yes"":0 --button="$"No"":1"
				QYNC="--image=/usr/share/icons/picalibre/rm/question.png --button="$"Yes"":0 --button="$"No"":1 --button="$"Cancel"":1"
				WYN="--image=/usr/share/icons/picalibre/rm/warning.png --button="$"Yes"":0 --button="$"No"":1"
				WCC="--image=/usr/share/icons/picalibre/rm/warning.png --button="$"Continue"":0 --button="$"Cancel"":1"
				WYNC="--image=/usr/share/icons/picalibre/rm/warning.png --button="$"Yes"":0 --button="$"No"":1 --button="$"Cancel"":1"
				WM="--image=/usr/share/icons/picalibre/rm/warning.png --button="$"OK"
				ERROR="--image=/usr/share/icons/picalibre/rm/error.png --button="$"OK"
			
				FORM="--separator=\n --form"
				FORMT="--field"
				FORMSELPRE="--field"
				FORMSELPOST=":FL"
				FORMCALPRE="--field"
				FORMCALPOST=":DT"
				FORMCLPRE="--field"
				FORMCLPOST=":CB"
				PRELAB1=""
				POSTLAB1=""
				PRELAB2=""
				POSTLAB2=""
				PRELAB3=""
				POSTLAB3=""
			
				YES="--button"
				NO="--button"
				OK="--button"
				CONTINUE="--button"
				CANCEL="--button"
				EXTRABUTTON="--button"
		
			elif [ "$i" = "zenity" ] ; then
		
				DIALOG="zenity"
				if [ "$ICON" != "" ] ; then
					WICON="--window-icon $ICON"
				fi
				WTITLE="--title"
				WTEXT="--text"
				H=""
				W="--width=640"
				LH=""
				CALENDAR="--calendar"
				DATEFORMAT="--date-format %Y-%m-%d"
				WTIME="--separator : --forms"
				#TIMEFORMAT="--time-format %H:%M:%S"
				DSEL="--file-selection --directory --filename"
				FSEL="--file-selection --filename"
				WRITE="--entry"
				PREWRITE="--entry-text"
				COLUMN="--column="
				PRINTCOLUMN1="--print-column=01"
				PRINTCOLUMN2="--print-column=02"
				HIDECOLUMN1="--hide-column=01"
				HIDECOLUMN2="--hide-column=02"
				#INPUTSEPARATOR=""
				#OUTPUTSEPARATOR="--separator=\n"
				MONOLIST="--separator=\n --list --hide-header"
				MONOLISTH="--separator=\n --list"
				MULTIPLELIST="--separator=\n --list --checklist --hide-header"
				MULTIPLELISTH="--separator=\n --list --checklist"
				PRE="FALSE"
				POST=""
				PRES="TRUE"
				POSTS=""
			
				INFO="--info"
				WAIT="--info"
			
				QYN="--question"
				QYNC="--question"
				WYN="--question"
				WCC="--question"
				WYNC="--question"
				WM="--warning"
				ERROR="--error"
			
				FORM="--forms"
				FORMT="--add-entry"
				FORMSELPRE="--add-entry"
				FORMSELPOST=""
				FORMCALPRE="--add-calendar"
				FORMCALPOST=""
				if [ "$(zenity --version | cut -d '.' -f 1 )" -ge 3 ] || [ "$(zenity --version | sed 's|\.||g')" -ge 3102 ] ; then
					FORMCLPOST="--combo-values"
					FORMCLPRE="--add-combo"
				fi
				PRELAB1=""
				POSTLAB1=""
				PRELAB2=""
				POSTLAB2=""
				PRELAB3=""
				POSTLAB3=""
			
				# Zenity <3 does not support custom buttons.
				if [ "$(zenity --version | cut -d '.' -f 1 )" -ge 3 ] ; then
					YES="--ok-label"
					NO="--cancel-label"
					OK="--ok-label"
					CONTINUE="--ok-label"
					CANCEL="--cancel-label"
					#EXTRABUTTON=""
				fi
		
