#!/bin/sh

set -e

if [ $# -lt 1 ]; then
    echo "usage: gpvi FILENAME" >&2
    exit 1
fi

file="$1"; shift

rcpt="$(gpg --batch --quiet --decrypt --list-only --status-fd 1 <"$file" | sed -n '/^\[GNUPG:\]/s/^.*ENC_TO \([^ ]*\) .*$/-r \1/p')"
tf="$(mktemp /tmp/gpvi.XXXXXX)"

gpg --quiet --decrypt --armor <"$file" >"$tf"
omd5="$(md5sum "$tf")"
vi -n "$tf"
nmd5="$(md5sum "$tf")"
if [ "$omd5" != "$nmd5" ]; then
    gpg --quiet --encrypt --armor $rcpt <"$tf" >"${file}.new"
    rm -f "$file~"
    ln "$file" "$file~"
    mv "${file}.new" "$file"
else
    echo "gpvi: file left unchanged, not overwriting old" >&2
fi

shred -u "$tf"