On Tue, May 06, 2025 at 01:14:50PM +0200, Jan mydke wrote: > However, the sigfile actually is rather the signature file of the SHA256 > file appended with the contents of the SHA256 file. (Then the original > SHA256 file is no longer necessary for use with signify.) So the checksums > are embedded in the signature file.
This is the format produced by the '-e' argument to signify. $ signify -Se -s key.sec -m SHA256 Produces SHA256.sig with an embedded signature. It's already explained fairly near the start of signify(1).
