I have an rpm and the public key that can be used to verify the signature. I would like to verify that signature before I do something in my C++ program. I'm having trouble determining the best library to use here.
My application already uses OpenSSL for network communications, so it would be great if I could reuse that. I'm also looking at crypto++ and GPGme. I just want to make sure I'm not missing something before I start parsing the rpm header and reinventing the wheel.
