#!/bin/bash -e

# Instead of calling gpg, call gpgv and provide a local keyring

debian_dir="$(readlink -f "$(dirname "$0")/..")"

# Parse the expected options.  If the next two lines are combined, a
# failure of getopt won't cause the script to exit.
ordered_args="$(getopt -n "$0" -o "" -l "status-fd:" -l "keyid-format:" -l "verify" -- "$@")"
eval "set -- $ordered_args"
gpgv_opts=()
while true; do
    case "$1" in
	--status-fd)
	    gpgv_opts+=(--status-fd $2)
	    shift 2
	    ;;
	--keyid-format)
	    # ignore
	    shift 2
	    ;;
	--verify)
	    # ignore
	    shift 1
	    ;;
	--)
	    shift 1
	    break
	    ;;
    esac
done

exec gpgv "${gpgv_opts[@]}" --keyring "$debian_dir/upstream/${DEBIAN_KERNEL_KEYRING:-signing-key.pgp}" -- "$@"