The use of & instead of && here means that openssl start running at the same time as the base64 decode command. This means that openssl could start reading from an old version of the signature file before base64 starts writing to the new one.