Fix GPG import command syntax - use process substitution for passphrase

Use fd 3 for passphrase and stdin for key data to avoid conflicts.

Author: zph

.github/workflows/main.yml

@@ -232,9 +232,9 @@ jobs:
           # Start gpg-agent with loopback pinentry
           gpg-agent --daemon --allow-loopback-pinentry
 
-          # Import the subkey using passphrase via stdin
-          # Note: --passphrase-fd 0 reads passphrase from stdin
-          echo "$GPG_PASSPHRASE" | gpg --batch --yes --pinentry-mode loopback --passphrase-fd 0 --import <<< "$GPG_PRIVATE_KEY"
+          # Import the subkey using passphrase via file descriptor
+          # Use process substitution to provide passphrase on fd 3, key on stdin
+          gpg --batch --yes --pinentry-mode loopback --passphrase-fd 3 --import 3<<< "$GPG_PASSPHRASE" <<< "$GPG_PRIVATE_KEY"
 
           # Trust the key (required for signing)
           # Use ultimate trust (6) for the subkey