#			elif [ "$i" = "kdialog" ] ; then
#		
#				# CAUTION: All 'kdialog' (TDE, KDE Plasma 4, KDE Plasma 5, KDE Plasma 6,...) are included here!
#			
#				DIALOG="kdialog"
#				if [ "$ICON" != "" ] ; then
#					WICON="--icon $ICON"
#				fi
#				WTITLE="--title"
#				WTEXT=""
#				H=""
#				W=""
#				LH=""
#				# No "--calendar" in TDE-kdialog + No "--date-format" both TDE and Plasma = There is no usable version of kdialog for calendars
#				#CALENDAR="--calendar"
#				#DATEFORMAT="--date-format %Y-%m-%d"
#				#WTIME="--timebox"
#				#TIMEFORMAT="--time-format %H:%M:%S"
#				DSEL="--getexistingdirectory"
#				FSEL="--getsavefilename"
#				#FSEL="--getopenfilename"
#				WRITE="--inputbox"
#				PREWRITE=""
#				COLUMN=""
#				PRINTCOLUMN1=""
#				PRINTCOLUMN2=""
#				HIDECOLUMN1=""
#				HIDECOLUMN2=""
#				#INPUTSEPARATOR=""
#				#OUTPUTSEPARATOR="--separate-output"
#				MONOLIST="--menu"
#				#MONOLIST="--combobox"
#				#MONOLIST="--radiolist"
#				MULTIPLELIST="--separate-output --checklist"
#				PRE=""
#				POST="off"
#				PRES=""
#				POSTS="on"
#			
#				INFO="--msgbox"
#				WAIT="--msgbox"
#			
#				QYN="--yesno"
#				QYNC="--yesnocancel"
#				WYN="--warningyesno"
#				WCC="--warningcontinuecancel"
#				WYNC="--warningyesnocancel"
#				WM="--sorry"
#				ERROR="--error"
#			
#				# No "--form" in any kdialog version
#				#FORM="--form"
#				#FORMT=""
#				#FORMSELPRE=""
#				#FORMSELPOST=""
#				#FORMCALPRE=""
#				#FORMCALPOST=""
#				#FORMCLPRE=""
#				#FORMCLPOST=""
#				#PRELAB1=""
#				#POSTLAB1=""
#				#PRELAB2=""
#				#POSTLAB2=""
#				#PRELAB3=""
#				#POSTLAB3=""
#			
#				# TDE-kdialog does not support custom buttons.
#				if [ "$(kdialog --version | grep -a Qt | grep -aEo "[0-9]" | head -n 1)" -ge 4 ] || [ "$(kdialog --version | grep -aEi kdialog | grep -aEo "[0-9]" | head -n 1)" -gt 1 ] ; then
#					YES="--yes-label"
#					NO="--no-label"
#					OK="--continue-label"
#					CONTINUE="--continue-label"
#					CANCEL="--cancel-label"
#					EXTRABUTTON="--cancel-label"
#				fi
		
			else
		
				true
		
			fi
		
		if [ "$DIALOG" != "" ] ; then break ; fi
		
		fi

	done

fi

if [ "$DIALOG" = "" ] ; then
	echo $"ERROR: No supported dialog is installed. $TITLE cannot continue."
	exit 1
fi


### TERMINAL SELECTION ########################################

if [ "$G" != "N" ] && [ "$(command -v lxterminal sakura xfce4-terminal)" = "" ] ; then $DIALOG $WICON $WTITLE "$TITLE" $WM    $WTEXT $"WARNING: Neither 'lxterminal', nor 'sakura' nor 'xfce4-terminal' are installed, $TITLE might fail." $H $W ; fi

TERMINAL () {
if [ "$G" = "N" ] ; then
	if [ "$TT" != "$TITLE" ] ; then echo "$TT" ; sleep 1 ; fi
	$COM
else
	if [ "$(command -v sakura)" != "" ] ; then
#		sakura -t "$TT" -e "$COM"  # https://bugs.debian.org/782396
		sakura -t "$TT" -x "$COM"  # sakura '-e' bug en Debian 13 "Trixie": Segment violation
	elif [ "$(command -v lxterminal)" != "" ] ; then
		lxterminal -t "$TT" -e "$COM"
	elif [ "$(command -v xfce4-terminal)" != "" ] ; then
		xfce4-terminal -T "$TT" -e "$COM"
	else
		x-terminal-emulator -t "$TT" -e "$COM"
	fi
fi
}


### BASICFUN ########################################

check_exit () {

TAILERRORLOG=$(cat "$ERRORLOG" | grep -aE "[a-zA-Z0-9\=\[]" | tail -n 10 )

echo $(date +%Y-%m-%d_%H:%M:%S)

$DIALOG $WICON $WTITLE "$TITLE" $ERROR $WTEXT $"Stop due to error.\n\n$TAILERRORLOG\n" $H $W

exit 1

}

# "try again or exit" dialog window
input_error () {

echo $(date +%Y-%m-%d_%H:%M:%S)

$DIALOG $WICON $WTITLE "$TITLE" $WYN   $WTEXT $"Something went wrong.\n\nDo you want to try again?" $H $W

if [ "$?" -ne 0 ] ; then
	OPT=""
	SEL=""
	picasig_general
	return 1
else
	OPT=""
	$REFUN
fi

