func Clearsign(input io.Reader, output io.Writer, key string) error { entity, err := findKey(key) if err != nil { return err } w, err := clearsign.Encode(output, entity.PrivateKey, nil) if err != nil { return err } _, err = io.Copy(w, input) if err != nil { return err } err = w.Close() if err != nil { return err } return nil }
// Encode signs the data returned by the reader and returns an inline signed copy. func Encode(r io.Reader, armoredPrivateKey, passphrase string) ([]byte, error) { keyring, err := openpgp.ReadArmoredKeyRing(bytes.NewBufferString(armoredPrivateKey)) if err != nil { return nil, err } privateKey := keyring[0].PrivateKey if privateKey.Encrypted { err = privateKey.Decrypt([]byte(passphrase)) if err != nil { return nil, err } } var buf bytes.Buffer plaintext, err := clearsign.Encode(&buf, privateKey, nil) if err != nil { return nil, err } metadata, err := ioutil.ReadAll(r) if err != nil { return nil, err } dataToSign := metadata if dataToSign[0] == '\n' { dataToSign = dataToSign[1:] } _, err = plaintext.Write([]byte(dataToSign)) if err != nil { return nil, err } err = plaintext.Close() if err != nil { return nil, err } return buf.Bytes(), nil }