#!/bin/sh

set -e

usage() {
    echo "Usage: apt-key [command] [arguments]"
    echo
    echo "Manage apt's list of trusted keys"
    echo
    echo "  apt-key add <file>          - add the key contained in <file> ('-' for stdin)"
    echo "  apt-key del <keyid>         - remove the key <keyid>"
    echo "  apt-key list                - list keys"
    echo
}

command="$1"
if [ -z "$command" ]; then
    usage
    exit 1
fi
shift

if [ "$command" != "help" ] && ! which gpg >/dev/null 2>&1; then
    echo >&2 "Warning: gnupg does not seem to be installed."
    echo >&2 "Warning: apt-key requires gnupg for most operations."
    echo >&2
fi

# We don't use a secret keyring, of course, but gpg panics and
# implodes if there isn't one available

GPG="gpg --no-options --no-default-keyring --keyring /etc/apt/trusted.gpg --secret-keyring /etc/apt/secring.gpg --trustdb-name /etc/apt/trustdb.gpg"

case "$command" in
    add)
        $GPG --quiet --batch --import "$1"
        echo "OK"
        ;;
    del|rm|remove)
        $GPG --quiet --batch --delete-key --yes "$1"
        echo "OK"
        ;;
    list)
        $GPG --batch --list-keys
        ;;
    finger*)
        $GPG --batch --fingerprint
        ;;
    adv*)
        echo "Executing: $GPG $*"
        $GPG $*
        ;;
    help)
        usage
        ;;
    *)
        usage
        exit 1
        ;;
esac