25 lines
637 B
Bash
25 lines
637 B
Bash
#!/usr/bin/env bash
|
|
set -euo pipefail
|
|
|
|
TAR_PATH=${1:-evidence-locker/zastava/2025-12-02/zastava-evidence.tar}
|
|
EXPECTED_SHA=${EXPECTED_SHA:-e1d67424273828c48e9bf5b495a96c2ebcaf1ef2c308f60d8b9c62b8a1b735ae}
|
|
|
|
if [[ ! -f "$TAR_PATH" ]]; then
|
|
echo "missing tar: $TAR_PATH" >&2
|
|
exit 1
|
|
fi
|
|
|
|
sha=$(sha256sum "$TAR_PATH" | awk '{print $1}')
|
|
if [[ "$sha" != "$EXPECTED_SHA" ]]; then
|
|
echo "sha mismatch: got $sha expected $EXPECTED_SHA" >&2
|
|
exit 2
|
|
fi
|
|
|
|
tmpdir=$(mktemp -d)
|
|
trap 'rm -rf "$tmpdir"' EXIT
|
|
|
|
tar -xf "$TAR_PATH" -C "$tmpdir"
|
|
(cd "$tmpdir" && sha256sum --check SHA256SUMS)
|
|
|
|
echo "OK: tar hash matches and inner SHA256SUMS verified"
|