}


### DIRECT SHORTCUT ########################################

PREPATH=$(echo "$*" | tr " " "\n" | grep -aEi "^/")
if [ "$PREPATH" != "" ] && [ "$(echo "$PREPATH" | grep -a -c ^)" -eq 1 ] ; then
	if   [ "$(LANG=C file "$PREPATH" | grep -aEi "encrypt")" != "" ] ; then
		SW="GnuPG"
		OPT=$"Decrypt file"
		SEL="$PREPATH"
		EXIT="Y"
	elif [ "$(echo "$PREPATH" | grep -aEi "\.int\.gpg$|\.int\.pgp$|\.int\.gnupg$|\.int\.sig$|\.int\.asc$")" != "" ] ; then
		SW="GnuPG"
		OPT=$"Check signature (signature included inside the file)"
		SEL="$PREPATH"
		EXIT="Y"
	elif [ "$(echo "$PREPATH" | grep -aEi "\.gpg$|\.pgp$|\.gnupg$|\.sig$|\.asc$")" != "" ] ; then
		SW="GnuPG"
		OPT=$"Check signature (signature in another file)"
		SEL1="$PREPATH"
		SEL2="$(echo "$PREPATH" | sed -e "s|\.ext\.gpg$||g" -e "s|\.ext\.pgp$||g" -e "s|\.ext\.gnupg$||g" -e "s|\.ext\.sig$||g" -e "s|\.ext\.asc$||g" -e "s|\.gpg$||g" -e "s|\.pgp$||g" -e "s|\.gnupg$||g" -e "s|\.sig$||g" -e "s|\.asc$||g")"
		EXIT="Y"
	elif [ "$(echo "$PREPATH" | grep -aEi "\.int\.ccr$|\.int\.codecrypt$")" != "" ] ; then
		SW="codecrypt"
		OPT=$"Check signature (signature included inside the file)"
		SEL="$PREPATH"
		EXIT="Y"
	elif [ "$(echo "$PREPATH" | grep -aEi "\.ccr$|\.codecrypt$")" != "" ] ; then
		SW="codecrypt"
		OPT=$"Check signature (signature in another file)"
		SEL1="$PREPATH"
		SEL2="$(echo "$PREPATH" | sed -e "s|\.ext\.ccr$||g" -e "s|\.ext\.codecrypt$||g" -e "s|\.ccr$||g" -e "s|\.codecrypt$||g")"
		EXIT="Y"
	else
		true
	fi
fi


### WELCOME ########################################

	if [ "$SW" = "" ] ; then

if [ "$WELCOME" != "N" ] ; then

$DIALOG $WICON $WTITLE "$TITLE" $INFO  $WTEXT $"Welcome to $TITLE.\n\n$TITLE is a tool to encrypt and sign.\n\n$TITLE is libre/free software, licensed according to 'GNU AGPL version 3.0'.\n\nIt is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY.\n\nMore information at www.picalibre.org\n" $H $W

if [ "$?" -ne 0 ] ; then
	exit 0
fi

fi

	fi


### IMPORT OFFICIAL SYSTEM KEYRINGS ########################################

	$DIALOG $WICON $WTITLE "$TITLE" $OK " " $WAIT  $WTEXT $"Please wait..." $H $W &
	PIDDIALOGEXPORT=$( echo $! )
if [ "$GPGIMPORT" != "N" ] && [ "$(command -v gpg )" != "" ] ; then
	ls /usr/share/keyrings/ | grep -aEi 'gpg|gnupg|pgp' | grep -aEiv 'removed|deleted|obsoleted|deprecated' | while read i ; do gpg --import /usr/share/keyrings/$i ; done
	STEST=$( expr $(stat -c "%s" "$HOME/.gnupg/pubring.gpg~") / $(stat -c "%s" "$HOME/.gnupg/pubring.gpg") ) ; if [ "$STEST" -gt 4 ] ; then cp -a --remove-destination "$HOME/.gnupg/pubring.gpg~" "$HOME/.gnupg/pubring.gpg" ; fi
fi
if [ "$CCRIMPORT" != "N" ] && [ "$(command -v ccr )" != "" ] ; then
	ls /usr/share/keyrings/ | grep -aEi 'ccr|codecrypt' | grep -aEiv 'removed|deleted|obsoleted|deprecated' | while read i ; do ccr --import -y --in /usr/share/keyrings/$i ; done
	STEST=$( expr $(stat -c "%s" "$HOME/.ccr/secrets~") / $(stat -c "%s" "$HOME/.ccr/secrets") ) ; if [ "$STEST" -gt 4 ] ; then cp -a --remove-destination "$HOME/.ccr/secrets~" "$HOME/.ccr/secrets" ; fi
	STEST=$( expr $(stat -c "%s" "$HOME/.ccr/pubkeys~") / $(stat -c "%s" "$HOME/.ccr/pubkeys") ) ; if [ "$STEST" -gt 4 ] ; then cp -a --remove-destination "$HOME/.ccr/pubkeys~" "$HOME/.ccr/pubkeys" ; fi
fi
	kill $PIDDIALOGEXPORT 2>/dev/null


