check_gpg_authentication_subkey "$keyID"
# generate the list of commands that will be passed to edit-key
- editCommands=$(cat <<EOF
-addkey
+ editCommands="addkey
7
S
E
Q
$keyLength
0
-save
-EOF
-)
+save"
# setup the temp fifo dir for retrieving the key password
log debug "creating password fifo..."
fifoDir=$(msmktempdir)
- trap "rm -rf $fifoDir" EXIT
(umask 077 && mkfifo "$fifoDir/pass")
- log verbose "generating subkey..."
+ # FIXME: are we adequately cleaning up any trailing gpg process here?
+ trap "rm -rf $fifoDir; kill %% || true" EXIT
echo "$editCommands" | gpg_user --passphrase-fd 3 3< "$fifoDir/pass" --expert --command-fd 0 --edit-key "$keyID" &
+ log debug "Prompting for passphrase"
# FIXME: this needs to fail more gracefully if the passphrase is incorrect
passphrase_prompt "Please enter your passphrase for $keyID: " "$fifoDir/pass"
+ log info "Generating subkey. This may take a long time..."
trap - EXIT
rm -rf "$fifoDir"