mkarchiso: check if the code signing files specified with option -c exist

Look for the files in `*_validate_options` and error out early if they do
not exist.

2 files changed, 10 insertions, 1 deletions

diff --git a/CHANGELOG.rst b/CHANGELOG.rst
index 4fa88db..400628a 100644
--- a/CHANGELOG.rst
+++ b/CHANGELOG.rst
@@ -15,6 +15,7 @@ Changed
 - Check if the GPG public key file was successfully placed in the work directory before trying to use it.
 - Open the file descriptors for code signing certificates and GPG public key as read only. Nothing from the within the
   ``pacstrap`` invoked chroot should ever be allowed to write outside of it.
+- Error out early if any of the code signing certificate files passed with option ``-c`` do not exist.
 
 Removed
 -------
diff --git a/archiso/mkarchiso b/archiso/mkarchiso
index 7a3fd1c..8449f51 100755
--- a/archiso/mkarchiso
+++ b/archiso/mkarchiso
@@ -1522,7 +1522,7 @@ _read_profile() {
 
 # Validate set options
 _validate_options() {
-    local validation_error=0 _buildmode
+    local validation_error=0 _buildmode certfile
 
     _msg_info "Validating options..."
 
@@ -1532,6 +1532,14 @@ _validate_options() {
         _msg_error "File '${pacman_conf}' does not exist." 0
     fi
 
+    # Check if the code signing certificate files exist
+    for certfile in "${cert_list[@]}"; do
+        if [[ ! -e "$certfile" ]]; then
+            (( validation_error=validation_error+1 ))
+            _msg_error "Code signing certificate '${certfile}' does not exist." 0
+        fi
+    done
+
     # Check if the specified buildmodes are supported
     for _buildmode in "${buildmodes[@]}"; do
         if typeset -f "_build_buildmode_${_buildmode}" &> /dev/null; then