- # fail if multiple sec lines are returned, which means the id
- # given is not unique
- if [ $(echo "$gpgOut" | grep '^sec:' | wc -l) -gt '1' ] ; then
- failure "Key ID '$keyID' is not unique."
- fi
+# take a secret key ID and check that only zero or one ID is provided,
+# and that it corresponds to only a single secret key ID
+check_gpg_sec_key_id() {
+ local gpgSecOut
+
+ case "$#" in
+ 0)
+ gpgSecOut=$(gpg_user --fixed-list-mode --list-secret-keys --with-colons 2>/dev/null | egrep '^sec:')
+ ;;
+ 1)
+ gpgSecOut=$(gpg_user --fixed-list-mode --list-secret-keys --with-colons "$1" | egrep '^sec:') || failure
+ ;;
+ *)
+ failure "You must specify only a single primary key ID."
+ ;;
+ esac
+
+ # check that only a single secret key was found
+ case $(echo "$gpgSecOut" | grep -c '^sec:') in
+ 0)
+ failure "No secret keys found. Create an OpenPGP key with the following command:
+ gpg --gen-key"
+ ;;
+ 1)
+ echo "$gpgSecOut" | cut -d: -f5
+ ;;
+ *)
+ local seckeys=$(echo "$gpgSecOut" | cut -d: -f5)
+ failure "Multiple primary secret keys found:
+$seckeys
+Please specify which primary key to use."
+ ;;
+ esac
+}