diff --git a/signatures.go b/signatures.go
index 4678155..3a5445d 100644
--- a/signatures.go
+++ b/signatures.go
@@ -208,6 +208,18 @@ func SignRpmFile(infile *os.File, outpath string, key *packet.PrivateKey, opts *
 	return header, rewriteRpm(infile, outpath, header)
 }
 
+// SignRpmFileIntoStream signs the rpmfile represented by infile with the
+// provided private key and sig options.  The entire signed RPM file is then
+// written to the outstream.
+func SignRpmFileIntoStream(outstream io.Writer, infile io.ReadSeeker, key *packet.PrivateKey, opts *SignatureOptions) error {
+	header, err := SignRpmStream(infile, key, opts)
+	if err != nil {
+		return err
+	}
+	delete(header.sigHeader.entries, SIG_RESERVEDSPACE-_SIGHEADER_TAG_BASE)
+	return writeRpm(infile, outstream, header.sigHeader)
+}
+
 // RewriteWithSignatures inserts raw signatures into a RPM header.
 //
 // DEPRECATED: To perform a detached signature, use SignRpmStream and call
@@ -261,7 +273,7 @@ func rewriteRpm(infile *os.File, outpath string, header *RpmHeader) error {
 				if err != nil {
 					os.Remove(tempfile.Name())
 				} else {
-					_ = tempfile.Chmod(0644)
+					_ = tempfile.Chmod(0o644)
 					if err = tempfile.Close(); err != nil {
 						return
 					}
diff --git a/signatures_test.go b/signatures_test.go
index 3cfe847..1686784 100644
--- a/signatures_test.go
+++ b/signatures_test.go
@@ -72,6 +72,34 @@ func TestSign(t *testing.T) {
 	}
 }
 
+func TestSignRpmFileIntoStream(t *testing.T) {
+	keyring, err := openpgp.ReadArmoredKeyRing(bytes.NewReader([]byte(testkey)))
+	if err != nil {
+		t.Fatal("failed to parse test key:", err)
+	}
+	entity := keyring[0]
+
+	f, err := os.Open("testdata/simple-1.0.1-1.i386.rpm")
+	if err != nil {
+		t.Fatal("failed to open test rpm:", err)
+	}
+	defer f.Close()
+
+	buf := &bytes.Buffer{}
+	err = SignRpmFileIntoStream(buf, f, entity.PrivateKey, nil)
+	if err != nil {
+		t.Fatal("error signing rpm:", err)
+	}
+
+	_, sigs, err := Verify(buf, keyring)
+	if err != nil {
+		t.Fatal("error verifying signature:", err)
+	}
+	if len(sigs) != 2 || sigs[0].Signer != entity || sigs[1].Signer != entity {
+		t.Fatalf("error verifying signature: incorrect signers. found: %#v", sigs)
+	}
+}
+
 const testkey = `
 -----BEGIN PGP PRIVATE KEY BLOCK-----