#!/bin/bash

set -e
set -o pipefail

read -n 4096 cmd
cmd=$(echo "$cmd" | base64 -d)

if [ "$cmd" == "init" ] ; then

  if test -f "$HOME"/.password-store/.gpg-id ; then
      key=$(cat "$HOME"/.password-store/.gpg-id)
      echo "Not creating -- password store already exists and uses GPG key $key." >&2
      exit 8
  fi

  keys=()
  while read -n 128 key ; do
    key=$(echo "$key" | base64 -d)
    keys+=("$key")
  done

  pass init "${keys[@]}"
  echo "Do not forget to back up your password store regularly." >&2
  echo "To back up your password store, back up the entire $HOSTNAME VM using Qubes backup." >&2
  echo "Key files to backup: $HOME/.password-store and $HOME/.gnupg2" >&2

elif [ "$cmd" == "generate" ] ; then

  read -n 4096 entry
  read -n 4096 nosymbols
  read -n 4096 numchars
  entry=$(echo "$entry" | base64 -d)
  nosymbols=$(echo "$nosymbols" | base64 -d)
  numchars=$(echo "$numchars" | base64 -d)

  logger -t ruddo.PassManage "creating password entry $entry"
  ret=0
  if [ "$nosymbols" == "1" ] ; then
    pass generate -n -f -- "$entry" "$numchars" || ret=$?
  else
    pass generate -f -- "$entry" "$numchars" || ret=$?
  fi
  if [ "$ret" != "0" ] ; then
    logger -t ruddo.PassManage "Password generation failed: $out" >&2
    exit "$ret"
  fi

elif [ "$cmd" == "insert" ] ; then

  read -n 4096 entry
  read -n 4096 multiline
  entry=$(echo "$entry" | base64 -d)
  multiline=$(echo "$multiline" | base64 -d)

  logger -t ruddo.PassManage "creating password entry $entry"

  if [ "$multiline" == "1" ] ; then
      base64 -d - | pass insert --multiline --force -- "$entry" | (egrep -v '(when finished:|^$)' || true)
  else
      base64 -d - | pass insert -e --force -- "$entry"
  fi

elif [ "$cmd" == "rm" ] ; then

  read -n 4096 entry
  entry=$(echo "$entry" | base64 -d)

  logger -t ruddo.PassManage "removing password entry $entry"

  pass rm -- "$entry"

elif [ "$cmd" == "mv" -o "$cmd" == "cp" ] ; then

  read -n 4096 entry
  entry=$(echo "$entry" | base64 -d)
  read -n 4096 newentry
  newentry=$(echo "$newentry" | base64 -d)
  read -n 4096 force
  force=$(echo "$force" | base64 -d)
  if [ "$force" == "1" ] ; then
      force=-f
  else
      force=
  fi

  logger -t ruddo.PassManage "$cmd password entry $entry to $entry"

  pass "$cmd" $f -- "$entry" "$newentry"

fi