### DO NOT REMEMBER PASSWORD ########################################

norepass () {
if [ -e "$HOME/.gnupg/" ] && [ ! -e "$HOME/.gnupg/gpg-agent.conf" ] ; then
cat >> $HOME/.gnupg/gpg-agent.conf <<EOF
default-cache-ttl 0
default-cache-ttl-ssh 0
max-cache-ttl 0
max-cache-ttl-ssh 0
EOF
fi
}
norepass


### SCRIPT TERMINAL ########################################

CTERMINAL () {

if [ "$TT" = "" ] ; then
	TT="$OPT"
fi

cat > /tmp/$CNAME <<EOF
#!/bin/bash

CNAME=$CNAME
VERSION=$VERSION
TITLE=$TITLE

# Translations
if [ "\$LANG" = "" ] ; then export $(cat /etc/default/locale | grep -a 'LANG=') ; fi
TEXTDOMAIN=$TEXTDOMAIN
TEXTDOMAINDIR=$TEXTDOMAINDIR

#ERRORLOG="$ERRORLOG"
#if [ "$DEBUG" = "Y" ] ; then
#	exec > >(tee -a "$ERRORLOG") 2>&1 ; set -xv
#fi
#if [ "$DEBUG" != "N" ] ; then
#exec > >(tee -a "\$ERRORLOG") 2>&1
#echo "\$0" "\$*" >> "\$ERRORLOG"
#fi

################################

#if [ "$DEBUG" = "Y" ] ; then
#	SCOM=$(echo "$SCOM" | sed 's|^gpg |gpg -v --debug lookup |g')
#	SCOMA=$(echo "$SCOMA" | sed 's|^gpg |gpg -v --debug lookup |g')
#fi

exec 2>&1

#if [ "$(dpkg -l | grep -aEi "^ii|^hi" | awk '{print $2}' | sed "s|:.*||g" | grep -aEi "^pinentry" )" = "" ] ; then
if [ "\$(tty 1>>$ERRORLOG ; echo \$?)" -eq 0 ] ; then
	export GPG_TTY=\$(tty)
fi
#fi

if [ "$EXPLIC" != "" ] ; then
printf "$EXPLIC"
fi

$SCOM

if [ "\$?" -ne 0 ] ; then
	if [ "$(echo "$SCOMA" | grep -a -c .)" -ne 0 ] ; then
		$SCOMA
		if [ "\$?" -ne 0 ] ; then
			echo " "
			echo -e "\e[1;31m"$"ERROR""\e[0m"
		else
			echo " "
			echo -e "\e[1;32m"$"Good""\e[0m"
		fi
	else
		echo " "
		echo -e "\e[1;31m"$"ERROR""\e[0m"
	fi
else
	echo " "
	echo -e "\e[1;32m"$"Good""\e[0m"
fi
echo " "
echo $"Close this window or press the 'Enter/Return' key (usually the largest key on the keyboard after the 'space' key) to close."
echo " "
read KEY

EOF

chmod +x "/tmp/$CNAME"

exec >/dev/tty
COM="bash /tmp/$CNAME" ; TERMINAL
if [ "$DEBUG" != "N" ] ; then
	exec > >(tee -a "$ERRORLOG") 2>&1
fi

rm -f "/tmp/$CNAME"
SCOM=""
SCOMA=""
OPT=""

norepass

}


### SEL ########################################

selfile () {

if [ "$SELTEXT" = "" ] ; then
	SELTEXT=$"Select the file"
fi

SEL=$($DIALOG $WICON $WTITLE "$SELTEXT" $FSEL /home/ $H $W)

	if [ "$?" -ne 0 ] ; then
		OPT=""
		SEL=""
		picasig_general
		return 1
	fi

	if [ "$SEL" = "" ] ; then
		SEL=""
		REFUN=picasig_general
		input_error ; return
	fi

	if [ ! -f "$SEL" ] ; then
		SEL=""
		REFUN=picasig_general
		input_error ; return
	fi

SELTEXT=""

}

seldir () {
	SEL=$($DIALOG $WICON $WTITLE $"Select a folder/directory for the file" $DSEL /home/ $H $W)
	
	if [ "$?" -ne 0 ] ; then
		OPT=""
		SEL=""
		picasig_general
		return 1
	fi

	if [ "$SEL" = "" ] ; then
		SEL=""
		REFUN=picasig_general
		input_error ; return
	fi

	if [ ! -d "$SEL" ] ; then
		SEL=""
		REFUN=picasig_general
		input_error ; return
	fi

