Preferable way is to :ref:`download <download>` tarball with the
signature from `official website <http://pyderasn.cypherpunks.ru/>`__::
- $ [fetch|wget] http://pyderasn.cypherpunks.ru/pyderasn-|VERSION|.tar.xz
- $ [fetch|wget] http://pyderasn.cypherpunks.ru/pyderasn-5.4.tar.xz.sig
- $ gpg --verify pyderasn-5.4.tar.xz.sig pyderasn-5.4.tar.xz
- $ xz --decompress --stdout pyderasn-5.4.tar.xz | tar xf -
- $ cd pyderasn-5.4
+ $ [fetch|wget] http://pyderasn.cypherpunks.ru/pyderasn-7.2.tar.xz
+ $ [fetch|wget] http://pyderasn.cypherpunks.ru/pyderasn-7.2.tar.xz.sig
+ $ gpg --verify pyderasn-7.2.tar.xz.sig pyderasn-7.2.tar.xz
+ $ xz --decompress --stdout pyderasn-7.2.tar.xz | tar xf -
+ $ cd pyderasn-7.2
$ python setup.py install
# or copy pyderasn.py (+six.py, possibly termcolor.py) to your PYTHONPATH
for keeping compatibility with Py27/Py35. It is included in the tarball.
You can also find it mirrored on :ref:`download <download>` page.
-You could use PIP (**no** authentication is performed!)::
+You could use pip (**no** OpenPGP authentication is performed!) with PyPI::
- $ pip install pyderasn
+ $ cat > requirements.txt <<EOF
+ pyderasn==7.2 --hash=sha256:TO-BE-FILLED
+ six==1.14.0 --hash=sha256:236bdbdce46e6e6a3d61a337c0f8b763ca1e8717c03b369e87a7ec7ce1319c0a
+ EOF
+ $ pip install --requirement requirements.txt
You have to verify downloaded tarballs integrity and authenticity to be
sure that you retrieved trusted and untampered software. `GNU Privacy