-
download to ~/Downloads
-
mac_1.7.17_MyCrypto.dmg
-
checksums.txt.gpg
-
checksums.txt
-
view checksum of binary
cd ~/Downloads
shasum -a 256 mac_1.7.17_MyCrypto.dmg
- view checksum.txt values expected
cat checksums.txt
brew install curl gpg
curl https://keybase.io/tayvano/pgp_keys.asc | gpg --import
gpg --output checksums.txt --decrypt checksums.txt.gpg
File 'checksums.txt' exists. Overwrite? (y/N) y
gpg: Signature made ...
gpg: using RSA key ...
gpg: Good signature from "Taylor <tayvano@gmail.com>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.
Primary key fingerprint: ...
-
check that the generated checksum.txt file values are the same as those that in the checksum.txt file that was downloaded
-
check that the in the checksum.txt file, for mac_1.7.17_MyCrypto.dmg its SHA256 value shown matches the output from running
shasum -a 256 ... -
i.e. 8fe2652697b0557f7e221d0c960aa9e36a54445f12e7396a193cc5c5ad6ded06