}

writeid () {

if [ "$SW" = "GnuPG" ] ; then
	IDTEXT=$"Please write the key identifier (the final 8 numbers/letters is enough, for example 5B8647E8).\n"
elif [ "$SW" = "codecrypt" ] ; then
	IDTEXT=$"Please write part of the name or e-mail or the first characters of the key identifier.\n"
else
	check_exit
fi

ID=$($DIALOG $WICON $WTITLE "$TITLE" $WRITE $WTEXT "$IDTEXT" $H $W)

	if [ "$?" -ne 0 ] ; then
		OPT=""
		picasig_general
		return 1
	fi

	if [ "$ID" = "" ] ; then
		REFUN=picasig_general
		input_error ; return
	fi
}

writetxt () {
TXT=$($DIALOG $WICON $WTITLE "$TITLE" $WRITE $WTEXT $"Please write the key identifier, full name or e-mail you want to search.\n" $H $W)

	if [ "$?" -ne 0 ] ; then
		OPT=""
		picasig_general
		return 1
	fi

	if [ "$TXT" = "" ] ; then
		REFUN=picasig_general
		input_error ; return
	fi
}

writename () {
TXT=$($DIALOG $WICON $WTITLE "$TITLE" $WRITE $WTEXT $"Please write full name and e-mail.\n" $H $W)

	if [ "$?" -ne 0 ] ; then
		OPT=""
		picasig_general
		return 1
	fi

	if [ "$TXT" = "" ] ; then
		REFUN=picasig_general
		input_error ; return
	fi
}


### SCRIPT ########################################

	if [ "$SW" = "" ] ; then

if [ "$(command -v ccr )" != "" ] ; then

	GPGVERS=$(dpkg -l | awk '{if ($2 == "gpg" || $2 == "gnupg") print $3}' | awk -F '.' '{print $1$2}' | sort -n -r | head -n 1)
	
	if [ "$GPGVERS" -gt 24 ] ; then
		SWTEXT=$"Two options:\n\n* 'GnuPG' ('gpg'): Widespread use, key servers are available, the latest versions want to be resistant to quantum computing.\n\n* 'codecrypt' ('ccr'): Not widespread use, no key servers are available, wants to be resistant to quantum computing.\n\nPlease select an option:"
	else
		SWTEXT=$"Two options:\n\n* 'GnuPG' ('gpg'): Widespread use, key servers are available, but possibly vulnerable to quantum computing.\n\n* 'codecrypt' ('ccr'): Not widespread use, no key servers are available, wants to be resistant to quantum computing.\n\nPlease select an option:"
	fi

	SW=$($DIALOG $WICON $WTITLE "$TITLE" $MONOLIST $WTEXT "$SWTEXT" $H $W $LH $COLUMN $COLUMN \
	"GnuPG" " " \
	"codecrypt" " " \
	$"Close" " " \
	| head -n 1 )

	if [ "$?" -ne 0 ] || [ "$SW" = "" ] ; then
		exit 0
	fi

	if [ "$SW" = $"Close" ] ; then
		exit 0
	fi

elif [ "$(command -v gpg )" != "" ] ; then

	SW="GnuPG"

else

	check_exit

fi

	fi


picasig_gpg () {

TT=""
EXPLIC=""

	if [ "$OPT" = "" ] ; then

OPT=$($DIALOG $WICON $WTITLE "$TITLE" $MONOLIST $WTEXT $"Please select an option:" $H $W $LH $COLUMN $COLUMN \
$"List known public keys" " " \
$"List personal keys" " " \
$"Read key file" " " \
$"Import key file in text format" " " \
$"Import key file in binary format" " " \
$"Import public key from server" " " \
$"Search keys in server" " " \
$"Update keys from server" " " \
$"Modify key" " " \
$"Delete public key" " " \
$"Delete personal key" " " \
$"Check signature (signature included inside the file)" " " \
$"Check signature (signature in another file)" " " \
$"Sign file (signature included inside the file)" " " \
$"Sign file (signature in another file)" " " \
$"Sign public key" " " \
$"Encrypt file" " " \
$"Decrypt file" " " \
$"Create personal keys (slow)" " " \
$"Export personal public key in text format" " " \
$"Export personal public key in binary format" " " \
$"Export public key to server" " " \
$"Close" " " \
| head -n 1 )

if [ "$?" -ne 0 ] || [ "$OPT" = "" ] ; then
	exit 0
fi

	fi

case $OPT in

$"Close" )
	exit 0
;;

$"List known public keys" )
# --list-options show-usage
	EXPLIC=$"Meaning of the abbreviations (SCEA):\nE = encryption\nS = signing\nC = certification\nA = authentication\n\n"
	SCOM="gpg --list-public-keys"
	CTERMINAL
	picasig_gpg
;;

