func Clearsign(input io.Reader, output io.Writer, key string) error {
entity, err := findKey(key)
if err != nil {
return err
}
w, err := clearsign.Encode(output, entity.PrivateKey, nil)
if err != nil {
return err
}
_, err = io.Copy(w, input)
if err != nil {
return err
}
err = w.Close()
if err != nil {
return err
}
return nil
}
// Encode signs the data returned by the reader and returns an inline signed copy.
func Encode(r io.Reader, armoredPrivateKey, passphrase string) ([]byte, error) {
keyring, err := openpgp.ReadArmoredKeyRing(bytes.NewBufferString(armoredPrivateKey))
if err != nil {
return nil, err
}
privateKey := keyring[0].PrivateKey
if privateKey.Encrypted {
err = privateKey.Decrypt([]byte(passphrase))
if err != nil {
return nil, err
}
}
var buf bytes.Buffer
plaintext, err := clearsign.Encode(&buf, privateKey, nil)
if err != nil {
return nil, err
}
metadata, err := ioutil.ReadAll(r)
if err != nil {
return nil, err
}
dataToSign := metadata
if dataToSign[0] == '\n' {
dataToSign = dataToSign[1:]
}
_, err = plaintext.Write([]byte(dataToSign))
if err != nil {
return nil, err
}
err = plaintext.Close()
if err != nil {
return nil, err
}
return buf.Bytes(), nil
}
