Appending checksum information to file

archivechecksumcompressionpackaging

I'd like to embed checksum information into file, that I transfer.
It's tar.gz or tar.xz file and I can only transfer one file to remote side.

How do you recommend I embed checksum information?

I want checksum of whole archive, not it's contents (I'd like to check it's integrity "before" unpacking).

I know I could pack it again in some format supporting checksums (like rar) but it's computational cost to "repack" stuff, just for adding checksum (on the other hand I don't like rar format). So preferred would be something like gzip & gunzip etc , but for adding, checking, and removing checksum.

Any tools, ideas, scripts, workarounds?

Am I right .xz and .gz support concatenation? Maybe it's worth to use this feature to append compressed checksum on the end of file ?

Best Answer

cat file.gz file.gz.sig > transfer_me.signed

Then, on the remote host, you split out the appended checksum using

tail -c length_of_the_checksum_info transfer_me.signed > file.gz.sig
head -c -length_of_the_checksum_info transfer_me.signed > file.gz

Note the minus in the second command. The length depends on the type of checksum you use. You can have just

md5sum file.gz | cut -d ' ' -f 1 > file.gz.sig

Notice also, that in this way you can also unpack the transfer_me.signed file straight away without splitting, because tar will ignore the trailing "garbage".

A similar solution, with additional encryption or scrambling mechanisms, is used for signing updates for many mobile devices - for example the Amazon Kindles. But in their case, archive file identification is undesired, so they put all the fingerprinting information at the beginning of an update file.

Related Question