// ValidateWithSignature verifies the image against a given signature
// file.
func (v *validator) ValidateWithSignature(ks *keystore.Keystore, sig io.ReadSeeker) (*openpgp.Entity, error) {
if ks == nil {
return nil, nil
}
if _, err := v.image.Seek(0, 0); err != nil {
return nil, errwrap.Wrap(errors.New("error seeking ACI file"), err)
}
if _, err := sig.Seek(0, 0); err != nil {
return nil, errwrap.Wrap(errors.New("error seeking signature file"), err)
}
entity, err := ks.CheckSignature(v.GetImageName(), v.image, sig)
if err != nil {
return nil, err
}
return entity, nil
}
// ValidateWithSignature verifies the image against a given signature
// file.
func (v *validator) ValidateWithSignature(ks *keystore.Keystore, sig io.ReadSeeker) (*openpgp.Entity, error) {
if ks == nil {
return nil, nil
}
if _, err := v.image.Seek(0, 0); err != nil {
return nil, errwrap.Wrap(errors.New("error seeking ACI file"), err)
}
if _, err := sig.Seek(0, 0); err != nil {
return nil, errwrap.Wrap(errors.New("error seeking signature file"), err)
}
entity, err := ks.CheckSignature(v.GetImageName(), v.image, sig)
if err == pgperrors.ErrUnknownIssuer {
log.Print("If you expected the signing key to change, try running:")
log.Print(" rkt trust --prefix <image>")
}
if err != nil {
return nil, err
}
return entity, nil
}