#!/bin/rc
# pgp encrypt incoming upas mail

# make sure temporary things are stored in ram
ramfs -p -m /mail/tmp || exit $status
ramfs -p -m /tmp || exit $status

# standard library.  saves the message on standard input in $TMP.msg and
# parses it into /mail/fs/mbox/1.
. /mail/lib/pipeto.lib $*

# keyring holding public key
keyfile=/usr/$USER/lib/mail.gpg
# email of public key to use in keyring
email=mischief@offblast.org

BPGPM='-----BEGIN PGP MESSAGE-----'
EPGPM='-----END PGP MESSAGE-----'
BPGPS='-----BEGIN PGP SIGNATURE-----'
EPGPS='-----END PGP SIGNATURE-----'

# reload upas/fs after changing the raw email
fn reload {
	unmount /mail/fs
	upas/fs -pf $TMP.msg || exit $status
}

# encrypt the email body to $1 and fix content-type
fn encrypt {

	# get the body of the message with ssam and gpgenc it to $1
	{
		{cat $TMP.msg; echo} |
			ssam '0
+/^$
+/^
.,$ | gpgenc -e '^$1^' -k '^$2
	} | sed 's/^Content-[Tt]ype.*$/Content-Type: application\/pgp; format=text; x-action=encrypt/' > $TMP.msg.enc || exit $status

	# restart upasfs
	mv $TMP.msg.enc $TMP.msg || exit $status
	reload || exit $status
}

if (! grep -s -e '^Content-Type: message' $D/rawheader && ! grep -s -e '^Content-Type: multipart' $D/rawheader && ! grep -s -e '^Content-Type: application\/pgp' $D/rawheader) {
	encrypt $email $keyfile || exit $status
}

spool