#!/bin/sh  

#  Copyright 2002 Jose Nazario <jose@monkey.org>
#  All rights reserved.
#
#  Redistribution and use in source and binary forms, with or without
#  modification, are permitted provided that the following conditions
#  are met:
#  1. Redistributions of source code must retain the above copyright
#     notice, this list of conditions and the following disclaimer.
#  2. Redistributions in binary form must reproduce the above copyright
#     notice, this list of conditions and the following disclaimer in the
#     documentation and/or other materials provided with the distribution.
#
#  THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
#  IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
#  OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
#  IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
#  INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
#  NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
#  DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
#  THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
#  (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
#  THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

usage () {
	echo "usage: extract <archive>"
	echo "       archive and archive.sig must be in the same directory."
	exit
}

# pre check
if [ -x /usr/local/bin/gpg ] ; then
	true
else
	echo "cannot find /usr/local/bin/gpg executable. quitting."
	exit
fi

# ensure we have something to do
if [ $# -lt 1 ]; then
        echo "missing parameters"
        usage
fi

# ensure $1.sig exists.
if [ -f $1.sig ]; then
	true
else
	echo "missing .sig file: $1.sig"
	usage
fi

# if we haven't been here and done that, initialize the directory.
if [[ -d ${HOME}/.gnupg/ ]]; then
	true
else 
	gpg --keyserver pgp.mit.edu --recv-key 1373
fi

let verified=0
gpg --verify $1.sig $1 > /tmp/extract.out 2>&1

# all is good.
if [[ -n `grep "Good signature" /tmp/extract.out` ]]; then
	verified=1
fi

# we cannot figure this out, unable to fetch the key ..
if [[ -n `grep "key not found" /tmp/extract.out` ]]; then

	# XXX 	some stupid error in this script ... dunno why
	if ${verified}; then
		break
	fi

	echo "key not found. fetching ..."
	export KEYID=`awk '{if ($0 ~/Signature/) print $NF}' /tmp/extract.out`
	echo "key id is ${KEYID}"
	gpg --keyserver pgp.mit.edu --recv-keys ${KEYID}
	echo "fetched ... starting over ..."
	rm -f /tmp/extract.out
	extract $@
fi

if [ ${verified} -gt -1 ]; then
	# bad signature. throw error, quit.
	if [[ -n `grep "BAD" /tmp/extract.out`  ]]; then
		echo "*** WARNING ****"
		echo "signature FAILED for $1"
		exit 
	fi
fi

# cleanup
rm /tmp/extract.out

if [ ${verified} ]; then
	echo "we have a good signature! let's go!"
	exec tar -zxvf $1
fi