Skip to content

Commit

Permalink
README.md: Clarify steps for verifying zip signatures
Browse files Browse the repository at this point in the history 
Issue: #499

Signed-off-by: Andrew Gunnerson <[email protected]>
  • Loading branch information
@chenxiaolong
chenxiaolong committed Mar 3, 2024
1 parent 2b1ad34 commit e5c5ebe
Showing 1 changed file with 2 additions and 2 deletions.
4 changes: 2 additions & 2 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -307,13 +307,13 @@ Both the zip file and the APK contained within are digitally signed. **NOTE**: T
### Verifying zip file signature
First save the public key to a file that lists which keys should be trusted.
First, run the following command to save the public key to a file that lists which keys should be trusted:
```bash
echo 'bcr ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDOe6/tBnO7xZhAWXRj3ApUYgn+XZ0wnQiXM8B7tPgv4' > bcr_trusted_keys
```
Then, verify the signature of the zip file using the list of trusted keys.
Then, run the following command to verify the signature of the zip file using the list of trusted keys:
```bash
ssh-keygen -Y verify -f bcr_trusted_keys -I bcr -n file -s BCR-<version>-release.zip.sig < BCR-<version>-release.zip
Expand Down

0 comments on commit e5c5ebe

Please sign in to comment.