#!/bin/bash

SERVER='https://nektek.games/'
KEY_NAME='id_nektek.pub'
[ "$#" -ge 1 ] && SIGNATURES="$@" || SIGNATURES=$(ls *.sig)

C_RED='\033[0;31m'
C_GREEN='\033[0;32m'
C_RESET='\033[0m'

if ! command -v gpg >/dev/null && command -v curl >/dev/null; then
    echo 'This script requires gpg and curl to be installed.'
    exit 1
fi

echo 'Check if NekTek public key is up to date...'
gpg -k $(curl "$SERVER/$KEY_NAME.fp" 2>/dev/null) >/dev/null 2>&1 || curl "$SERVER/$KEY_NAME" | gpg --import

has_invalid=false
echo 'Checking validity of files...'
for signature in ${SIGNATURES[@]}; do
    data_file=${signature%.*}

    if gpg --verify "$signature" "$data_file" >/dev/null 2>&1; then
        echo -e "- ${C_GREEN}Valid: $data_file${C_RESET}"
    else
        echo -e "- ${C_RED}Invalid: $data_file${C_RESET}"
        has_invalid=true
    fi
done

if $has_invalid; then
    echo 'Please reacquire the files listed as invalid from their respective sources.'
    echo 'Since file tampering cannot be ruled out, use them at your own risk.'
else
    echo 'All files valid and originating from NekTek Games.'
fi