Signing Problem after Moving GPG and Keys

[David Shaw]

On Sep 10, 2008, at 3:32 PM, Clough, Samuel (USPC.PRG.Atlanta) wrote:

> I have a very frustrating problem with a file that is ascii armored  
> and signed.  Any help would be greatly appreciated as I’ve spent  
> hours on this with no solution and have never had a problem like  
> this before.
>
> For various reasons, we had to move our gpg installation from a  
> RedHat server to a Windows server.  The only differences (other than  
> the obvious OS difference) is that the RedHat GPG version is 1.2.1  
> and the Windows GPG install is version 1.4.9.  We needed the exact  
> same keys, so I moved all the contents of ~/.gnupg from the Linux  
> server to the gpg home on the windows server.  I didn’t touch or  
> change the keyring and everything seemed to work fine.  Encryption  
> and decryption scripts are running just fine.  However, one major  
> vendor is complaining that when they get our file there is no  
> signature on it.   Their file is ascii armored and signed.  It  
> apparently decrypts on their end but the signature doesn’t pass.  As  
> noted, I moved the keyring files, I didn’t do any import or export  
> and I’ve made sure by copying the keyring again.  I’m also using the  
> exact same GPG command path.  The gpg return code is 0 on both  
> boxes.  The gpg output to stdout is identical except that on RedHat  
> I get  a line starting with “gpg: DSA signature” and on Windows I  
> get a line starting with “gpg: DSA/SHA1 signature.”

Please clarify.  You state both that there is "no signature" and also  
that the "signature doesn't pass".  Is there a signature on the file  
or not?

David