// SerializePrivate serializes an Entity, including private key material, to // the given Writer. For now, it must only be used on an Entity returned from // NewEntity. // If config is nil, sensible defaults will be used. func (e *Entity) SerializePrivate(w io.Writer, config *packet.Config) (err error) { err = e.PrivateKey.Serialize(w) if err != nil { return } for _, ident := range e.Identities { err = ident.UserId.Serialize(w) if err != nil { return } if e.PrivateKey.PrivateKey != nil { err = ident.SelfSignature.SignUserId(ident.UserId.Id, e.PrimaryKey, e.PrivateKey, config) if err != nil { return } } err = ident.SelfSignature.Serialize(w) if err != nil { return } } for _, subkey := range e.Subkeys { err = subkey.PrivateKey.Serialize(w) if err != nil { return } // Workaround shortcoming of SignKey(), which doesn't work to reverse-sign // sub-signing keys. So if requested, just reuse the signatures already // available to us (if we read this key from a keyring). if e.PrivateKey.PrivateKey != nil && !config.ReuseSignatures() { err = subkey.Sig.SignKey(subkey.PublicKey, e.PrivateKey, config) if err != nil { return } } if subkey.Revocation != nil { err = subkey.Revocation.Serialize(w) if err != nil { return } } err = subkey.Sig.Serialize(w) if err != nil { return } } return nil }