I made a file named 1.txt. It has three lines of text.

I ran "gpg --clear-sign 1.txt". That created a file named 1.txt.asc. When I opened the file in Notepad, it was readable. It had the three lines of text followed by the digital signature.

I ran "gpg --sign 1.txt". That created a file 1.txt.gpg. When I opened that file in Notepad, it was illegible. There wasn't a set of random characters that looked like a signature; it looked a binary file that Notepad couldn't parse as text.

My understanding of "digital signing" lines up with the first example. The original file is unmodified. An encrypted hash is added. This verifies the signer's identity without encrypting the data.

The second option looks more like encryption. Without access to the user's keypair, I can't view the file at all.

Am I mistaken here? With "gpg --sign", is there a way to view the file without access to the signer's public key?

1 Answer 1


It's just compressed. This has nothing to do with digital signing – it's a property of the OpenPGP file format.

Most PGP tools will by default compress the "data packet" using DEFLATE (same algorithm as used by Zip) – perhaps to compensate for the 34% overhead that the --armor mode introduces. (Originally PGP was built for email, and every kilobyte used to be significant back in the day.)

gpg -d should dump the contents even if it's unable to verify the message. Use pgpdump or gpg --list-packets to inspect an OpenPGP message's structure in detail, including compression and other such parameters.

  • Thanks. I knew it would be something simple. I appreciate the quick response. Commented Mar 5, 2020 at 19:58

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .