Not able to verify sign generated for a tar archive-

[chaudharydeepak]

stream = open(archiveinput, 'rb')
status = gpg.sign(stream, passphrase=_salt, detach=True)
stream.close()

This generated a detached signature file. But on trying to verify the generated sign from vanilla command line gpg --verbose --homedir /home/developer/dev_work/certs/gpghome --verify filename.tar.gz.sig filename.tar.gz, returns BAD SIGNATURE.