$ unstarch --sha1-signature .foo
So far, so good.
But now I want to validate that the metadata are being digested correctly through some independent means, preferably via the command-line, so that I can perform regression testing. I can use the
base64 tools together to test that I get the same answer:
$ unstarch --list-json-no-trailing-newline .foo \
| openssl sha1 \
| xxd -r -p \
As a note to myself: I end up stripping the trailing newline from the JSON output of unstarch because this is what the PolarSSL library ends up digesting. This very nearly had me doubting whether PolarSSL was working correctly, or whether my command-line test was correct!
MacPorts is useful for installing a variety of command-line utilities and programs for Mac OS X. There are others, e.g. Homebrew. After using MacPorts to update a GNU gcc installation, it is useful to select the new revision. Tips were posted to this Stack Overflow thread. Basically, it boils down to two steps:
sudo port select --list gcc
sudo port select --set gcc mp-gcc47