Download and verify Linux kernel source against gpg signature file

get-kernel.sh

#!/bin/bash
# 
# Andres Hernandez - tonejito
# 
#	/usr/local/bin/get-kernel
# 
# Download and verify Linux kernel source against gpg signature
# file

GPG=gpg
CUT=cut
SED=sed
AWK=awk
ZCAT=zcat
WGET=wget
UNAME=uname
PRINTF=printf

# Get current kernel version (tested on debian-style named kernels)
if [ $# -eq 1 ]
then
  KERNEL_VERSION=${1}
else
  KERNEL_VERSION=`$UNAME -v | $AWK '{print $NF}' | $CUT -d '-' -f 1`
fi
# Use hardcoded kernel version
#KERNEL_VERSION=3.2.54

# kernel.org branch url and target files
KERNEL_URL=https://www.kernel.org/pub/linux/kernel/v3.x
KERNEL_TAR=linux-$KERNEL_VERSION.tar.gz
KERNEL_SIGN=linux-$KERNEL_VERSION.tar.sign

# Check if BOTH kernel version AND signature file exist
$WGET -c --spider $KERNEL_URL/linux-$KERNEL_VERSION.tar.{sign,gz}

if [ $? ]
then
  # Download kernel AND signature
  $WGET -c $KERNEL_URL/linux-$KERNEL_VERSION.tar.{sign,gz}
fi

# Initialize gpg keyrings
$PRINTF "" | $GPG

# Download gpg keys
GPG_KEY=`$ZCAT $KERNEL_TAR | $GPG --verify $KERNEL_SIGN - 2>&1 | $AWK '{print $NF}' | $SED -n '1p'`
$GPG --recv-keys $GPG_KEY

# Verify kernel against signature file
$ZCAT $KERNEL_TAR | $GPG --verify $KERNEL_SIGN -