signify is a utility that lets you
easily sign and verify files using cryptography.
To verify an OpenBSD ISO using signify:
$ ftp https://ftp.openbsd.org/pub/OpenBSD/7.1/amd64/install71.iso
$ ftp https://ftp.openbsd.org/pub/OpenBSD/7.1/amd64/SHA256.sig
$ signify -C -p /etc/signify/openbsd-71-base.pub -x SHA256.sig install71.iso
Signature Verified
install71.iso: OK
-C verifies a signed checksum list, -p provides the public key, and -x provides the signature file.
If you see this message:
Signature Verified
install71.iso: FAIL
This may mean that your ISO is either corrupt or has been tampered with. You
will want to download it again and make sure it verifies properly.
On the other hand, if you see this message:
signify: verification failed: checked against wrong key
You may have the wrong public key.