$"List personal keys" )
# --list-options show-usage
	EXPLIC=$"Meaning of the abbreviations (SCEA):\nE = encryption\nS = signing\nC = certification\nA = authentication\n\n"
	SCOM="gpg --list-secret-keys"
	CTERMINAL
	picasig_gpg
;;

$"Read key file" )
	selfile
	SCOM="gpg \"$SEL\""
	CTERMINAL
	SEL=""
	picasig_gpg
;;

$"Import key file in text format" )
	selfile
	SCOM="gpg -a --import \"$SEL\""
	CTERMINAL
	SEL=""
	picasig_gpg
;;

$"Import key file in binary format" )
	selfile
	SCOM="gpg --import \"$SEL\""
	CTERMINAL
	SEL=""
	picasig_gpg
;;

$"Import public key from server" )
	writeid
#	SCOM="gpg --keyserver keys.openpgp.org --recv-keys \"$ID\""
#	SCOMA="gpg --keyserver pgp.mit.edu --recv-keys \"$ID\""
	SCOM="gpg --keyserver pgpkeys.eu --recv-keys \"$ID\""
	SCOMA="gpg --keyserver keyserver.ubuntu.com --recv-keys \"$ID\""
	CTERMINAL
	picasig_gpg
;;

$"Search keys in server" )
	writetxt
#	SCOM="gpg --keyserver keys.openpgp.org --search-keys \"$TXT\""
#	SCOMA="gpg --keyserver pgp.mit.edu --search-keys \"$TXT\""
	SCOM="gpg --keyserver pgpkeys.eu --search-keys \"$TXT\""
	SCOMA="gpg --keyserver keyserver.ubuntu.com --search-keys \"$TXT\""
	CTERMINAL
	picasig_gpg
;;

$"Update keys from server" )
#	SCOM="gpg --keyserver keys.openpgp.org --refresh-keys"
#	SCOMA="gpg --keyserver pgp.mit.edu --refresh-keys"
	SCOM="gpg --keyserver pgpkeys.eu --refresh-keys"
	SCOMA="gpg --keyserver keyserver.ubuntu.com --refresh-keys"
	CTERMINAL
	picasig_gpg
;;

$"Modify key" )
	writeid
	EXPLIC=$"Some useful commands:\naddkey\t\tAdd a subkey.\ntrust\t\tChange the level of trust in the owner of the key.\nchange-usage\tChange allowed uses (encryption, signing, certification, authentication).\nsave\t\tSave all changes and close.\nquit\t\tClose without saving.\n\n"
	SCOM="gpg --edit-key \"$ID\""
	CTERMINAL
	picasig_gpg
;;

$"Delete public key" )
	writeid
	SCOM="gpg --delete-key \"$ID\""
	CTERMINAL
	picasig_gpg
;;

$"Delete personal key" )
	writeid
	SCOM="gpg --gen-revoke -o revoke.asc \"$ID\" ; gpg --import revoke.asc ; rm revoke.asc ; gpg --keyserver pgpkeys.eu --send-keys \"$ID\" ; gpg --keyserver keyserver.ubuntu.com --send-keys \"$ID\" ; gpg --keyserver keys.openpgp.org --send-keys \"$ID\" ; gpg --keyserver pgp.mit.edu --send-keys \"$ID\" ; gpg -a --export \"$ID\" ; gpg --delete-secret-key \"$ID\" ; gpg --delete-key \"$ID\""
	CTERMINAL
	picasig_gpg
;;

$"Check signature (signature included inside the file)" )
		if [ "$SEL" = "" ] ; then
	selfile
		fi
	SCOM="gpg --verify \"$SEL\""
	CTERMINAL
	SEL=""
		if [ "$EXIT" != "Y" ] ; then
	picasig_gpg
		fi
;;

$"Check signature (signature in another file)" )
		if [ "$SEL1" = "" ] || [ "$SEL2" = "" ] ; then
	SELTEXT=$"Select the signature"
	selfile
	SEL1="$SEL"
	SELTEXT=$"Select the file"
	selfile
	SEL2="$SEL"
		fi
	SCOM="gpg --verify \"$SEL1\" \"$SEL2\""
	CTERMINAL
	SEL=""
		if [ "$EXIT" != "Y" ] ; then
	picasig_gpg
		fi
;;

$"Sign file (signature included inside the file)" )
	selfile
	SCOM="gpg --clearsign -o \"$SEL\".int.gpg \"$SEL\""
	SCOMA="gpg --clearsign < \"$SEL\" > \"$SEL\".int.gpg"
	CTERMINAL
	SEL=""
	picasig_gpg
;;

$"Sign file (signature in another file)" )
	selfile
	SCOM="gpg -a -b -o \"$SEL\".ext.gpg \"$SEL\""
	SCOMA="gpg -a -b < \"$SEL\" > \"$SEL\".ext.gpg"
	CTERMINAL
	SEL=""
	picasig_gpg
;;

