# Functions
VerifyGPGSignature raises an error if provided `.sig` file is not valid GPG signature for the given file.
VerifySHA256Digest verifies the sha256 digest by relying on `shasum` command present on the system instead of computing the same itself.