/
encode.go
52 lines (46 loc) · 1.12 KB
/
encode.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
// Copyright 2013 Canonical Ltd.
// Licensed under the AGPLv3, see LICENCE file for details.
package simplestreams
import (
"bytes"
"io"
"io/ioutil"
"code.google.com/p/go.crypto/openpgp"
"code.google.com/p/go.crypto/openpgp/clearsign"
)
// Encode signs the data returned by the reader and returns an inline signed copy.
func Encode(r io.Reader, armoredPrivateKey, passphrase string) ([]byte, error) {
keyring, err := openpgp.ReadArmoredKeyRing(bytes.NewBufferString(armoredPrivateKey))
if err != nil {
return nil, err
}
privateKey := keyring[0].PrivateKey
if privateKey.Encrypted {
err = privateKey.Decrypt([]byte(passphrase))
if err != nil {
return nil, err
}
}
var buf bytes.Buffer
plaintext, err := clearsign.Encode(&buf, privateKey, nil)
if err != nil {
return nil, err
}
metadata, err := ioutil.ReadAll(r)
if err != nil {
return nil, err
}
dataToSign := metadata
if dataToSign[0] == '\n' {
dataToSign = dataToSign[1:]
}
_, err = plaintext.Write([]byte(dataToSign))
if err != nil {
return nil, err
}
err = plaintext.Close()
if err != nil {
return nil, err
}
return buf.Bytes(), nil
}