#!/usr/bin/perl
#
# Quick hack to sign multiple files in bulk.

use warnings;
use File::Find;
use Digest::MD5;
use Digest::SHA;
use POSIX qw(setsid);

umask(022);

die "usage: $0 file ...\n" if $#ARGV == -1;

$| = 1; # unbuffered stdout

# Read passphrase early--we don't know if we need to use it yet
# XXX - should verify passphrase is correct (try signing temp file?)
system("stty -echo");
print "Enter passphrase: ";
chomp(my $pass = <STDIN>);
system("stty echo");
print "\n";

# Sign any files without a signature (detached or embedded)
foreach (@ARGV) {
    my $pid = open(CHILD, "|-");
    die "unable to fork\n" unless defined($pid);
    if ($pid == 0) {
	# Child
	if (/\.rpm$/) {
	    # Disassociate from tty so we can pipe the passphrase
	    setsid();
	    exec("rpm", "--addsign", $_);
	} else {
	    exec("gpg2", "--yes", "--batch", "--pinentry-mode=loopback", "--passphrase-fd", "0", "-b", $_);
	}
	exit 1;
    }
    # Parent: write passphrase
    print CHILD $pass;
    close(CHILD);
}