#!/bin/sh -efu

. shell-error

keyfile="$1"; shift
uid_pattern='.*[[:space:]]+<[^@]+(@| at )altlinux(\.| dot )(com|net|org|ru)>$'

strip_sub()
{
	local n
	n="$(gpg --list-keys "$1" 2>/dev/null |grep -c '^sub[[:space:]]\+')" ||
		return 0

	(for i in $(seq 0 $n); do echo "key $i"; done
	 echo delkey
	 echo Y
	 echo save)|
		gpg --no-greeting --no-tty --command-fd=0 --edit-key "$1"
}

strip_uid()
{
	local uidlist=$(gpg --list-keys "$1" 2>/dev/null |
		grep '^uid[[:space:]]\+' |egrep -vn "$uid_pattern" |cut -f1 -d:)
	[ -n "$uidlist" ] || return 0

	(for i in $uidlist; do echo "uid $i"; done
	 echo deluid
	 echo Y
	 echo save)|
		gpg --no-greeting --no-tty --command-fd=0 --edit-key "$1"
}

tempdir=
cleanup_handler()
{
	trap - EXIT
	[ -z "$tempdir" ] || rm -rf "$tempdir"
	exit "$@"
}

exit_handler()
{
	cleanup_handler $?
}

signal_handler()
{
	cleanup_handler 143
}

trap exit_handler EXIT
trap signal_handler HUP PIPE INT QUIT TERM
tempdir="$(mktemp -td alt-gpgkeys.XXXXXX)"

export LANG=C
export GNUPGHOME="$tempdir"

gpg --import "$keyfile" 2>/dev/null ||
	fatal "$keyfile: Invalid gpg key file"

keycode="$(gpg --list-keys 2>/dev/null |
	sed -n 's,^pub[[:space:]]\+[^/[:space:]]\+/\([^[:space:]]\+\)[[:space:]].*,\1,p')"
[ -n "$keycode" ] ||
	fatal "$keyfile: Unable to calculate key code"
n="$(printf '%s\n' "$keycode" |wc -l)"
[ "$n" = 1 ] ||
	fatal "$keyfile: Too many ($n) keys found"

strip_sub "$keycode"
strip_uid "$keycode"

tempkeyfile="$tempdir/gpgkey"
cp -p "$keyfile" "$tempkeyfile"
gpg --export --armor "$keycode" >"$tempkeyfile" ||
	fatal 'Unable to export gpg key'
mv -f "$tempkeyfile" "$keyfile"
