IOStreams::Pgp::Writer: Add the ability to sign without encryption

[NickLarsenNZ]

Encryption is always enabled:

iostreams/lib/io_streams/pgp/writer.rb

Line 83 in 7010c56

command = "#{IOStreams::Pgp.executable} --batch --no-tty --yes --encrypt"

However, there are cases where we only want to sign.

Potential solution:

• Add an additional option encrypt: true.
• Toggle the --encrypt flag.
• Only set recipients if encrypt is true.

[NickLarsenNZ]

If you only sign, the output is simply the signature. Not with the original input (though you can see it if you don't use --armor or base64 decode the pgp message), so that would have to be handled somehow.

Eg:

echo "not secret" | gpg --sign --armor --output -
gpg: using "C97BC6EF3C4A85B798C69EE49507335AD42F6BF7" as default secret key for signing
-----BEGIN PGP MESSAGE-----

owEBWAKn/ZANAwAIAZUHM1rUL2v3AcsRYgBj2mu/bm90IHNlY3JldAqJAjMEAAEI
AB0WIQTJe8bvPEqFt5jGnuSVBzNa1C9r9wUCY9prvwAKCRCVBzNa1C9r96/OEACw
ODooOtrKASAEficreFE1m5nuXDre1g7UjdSrU3rQKqDO2EaTTgP8aqnyleqEVqWz
0p0GwydWmVATNsxsNzktBj1UnB0CoqER4McItHWuPjnowFBowYMLcNfIYc0yhVru
/ztinM4Hf7BSTfEsGx8H+yLaTYLb078icgmLALhf9d1rjrfa2k0o8Lz7Jzqc/C+a
umvT+X4I+KeC8XurZJ2ksFfoWVyfO+Z+RjeLbZLXerSa20wApIeeJhR8lJa0rUAz
nhyU2J8gw26wDizd09t0ThNESD/cSqMbD4NgiHmMn2on/3OJq0yV/JK4Doc74jGP
mT4QDUA2mVB5hXn073Nzqt4NFTTZo3mnRo9s43awIF32mFdScIjVARX8+gWeAwP0
O39nuya1mNKv0J/Shbu7d/b9E/Aixvz02J9PYJAbBiQntfN+Oe3fOaZ4W6k2PVK/
t2bGbHNvevdPbNAAg7pRM+cAFg65MudXlkmX3uNpXixxC5dHCn8G4XW1+J1Leq2V
ELt9ZjBiDfg3hIXNIusPAFzBlnXHwf4Xn8Ihpu0YFjBmjMvb5u6Fis6G1wTeO2XK
TWwPEcokV4CAuMA+/hoWj4Fb016A1rgl4W0uKLHJ4heZ8no8GJie5LfBJv1+Z1Sy
385gdrYBjhZd6eqLtH9ozEvb+79tdyxRaoIjoduYQg==
=tHXt
-----END PGP MESSAGE-----