# 40CHARFINGERPRINTXXXXXXXXXXXXXXXXXXXXXXX:5:
local -A trusted_ids
for keyring in "${KEYRINGIDS[@]}"; do
- if [[ -f "${KEYRING_IMPORT_DIR}/${keyring}-trusted" ]]; then
+ if [[ -s "${KEYRING_IMPORT_DIR}/${keyring}-trusted" ]]; then
- while read key; do
- # skip comments; these are valid in this file
- [[ $key = \#* ]] && continue
- key_id="${key%%:*}"
- if [[ -n ${key_id} ]]; then
- # Mark this key to be lsigned
- trusted_ids[$key_id]="${keyring}"
- fi
+ while IFS=: read key_id _; do
+ # skip blank lines, comments; these are valid in this file
+ [[ -z $key_id || ${key_id:0:1} = \# ]] && continue
+
+ # Mark this key to be lsigned
+ trusted_ids[$key_id]=$keyring
done < "${KEYRING_IMPORT_DIR}/${keyring}-trusted"
fi
done
# guarantee of identification for the keys.
local -A revoked_ids
for keyring in "${KEYRINGIDS[@]}"; do
- if [[ -f "${KEYRING_IMPORT_DIR}/${keyring}-revoked" ]]; then
+ if [[ -s "${KEYRING_IMPORT_DIR}/${keyring}-revoked" ]]; then
- while read key; do
- key_id="$("${GPG_PACMAN[@]}" --quiet --with-colons --list-key "${key}" 2>/dev/null | grep ^pub | cut -d: -f5)"
- if [[ -n ${key_id} ]]; then
+ mapfile -t keys < "${KEYRING_IMPORT_DIR}/${keyring}-revoked"
+ while IFS=: read _ _ _ _ key_id _; do
+ if [[ -n $key_id ]]; then
# Mark this key to be disabled
revoked_ids[$key_id]="${keyring}"
fi
}
add_keys() {
- if ! "${GPG_PACMAN[@]}" --quiet --batch --import "${KEYFILES[@]}" ; then
+ if ! "${GPG_PACMAN[@]}" --quiet --batch --import "$@" ; then
- error "$(gettext "A specified keyfile could not be added to the gpg keychain.")"
+ error "$(gettext "A specified keyfile could not be added to the keyring.")"
exit 1
fi
}
delete_keys() {
- check_keyids_exist
- if ! "${GPG_PACMAN[@]}" --quiet --batch --delete-key --yes "${KEYIDS[@]}" ; then
+ check_keyids_exist "$@"
+ if ! "${GPG_PACMAN[@]}" --quiet --batch --delete-key --yes "$@" ; then
- error "$(gettext "A specified key could not be removed from the gpg keychain.")"
+ error "$(gettext "A specified key could not be removed from the keyring.")"
exit 1
fi
}
}
export_keys() {
- check_keyids_exist
- if ! "${GPG_PACMAN[@]}" --armor --export "${KEYIDS[@]}" ; then
+ check_keyids_exist "$@"
+ if ! "${GPG_PACMAN[@]}" --armor --export "$@" ; then
- error "$(gettext "A specified key could not be exported from the gpg keychain.")"
+ error "$(gettext "A specified key could not be exported from the keyring.")"
exit 1
fi
}