#!/bin/env sh
# This script should have come along with two files:
#   * The target file '{filename}'
#   * The signature file '{filename}.sh.sig' 
#     (or this file should have been signed in some other way)
#
# First, you should verify that this file came from the person you expect by
# verifying the signature.
#
# Next, you should run this script which will check that the target file 
# matches the hash that was calculated when the message below was written.
# This will confirm that the file you have matches the file the message was
# written about.
#
# Alternatively, if you don't want to run this script, you can verify the 
# hash manually.

MESSAGE="{message}"
FILE="{filename}"
FILE_PATH="$(dirname "$0")/$FILE"
EXPECTED_HASH="{filehash}"

if [ "$(sha256sum "$FILE_PATH" | awk '{print $1}')" = "$EXPECTED_HASH" ]; then
	printf "File %s validated with message:\\n%s" "$FILE" "$MESSAGE"
	exit 0
else
	echo "File $FILE is not valid"
	exit 1
fi