gpgme_sig_mode_t type is used to specify the desired type of a
signature. The following modes are available:
A normal signature is made, the output includes the plaintext and the signature.
A detached signature is made.
A clear text signature is made. The ASCII armor and text mode settings of the context are ignored.
A signed archive is created from the given files and directories. This feature is currently only supported for the OpenPGP crypto engine and requires GnuPG 2.4.1.
gpgme_op_sign creates a signature for the text in
the data object plain and returns it in the data object
sig or writes it directly to the file set with
gpgme_data_set_file_name for the data object sig. The type
of the signature created is determined by the ASCII armor (or,
if that is not set, by the encoding specified for sig), the text
mode attributes set for the context ctx and the requested signature
If signature mode
GPGME_SIG_MODE_ARCHIVE is requested, then a
signed archive is created from the files and directories given as
NUL-separated list in the data object plain and returned in the
data object sig. The paths of the files and directories have to
be given as paths relative to the current working directory or relative
to the base directory set with
After the operation completed successfully, the result can be
If an S/MIME signed message is created using the CMS crypto engine,
the number of certificates to include in the message can be specified
gpgme_set_include_certs. See Included Certificates.
The function returns the error code
GPG_ERR_NO_ERROR if the
signature could be created successfully,
ctx, plain or sig is not a valid pointer,
GPG_ERR_NO_DATA if the signature could not be created,
GPG_ERR_BAD_PASSPHRASE if the passphrase for the secret key
could not be retrieved,
GPG_ERR_UNUSABLE_SECKEY if there are
invalid signers, and passes through any errors that are reported by the
crypto engine support routines.
gpgme_op_sign_start initiates a
gpgme_op_sign operation. It can be completed by calling
gpgme_wait on the context. See Waiting For Completion.
The function returns the error code
GPG_ERR_NO_ERROR if the operation could be
started successfully, and
GPG_ERR_INV_VALUE if ctx,
plain or sig is not a valid pointer.
This is a pointer to a structure used to store a part of the result of
gpgme_op_sign operation. The structure contains the
This is a pointer to the next new signature structure in the linked
NULL if this is the last element.
The type of this signature.
The public key algorithm used to create this signature.
The hash algorithm used to create this signature.
unsigned int sig_class
The signature class of this signature. Note that only the values 0, 1, and 2 are well-defined.
long int timestamp
The creation timestamp of this signature.
The fingerprint of the key which was used to create this signature.
This is a pointer to a structure used to store the result of a
gpgme_op_sign operation. After successfully generating a
signature, you can retrieve the pointer to the result with
gpgme_op_sign_result. The structure contains the following
A linked list with information about all invalid keys for which a signature could not be created.
A linked list with information about all signatures created.
gpgme_op_sign_result returns a
gpgme_sign_result_t pointer to a structure holding the result
gpgme_op_sign operation. The pointer is only valid if the
last operation on the context was a
gpgme_op_encrypt_sign_start operation. If that operation
failed, the function might return a
NULL pointer. The returned
pointer is only valid until the next operation is started on the