in cli/image_cmds.go [629:674]
func runVerifyCmd(cmd *cobra.Command, args []string) {
if len(args) < 1 {
ImgmodUsage(cmd, nil)
}
imgFilename := args[0]
img, err := readImage(imgFilename)
if err != nil {
ImgmodUsage(cmd, err)
}
kes, err := sec.ReadPrivEncKeys(OptEncKeys)
if err != nil {
ImgmodUsage(nil, errors.Wrapf(err,
"error reading encryption key file"))
}
iss, err := sec.ReadPubSignKeys(OptSignKeys)
if err != nil {
ImgmodUsage(nil, errors.Wrapf(err, "error reading signing key file"))
}
var man *manifest.Manifest
if OptManifest != "" {
mfest, err := manifest.ReadManifest(OptManifest)
if err != nil {
ImgmodUsage(nil, err)
}
man = &mfest
}
st, stgood := verifyImageStructureStr(img)
ha, hagood := verifyImageHashStr(img, kes)
si, sigood := verifyImageSigsStr(img, iss)
ma, magood := verifyImageManifestStr(img, man)
iutil.Printf("%s\n", st)
iutil.Printf("%s\n", ha)
iutil.Printf("%s\n", si)
iutil.Printf("%s\n", ma)
if !stgood || !hagood || !sigood || !magood {
os.Exit(94) // EBADMSG
}
}