5.5. Results

The input file, audit_list, is a simple text file which gives the full path to the sifgned audit logs to be verified.
cat ~jsmith/auditVerifyDir/audit_list
	/var/lib/pki-ca/logs/signedAudit/ca_audit.20110211145833
If no modifications have been made to any of the files, then AuditVerify returns a message that all signatures are valid.
AuditVerify -d ~jsmith/auditVerifyDir -n "Log Signing Certificate" -a  ~jsmith/auditVerifyDir/audit_list 

Verification process complete.
Valid signatures: 20
Invalid signatures: 0
If there is a modification to a log file, then the signature is invalidated. In that case, AuditVerify says that there is an invalid signature and returns the name of the edited log file and the line number of the modification.
AuditVerify -d ~jsmith/auditVerifyDir -n "Log Signing Certificate" -a  ~jsmith/auditVerifyDir/audit_list
======
File:
/var/lib/pki-ca/logs/signedAudit/ca_audit.20110211145833
======
Line 52: VERIFICATION FAILED: signature of /var/lib/pki-ca/logs/signedAudit/ca_audit.20101213141439:48 to /var/lib/pki-ca/logs/signedAudit/ca_audit.20101213141439:51

Verification process complete.
Valid signatures: 19
Invalid signatures: 1