So I went through the trouble of getting openssl working with gost-engine (see thread), and I should be able to do this but I haven't yet written any bash scripts longer then a line and I'm getting impatient in my quest to get DNSCrypt working (see thread), so I think I'll press ahead but come back to this later.
I can always wipe-out puppy and start again if I have security concerns. Anyway, libsodium gives the following instructions to check the validity of any distributed file:
Code: Select all
dig +dnssec +short txt <file>.download.libsodium.org
dig is part of the Bind package. For my version of puppy (precise), I have installed through petget various packagees yielded from a search for bind from both ubuntu-precise-universe and ubuntu-precise-main.
You'll need "bind client" for sure and whatever dependencies that it may have.
So, now what I need to do is to recursively search the directories for files where the result pulled from dig does not match the sha256 signature. Another interesting thing to do would be to put this comparisons into the make build system so, prior to reading any file make would first check for differences and then either terminate or log any discrepancies. Does make have any facilities to do this like a pre-target event?