(signing_data)= # Signatures over data ```{admonition} TODO :class: warning Add content, including: - Signature of a binary document - Signature of a canonical text document - "The signature is calculated over the text data with its line endings converted to ``" ``` ## Data signatures A data signature serves the purpose to cryptographically guarantee the authenticity (and implicitly also the integrity) of a message, e.g. an email or a file, while a certification is used to attach metadata or subkeys to a certificate. Data signatures are always calculated by keys carrying the **S**igning key flag. Different types of signatures are distinguished by a signature type code and are calculated in different ways. Signatures can either be distributed standalone as *detached* signatures, or can be inlined with OpenPGP data, such as an OpenPGP message or a key or certificate. Data signatures (type 0x00 and 0x01) are created by hashing the message content and calculating a cryptographic signature over the hash. You can read more about data signatures in the [next chapter](signing_data). The result is packed up into an OpenPGP signature packet, which can either be included in the OpenPGP message (TODO: See section about forming messages, cleartext signature framework), or distributed separately as a so-called *detached* signature. Data signatures are always calculated using a **S**igning key.