$"Sign public key" )
	writeid
	SCOM="gpg --sign-key \"$ID\""
	CTERMINAL
	picasig_gpg
;;

$"Encrypt file" )
	selfile
	writeid
	SCOM="gpg -se -r \"$ID\" -o \"$SEL\".gpg \"$SEL\""
	SCOMA="gpg -se -r \"$ID\" \"$SEL\" > \"$SEL\".gpg"
	CTERMINAL
	SEL=""
	picasig_gpg
;;

$"Decrypt file" )
		if [ "$SEL" = "" ] ; then
	selfile
		fi
	SCOM="gpg -d -o \"$(echo "$SEL" | sed "s|\....$||g")\" \"$SEL\""
	SCOMA="gpg -d \"$SEL\" > \"$(echo "$SEL" | sed "s|\....$||g")\""
	CTERMINAL
	SEL=""
		if [ "$EXIT" != "Y" ] ; then
	picasig_gpg
		fi
;;

$"Create personal keys (slow)" )
	$DIALOG $WICON $WTITLE "$TITLE" $INFO  $WTEXT $"To speed up the creation of the personal keys, work with the computer: move the mouse, write text with the keyboard,... you can play music and video, record sound if the computer has a microphone,..." $H $W
	if [ "$(gpg -h | grep -a "full-generate-key")" != "" ] ; then
		SCOM="gpg --full-generate-key"
	else
		SCOM="gpg --gen-key"
	fi
	CTERMINAL
	picasig_gpg
;;

$"Export personal public key in text format" )
	writeid
	seldir
	SCOM="gpg -a --export -o \"$SEL\"/\"$ID\".agpg \"$ID\""
	SCOMA="gpg -a --export \"$ID\" > \"$SEL\"/\"$ID\".agpg"
	CTERMINAL
	SEL=""
	picasig_gpg
;;

$"Export personal public key in binary format" )
	writeid
	seldir
	SCOM="gpg --export -o \"$SEL\"/\"$ID\".gpg \"$ID\""
	SCOMA="gpg --export \"$ID\" > \"$SEL\"/\"$ID\".gpg"
	CTERMINAL
	SEL=""
	picasig_gpg
;;

$"Export public key to server" )
	writeid
#	SCOM="gpg --keyserver keys.openpgp.org --send-keys \"$ID\""
#	SCOMA="gpg --keyserver pgp.mit.edu --send-keys \"$ID\""
	SCOM="gpg --keyserver pgpkeys.eu --send-keys \"$ID\""
	SCOMA="gpg --keyserver keyserver.ubuntu.com --send-keys \"$ID\""
	CTERMINAL
	picasig_gpg
;;

* )
	echo "OPT=$OPT"
	check_exit
;;

esac

}


picasig_ccr () {

TT=""

	if [ "$OPT" = "" ] ; then

OPT=$($DIALOG $WICON $WTITLE "$TITLE" $MONOLIST $WTEXT $"Please select an option:" $H $W $LH $COLUMN $COLUMN \
$"List known public keys" " " \
$"List personal keys" " " \
$"Read key file" " " \
$"Import key file in text format" " " \
$"Import key file in binary format" " " \
$"Modify key" " " \
$"Delete public key" " " \
$"Delete personal key" " " \
$"Check signature (signature included inside the file)" " " \
$"Check signature (signature in another file)" " " \
$"Sign file (signature included inside the file)" " " \
$"Sign file (signature in another file)" " " \
$"Encrypt file" " " \
$"Decrypt file" " " \
$"Create personal keys (slow)" " " \
$"Export personal public key in text format" " " \
$"Export personal public key in binary format" " " \
$"Close" " " \
| head -n 1 )

if [ "$?" -ne 0 ] || [ "$OPT" = "" ] ; then
	exit 0
fi

	fi

case $OPT in

$"Close" )
	exit 0
;;

$"List known public keys" )
	SCOM="ccr --list"
	CTERMINAL
	picasig_ccr
;;

$"List personal keys" )
	SCOM="ccr --list-secret"
	CTERMINAL
	picasig_ccr
;;

$"Read key file" )
	selfile
	SCOM="ccr --list --in \"$SEL\""
	SCOMA="ccr --list < \"$SEL\""
	CTERMINAL
	SEL=""
	picasig_ccr
;;

$"Import key file in text format" )
	selfile
	SCOM="ccr -a --import -y --in \"$SEL\""
	SCOMA="ccr -a --import -y < \"$SEL\""
	CTERMINAL
	SEL=""
	picasig_ccr
;;

