File: gnupg.info, Node: GPGSM SIGN, Next: GPGSM VERIFY, Prev: GPGSM DECRYPT, Up: GPGSM Protocol 5.6.3 Signing a Message ----------------------- Signing is usually done with these commands: INPUT FD[=N] [--armor|--base64|--binary] This tells 'GPGSM' to read the data to sign from file descriptor N. OUTPUT FD[=M] [--armor|--base64] Write the output to file descriptor M. If a detached signature is requested, only the signature is written. SIGN [--detached] Sign the data set with the 'INPUT' command and write it to the sink set by 'OUTPUT'. With '--detached', a detached signature is created (surprise). The key used for signing is the default one or the one specified in the configuration file. To get finer control over the keys, it is possible to use the command SIGNER USERID to set the signer's key. USERID should be the internal representation of the key; the server may accept any other way of specification. If this is a valid and trusted recipient the server does respond with OK, otherwise the return is an ERR with the reason why the key cannot be used, the signature will then not be created using this key. If the policy is not to sign at all if not all keys are valid, the client has to take care of this. All 'SIGNER' commands are cumulative until a 'RESET' is done. Note that a 'SIGN' does not reset this list of signers which is in contrast to the 'RECIPIENT' command.