Recent Changes - Search:

libjpeg-turbo Home

About libjpeg-turbo

Downloads

Documentation

Reports

Position Statements

Developer Info

Contact

Digital Signatures

To ensure the integrity of the official libjpeg-turbo release packages, the RPM and DEB files and the source tarball are signed using the following GPG key:

https://www.libjpeg-turbo.org/key/LJT-GPG-KEY
or
https://pgp.mit.edu/pks/lookup?op=get&search=0x85C7044E033FDE16

and the Windows installers are signed using a code signing certificate.

To verify the RPM package signatures:

sudo rpm --import '{key URL}'
rpm --checksig {RPM file}

To verify the DEB package signatures:

sudo apt-get install debsig-verify
sudo debsig-import 85C7044E033FDE16 '{key URL}'
debsig-verify {DEB file}

debsig-import is available here.

To verify the Windows installer package signatures:

Right-click on the .exe file and look at the "Digital Signatures" tab. If you have the Windows SDK installed, you can also run:

signtool verify -pa {.exe file}

Creative Commons LicenseAll content on this web site is licensed under the Creative Commons Attribution 2.5 License. Any works containing material derived from this web site must cite The libjpeg-turbo Project as the source of the material and list the current URL for the libjpeg-turbo web site.

Edit - History - Print - Recent Changes - Search
Page last modified on August 18, 2017, at 04:30 PM