#!/usr/bin/expect -f
# This expect script signs a key using agpg non-interactively.
# (c) Christoph Berg <cb@df7cb.de>
# This program is free software covered by the GNU GPL.
#
# 030909 cb: rewritten for gpgmailsign v0.2
# 2004-06-27 cb: pass -u for multiple signing keys

log_file work/sign.log
set timeout 3

proc timed_out {} {
	send_user "sign.expect: Something weird happend, bailing out after timeout\n"
	exit 2
}

set agpg [lrange $argv 0 0]
set keyid [lrange $argv 1 1]
set keyring [lrange $argv 2 2]
set my_key [lrange $argv 3 3]

send_user "\n\n### Signing key $keyid ---------------------------------------\n"

send_user "sign.expect: $agpg --no-default-keyring --keyring $keyring -u $my_key --edit-key $keyid"
spawn $agpg --no-default-keyring --keyring $keyring -u $my_key --edit-key $keyid
expect {
	timeout timed_out
	Command
}

send "uid 2\n"
expect {
	"No user ID with index 2" { # make sure purgekey.expect really removed all other uids
		send_user "sign.expect: ok, keyring looks sane.\n"
	}
	timeout timed_out
}

send "uid 1\n"
expect {
	timeout timed_out
	Command
}

send_user "sign.expect: Signing key...\n"
send "sign\n"
set do_loop 1
while {$do_loop == 1} {
	expect {
		"was already signed" {
			send_user "sign.expect: Key $keyid is already signed, exit.\n"
			exit 10
		}
		"Do you want your signature to expire at the same time" {
			send_user "sign.expect: Key will expire.\n"
			send "n\n"
		}
		"Your selection" {
			send_user "sign.expect: Generating 'carefully checked' signature.\n"
			send "3\n"
		}
		"Use this key anyway" {
			send_user "sign.expect: Key is not trusted. Using it anyway.\n"
			send "y\n"
		}
		"Really sign" {
			send_user "sign.expect: Signing key... done.\n"
			send "y\n"
		}
		"You need a passphrase to unlock the secret key" {
			send_user "sign.expect: Saving key...\n"
			send "save\n"
			set do_loop 0
		}
		"bad passphrase" {
			send_user "sign.expect: bad passphrase.\n"
			exit 2
		}
		timeout timed_out
	}
}

send_user "sign.expect: exit.\n"

interact