Not able to verify sign generated for a tar archive-

isislovecruft / python-gnupg

A modified version of python-gnupg, including security patches, extensive documentation, and extra features.

Other

424 stars 172 forks source link

Not able to verify sign generated for a tar archive- #241

Open chaudharydeepak opened 6 years ago

chaudharydeepak commented 6 years ago

stream = open(archiveinput, 'rb') status = gpg.sign(stream, passphrase=_salt, detach=True) stream.close()

This generated a detached signature file. But on trying to verify the generated sign from vanilla command line gpg --verbose --homedir /home/developer/dev_work/certs/gpghome --verify filename.tar.gz.sig filename.tar.gz, returns BAD SIGNATURE.