func()

in image/verify.go [99:136]

• 29 lines of code
• 8 McCabe index (conditional complexity)

func (img *Image) VerifyHash(privEncKeys []sec.PrivEncKey) (int, error) {
	secret, err := img.verifyEncState()
	if err != nil {
		return -1, err
	}

	if secret == nil {
		// Image not encrypted.
		if err := img.verifyHashDecrypted(); err != nil {
			return -1, err
		}

		return -1, nil
	}

	// Image is encrypted.
	if len(privEncKeys) == 0 {
		return -1, errors.Errorf(
			"attempt to verify hash of encrypted image: no keys provided")
	}

	// We don't know which key the image is encrypted with.  For each key,
	// decrypt and then check the hash.
	var hashErr error
	for i, key := range privEncKeys {
		dec, err := Decrypt(*img, key)
		if err != nil {
			hashErr = err
		} else {
			hashErr = dec.verifyHashDecrypted()
			if hashErr == nil {
				return i, nil
			}
		}
	}

	return -1, hashErr
}