x/crypto/openpgp: a couple of packages do not invoke .Close and hence leak io.Closer values in some return paths #53526
Description
Internally at Orijtech Inc, while doing security audits and supply chain analyses for the Cosmos security team, we've found a bunch of leaking resources in a couple of packages
golang.org/x/crypto/openpgp/packet/compressed.go:98:3: leaking resource created on line 91
golang.org/x/crypto/openpgp/packet/literal.go:75:3: leaking resource created on line 68
golang.org/x/crypto/openpgp/packet/literal.go:79:3: leaking resource created on line 68
golang.org/x/crypto/openpgp/packet/literal.go:84:3: leaking resource created on line 68
golang.org/x/crypto/openpgp/packet/symmetrically_encrypted.go:268:3: leaking resource created on line 261
golang.org/x/crypto/openpgp/packet/symmetrically_encrypted.go:276:3: leaking resource created on line 261
golang.org/x/crypto/openpgp/packet/symmetrically_encrypted.go:281:3: leaking resource created on line 261
golang.org/x/crypto/openpgp/clearsign/clearsign.go:315:4: leaking resource created on line 300and this problem exists due to the lack of finesse in defers and in using named error returns that can be used to close values.
/cc to my colleagues @willpoint @elias-orijtech @kirbyquerby