Create verify.sh
Browse files
verify.sh
ADDED
|
@@ -0,0 +1,28 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 1 |
+
#!/bin/bash
|
| 2 |
+
set -euo pipefail
|
| 3 |
+
|
| 4 |
+
MODEL_FILE="model.safetensors"
|
| 5 |
+
SHA_FILE="model.safetensors.sha256"
|
| 6 |
+
SIG_FILE="model.safetensors.sig"
|
| 7 |
+
|
| 8 |
+
if [ ! -f "$MODEL_FILE" ]; then
|
| 9 |
+
echo "Model file not found: $MODEL_FILE"
|
| 10 |
+
exit 1
|
| 11 |
+
fi
|
| 12 |
+
|
| 13 |
+
if [ ! -f "$SHA_FILE" ]; then
|
| 14 |
+
echo "SHA file not found: $SHA_FILE"
|
| 15 |
+
exit 1
|
| 16 |
+
fi
|
| 17 |
+
|
| 18 |
+
echo "Verifying SHA-256 checksum..."
|
| 19 |
+
sha256sum -c "$SHA_FILE"
|
| 20 |
+
|
| 21 |
+
if [ -f "$SIG_FILE" ]; then
|
| 22 |
+
echo "Verifying PGP signature (requires maintainer public key installed)..."
|
| 23 |
+
gpg --verify "$SIG_FILE" "$MODEL_FILE"
|
| 24 |
+
else
|
| 25 |
+
echo "Signature file not found: $SIG_FILE (skipping signature verification)"
|
| 26 |
+
fi
|
| 27 |
+
|
| 28 |
+
echo "Verification complete."
|