7. Verify Binaries (verify)
This feature allows to verify the authenticity of the included binaries.
The signature verification is based on a public key encryption algorithm
and requires the *.sig
files that are shipped with the packages.
To verify the integrity of THOR Util, download the public key used for the
verification on Nextrons Website: https://www.nextron-systems.com/pki/
The public key can be then used with the following command to verify the integrity of thor-util
:
on Windows:
C:\thor>openssl dgst -sha256 -verify codesign.pem -signature thor-util.exe.sig thor-util.exe
on Linux:
C:\thor>openssl dgst -sha256 -verify codesign.pem -signature thor-util.sig thor-util