+ if (jcr->crypto.digest) {
+ /* Use digest computed while writing the file to verify the signature */
+ if ((err = crypto_sign_verify(sig, keypair, jcr->crypto.digest)) != CRYPTO_ERROR_NONE) {
+ Dmsg1(50, "Bad signature on %s\n", jcr->last_fname);
+ Jmsg2(jcr, M_ERROR, 0, _("Signature validation failed for file %s: ERR=%s\n"),
+ jcr->last_fname, crypto_strerror(err));
+ goto bail_out;
+ }
+ } else {
+ /* Signature found, digest allocated. Old method,
+ * re-read the file and compute the digest
+ */
+ jcr->crypto.digest = digest;
+
+ /* Checksum the entire file */
+ /* Make sure we don't modify JobBytes by saving and restoring it */
+ saved_bytes = jcr->JobBytes;
+ if (find_one_file(jcr, jcr->ff, do_file_digest, jcr->last_fname, (dev_t)-1, 1) != 0) {
+ Jmsg(jcr, M_ERROR, 0, _("Digest one file failed for file: %s\n"),
+ jcr->last_fname);
+ jcr->JobBytes = saved_bytes;
+ goto bail_out;
+ }
+ jcr->JobBytes = saved_bytes;