Files and streams
Checksum one or more regular files, or use standard input for pipelines and shell-friendly verification.
rpichecksum is a Rust CLI for CRC32C file checksums and directory manifests. It selects Arm CRC instructions on compatible AArch64 Linux systems, keeps a portable scalar path, and is installable through a signed Debian arm64 repository.
Castagnoli checksum for accidental-corruption detection.
Detected from CPU capability and build support.
A streamable header plus one file record per line.
Published for the tested Debian trixie arm64 target.
Purpose
The project is intentionally narrow: calculate CRC32C values, record a directory state, and verify that state later. The commands are suitable for repeatable storage, transfer, and deployment checks.
Checksum one or more regular files, or use standard input for pipelines and shell-friendly verification.
Create a JSON Lines manifest containing the canonical root, relative path, byte size, and CRC32C for each regular file.
Inspect the selected backend, compare it with scalar execution, and verify that a release binary contains the intended Arm CRC instructions.
rpichecksum detects accidental corruption. It does not protect a file against malicious modification. Use a cryptographic hash, signature, or MAC when an attacker is part of the threat model.
Runtime dispatch
The default behavior is designed for correctness and portability. Hardware CRC is selected on a compatible AArch64 Linux host; the scalar implementation remains the fallback everywhere else.
At runtime, the core checks the AArch64 architecture and CPU CRC feature rather than assuming a particular Raspberry Pi model.
The accelerated C backend is used only when it was compiled into the binary and the processor reports the required CRC capability.
Scalar execution is portable and produces the same CRC32C value. It is also available for side-by-side benchmark and correctness checks.
Install
The current public package pool targets Debian trixie / Raspberry Pi OS arm64. The APT source is signed and package availability is tied to builds that have been tested for that target.
sudo install -d -m 0755 /etc/apt/keyrings curl -fsSL https://apt.ryzhov.website/rdynamo.asc \ | sudo gpg --dearmor -o /etc/apt/keyrings/rdynamo.gpg echo "deb [arch=arm64 signed-by=/etc/apt/keyrings/rdynamo.gpg] \ https://apt.ryzhov.website trixie main" \ | sudo tee /etc/apt/sources.list.d/rdynamo.list sudo apt update sudo apt install rpichecksum
Verification
A reproducible test has three layers: known CRC32C output, backend reporting, and binary disassembly. Each answers a different question.
CRC32C of the standard test bytes must be e3069283.
On an eligible Pi 5 / AArch64 Linux target, automatic mode should report Aarch64Crc.
Compare paths on the same input and require an identical checksum accumulator.
rpichecksum bench --size 1048576 --iterations 1024 --compareInspect the packaged executable for the Arm CRC instructions expected in the compiled backend.
objdump -d "$(command -v rpichecksum)" | grep -E 'crc32c[bhwx]'Directory state
The manifest format is JSONL rather than one large JSON array: one header records the root and algorithm, then each file entry is written as an independent JSON record.
rpichecksum manifest create ./data \ --output ./data.rpichecksum.jsonl rpichecksum manifest verify \ ./data.rpichecksum.jsonl
The command rejects an output path inside the target directory, avoiding accidental self-inclusion during manifest creation.
Verification reports successful, failed, and missing entries. The recorded root path is absolute, so moving the directory changes the verification context.
SQLite and other active files can change in place. Pause writers or checksum a database backup when a reproducible manifest is required.
Source and packages
The repository contains the Rust core, CLI behavior, Debian packaging scripts, Raspberry Pi validation notes, and the roadmap for signed manifests and keyed integrity work.