$ unstarch --sha1-signature .foo
So far, so good.
But now I want to validate that the metadata are being digested correctly through some independent means, preferably via the command-line, so that I can perform regression testing. I can use the
base64 tools together to test that I get the same answer:
$ unstarch --list-json-no-trailing-newline .foo \
| openssl sha1 \
| xxd -r -p \
As a note to myself: I end up stripping the trailing newline from the JSON output of unstarch because this is what the PolarSSL library ends up digesting. This very nearly had me doubting whether PolarSSL was working correctly, or whether my command-line test was correct!