truss verify
Verify evidence packages, mandates, and cryptographic signatures.
Subcommands
truss verify package <package-id>
Verify evidence package chain integrity. Reports total, valid, and tampered records. Exit code 1 if compromised.
truss verify package pkg_abc123
truss verify mandate <mandate-id>
Verify mandate authenticity by checking the issuer signature. Exit code 1 if verification fails.
truss verify mandate man_abc123
truss verify signature <data> <signature>
Verify a cryptographic signature. Accepts JSON or plain text data. Exit code 1 if invalid.
truss verify signature '{"action":"approve"}' 'sig_abc123...'
truss verify signature "plain text data" 'sig_def456...'
truss verify evidence [package-id-or-data]
Verify evidence from a package ID or raw JSON.
| Option | Description |
|---|---|
--data <json> | Raw evidence JSON |
truss verify evidence pkg_abc123
truss verify evidence --data '{"records":[{"id":"rec_1"}]}'