pub fn verify_archive<P: AsRef<Path>>(
archive_path: P,
config: &SecurityConfig,
) -> Result<VerificationReport>Expand description
Verifies archive integrity and security without extracting.
Performs comprehensive validation:
- Integrity checks (structure, checksums)
- Security checks (path traversal, zip bombs, CVEs)
- Policy checks (file types, permissions)
§Arguments
archive_path- Path to archive fileconfig- Security configuration for validation
§Errors
Returns error if:
- Archive file cannot be opened
- Archive is severely corrupted (cannot read structure)
Security violations are reported in VerificationReport.issues,
not as errors.
§Examples
use exarch_core::SecurityConfig;
use exarch_core::VerificationStatus;
use exarch_core::verify_archive;
let config = SecurityConfig::default();
let report = verify_archive("archive.tar.gz", &config)?;
if report.status == VerificationStatus::Pass {
println!("Archive is safe to extract");
} else {
eprintln!("Security issues found:");
for issue in report.issues {
eprintln!(" [{}] {}", issue.severity, issue.message);
}
}