+ dup_gpg_asymmetric_encryption=no
+ fi
+
+ # when using public/private key pair encryption, ask for the keys to use
+ if [ "$dup_gpg_asymmetric_encryption" == yes ]; then
+ do_dup_gpg_encryptkey ; [ $? = 0 ] || return 1
+ do_dup_gpg_sign ; [ $? = 0 ] || return 1
+ if [ "$dup_gpg_sign" == yes ]; then
+ do_dup_gpg_signkey ; [ $? = 0 ] || return 1
+ fi
+ fi
+
+ # a passphrase is only needed when signing, or when symmetric encryption is used
+ if [ "$dup_gpg_asymmetric_encryption" == "no" ]; then
+ do_dup_gpg_passphrase "encrypt the backups"
+ [ $? = 0 ] || return 1
+ elif [ "$dup_gpg_sign" == "yes" ]; then
+ if [ -z "$dup_gpg_signkey" ]; then
+ do_dup_gpg_passphrase "unlock the GnuPG 0x$dup_gpg_signkey key used to sign the backups"
+ [ $? = 0 ] || return 1
+ else
+ do_dup_gpg_passphrase "unlock the GnuPG 0x$dup_gpg_encryptkey key used to sign the backups"
+ [ $? = 0 ] || return 1
+ fi