Download
~~~~~~~~

.. comment
    .. begin stable

    Current Stable Version
    ''''''''''''''''''''''

    - `CHANGES file <http://storage.perlig.de/cdbx/CHANGES-0.2.1>`_
    - `cdbx-0.2.1.tar.xz <http://storage.perlig.de/cdbx/cdbx-0.2.1.tar.xz>`_
    - `cdbx-0.2.1.tar.bz2 <http://storage.perlig.de/cdbx/cdbx-0.2.1.tar.bz2>`_
    - `cdbx-0.2.1.tar.gz <http://storage.perlig.de/cdbx/cdbx-0.2.1.tar.gz>`_
    - `cdbx-0.2.1.zip <http://storage.perlig.de/cdbx/cdbx-0.2.1.zip>`_
    - `cdbx-0.2.1.digests <http://storage.perlig.de/cdbx/cdbx-0.2.1.digests>`_

    .. end stable


.. begin dev
.. end dev


Integrity Check
---------------

There are hashes (MD5, SHA1 and SHA256) of the download packages stored
in the `digests file
<http://storage.perlig.de/cdbx/cdbx-0.2.1.digests>`_\.
In order to check the integrity of the downloaded file, use a tool like
md5sum (or sha1sum, sha256sum accordingly), e.g.:

.. sourcecode:: console

    $ md5sum -c cdbx-0.2.1.digests
    cdbx-0.2.1.tar.bz2: OK
    cdbx-0.2.1.tar.gz: OK
    cdbx-0.2.1.tar.xz: OK
    cdbx-0.2.1.zip: OK

In order to check the integrity of the digest file itself, you can check
the PGP signature of that file. The file is signed by André Malo, Key-ID
0x8103A37E:

.. sourcecode:: console

    $ gpg --verify cdbx-0.2.1.digests
    gpg: Signature made Sat Dec 11 17:32:43 2021 CET
    gpg:                using RSA key 21B65583FF640D34E8662B6B3DED446369F2EE1A
    gpg: Good signature from "André Malo <nd@perlig.de>"


.. vim: ft=rest tw=72
