#!/bin/sh

pubkey="/pub.pem"
file="/tmp/update.tgz.cc"
echo "### ccOS Update Script ###"
echo "[+] Starting"
sleep 1
echo "[+] Extracting Signature"
skip=$(expr $(stat -c '%s' $file) - 256)
if [[ -L $file ]]
then
	exit 0
fi 
dd if=/tmp/update.tgz.cc of=sig bs=1 count=256 skip=$skip > /dev/null 2>&1
truncate -s $skip update.tgz.cc
check=`openssl dgst -sha256 -verify $pubkey -signature /tmp/sig /tmp/update.tgz.cc`
if [ "$check" == "Verified OK" ]
then
        echo "[+] Signature is valid!"
        echo "[+] Upgrading..."
        tar -xvzf /tmp/update.tgz.cc -C /
        rm /tmp/update.tgz.cc /tmp/sig
        echo "[+] Done"
        exit 0
else
        echo "[-] Signature error, exiting..."
        rm /tmp/update.tgz.cc /tmp/sig
        exit 1
fi