How is a digital signature created by the supplicant?

Digital signatures rely on signing a hash of the message with the signer's private key. The signer first computes a hash of the message to produce a fixed-size digest, then uses their private key to encrypt that digest, creating the signature. This signature is attached to or sent with the message. The recipient can verify by hashing the received message to get a digest and decrypting the signature with the signer’s public key to recover the digest; if the digests match, the signature is valid, proving the message came from the signer and hasn’t been altered. The other options don’t fit. Adding a password to a challenge message describes a password-based challenge-response, not a digital signature. Hashing only the plain text gives a digest but provides no proof of who signed it. Encrypting the digest with the public key would not create a signature (signatures are created with the private key to allow verification with the public key).