$"Import key file in binary format" )
	selfile
	SCOM="ccr --import -y --in \"$SEL\""
	SCOM="ccr --import -y < \"$SEL\""
	CTERMINAL
	SEL=""
	picasig_ccr
;;

$"Modify key" )
	writeid
	writename
	SCOM="ccr --rename \"$ID\" -N \"$NAME\""
	CTERMINAL
	picasig_ccr
;;

$"Delete public key" )
	writeid
	SCOM="ccr --delete \"$ID\""
	CTERMINAL
	picasig_ccr
;;

$"Delete personal key" )
	writeid
	SCOM="ccr --delete-secret \"$ID\" ; ccr --delete \"$ID\""
	CTERMINAL
	picasig_ccr
;;

$"Check signature (signature included inside the file)" )
		if [ "$SEL" = "" ] ; then
	selfile
		fi
	SCOM="ccr -v -C --in \"$SEL\""
	SCOMA="ccr -v -C < \"$SEL\""
	CTERMINAL
	SEL=""
		if [ "$EXIT" != "Y" ] ; then
	picasig_ccr
		fi
;;

$"Check signature (signature in another file)" )
		if [ "$SEL1" = "" ] || [ "$SEL2" = "" ] ; then
	SELTEXT=$"Select the signature"
	selfile
	SEL1="$SEL"
	SELTEXT=$"Select the file"
	selfile
	SEL2="$SEL"
		fi
	SCOM="ccr -v -a -b \"$SEL1\" --in \"$SEL2\""
	SCOMA="ccr -v -a -b \"$SEL1\" < \"$SEL2\""
	CTERMINAL
	SEL=""
		if [ "$EXIT" != "Y" ] ; then
	picasig_ccr
		fi
;;

$"Sign file (signature included inside the file)" )
	selfile
	SCOM="ccr -s -C -o \"$SEL\".int.ccr --in \"$SEL\""
	SCOMA="ccr -s -C < \"$SEL\" > \"$SEL\".int.ccr"
	CTERMINAL
	SEL=""
	picasig_ccr
;;

$"Sign file (signature in another file)" )
	selfile
	SCOM="ccr -s -a -b \"$SEL\".ext.ccr --in \"$SEL\""
	SCOMA="ccr -s -a -b \"$SEL\".ext.ccr < \"$SEL\""
	CTERMINAL
	SEL=""
	picasig_ccr
;;

$"Encrypt file" )
	selfile
	writeid
	SCOM="ccr -se -r \"$ID\" -o \"$SEL\".ccr --in \"$SEL\""
	SCOMA="ccr -se -r \"$ID\" < \"$SEL\" > \"$SEL\".ccr"
	CTERMINAL
	SEL=""
	picasig_ccr
;;

$"Decrypt file" )
	selfile
	SCOM="ccr -dv -o \"$(echo "$SEL" | sed "s|\....$||g")\" --in \"$SEL\""
	SCOMA="ccr -dv < \"$SEL\" > \"$(echo "$SEL" | sed "s|\....$||g")\""
	CTERMINAL
	SEL=""
	picasig_ccr
;;

$"Create personal keys (slow)" )
	writename
	$DIALOG $WICON $WTITLE "$TITLE" $INFO  $WTEXT $"To speed up the creation of the personal keys, work with the computer: move the mouse, write text with the keyboard,... you can play music and video, record sound if the computer has a microphone,..." $H $W
	SCOM="ccr --gen-key SIG-256 -N \"$NAME\" ; ccr --gen-key ENC-256 -N \"$NAME\" ; ccr -L"
	CTERMINAL
	picasig_ccr
;;

$"Export personal public key in text format" )
	writeid
	seldir
	SCOM="ccr -a --export -o \"$SEL\"/\"$ID\".accr -F \"$ID\""
	SCOMA="ccr -a --export -F \"$ID\" > \"$SEL\"/\"$ID\".accr"
	CTERMINAL
	SEL=""
	picasig_ccr
;;

$"Export personal public key in binary format" )
	writeid
	seldir
	SCOM="ccr --export -o \"$SEL\"/\"$ID\".ccr -F \"$ID\""
	SCOMA="ccr --export -F \"$ID\" > \"$SEL\"/\"$ID\".ccr"
	CTERMINAL
	SEL=""
	picasig_ccr
;;

* )
	echo "OPT=$OPT"
	check_exit
;;

esac

}


picasig_general () {
if [ "$SW" = "GnuPG" ] ; then
	picasig_gpg
elif [ "$SW" = "codecrypt" ] ; then
	picasig_ccr
else
	check_exit
fi
}

picasig_general


### END ########################################

#$DIALOG $WICON $WTITLE "$TITLE" $INFO  $WTEXT $"$TITLE finished.\n\nThank you very much for using PicaLibre. Visit the website www.picalibre.org for more information.\n" $H $W

exit 0
