diff --git a/tomb b/tomb
index 52dd73c..da2c70b 100755
--- a/tomb
+++ b/tomb
@@ -947,14 +947,24 @@ gpg_decrypt() {
     # fix for gpg 1.4.11 where the --status-* options don't work ;^/
     local gpgver=$(gpg --version --no-permission-warning | awk '/^gpg/ {print $3}')
     local gpgpass="$1\n$TOMBKEY"
-    local gpgstatus
-    local tmpres
+    local tmpres ret
+    typeset -a gpgopt
+    gpgpopt=(--passphrase-fd 0)
 
+    { option_is_set -r } && {
+        local gpgkey=`option_value -r`
+        _verbose "using $gpgkey to decrypt a tomb key"
+        { ! is_valid_recipients "$gpgkey" } && {
+             _failure "You set an invalid GPG ID."
+        }
+        gpgpass="$TOMBKEY"
+        gpgpopt=()
+    }
+    
     [[ $gpgver == "1.4.11" ]] && {
         _verbose "GnuPG is version 1.4.11 - adopting status fix."
-
         TOMBSECRET=`print - "$gpgpass" | \
-            gpg --batch --passphrase-fd 0 --no-tty --no-options`
+            gpg --batch ${gpgpopt[@]} --no-tty --no-options`
         ret=$?
         unset gpgpass
         return $ret
@@ -963,12 +973,10 @@ gpg_decrypt() {
     _tmp_create
     tmpres=$TOMBTMP
     TOMBSECRET=`print - "$gpgpass" | \
-        gpg --batch --passphrase-fd 0 --no-tty --no-options \
+        gpg --batch ${gpgpopt[@]} --no-tty --no-options \
             --status-fd 2 --no-mdc-warning --no-permission-warning \
             --no-secmem-warning 2> $tmpres`
-
     unset gpgpass
-
     ret=1
     for i in ${(f)"$(cat $tmpres)"}; do
         _verbose "$i"
@@ -1158,11 +1166,24 @@ gen_key() {
     # -o is the --cipher-algo to use (string taken by GnuPG)
     local algopt="`option_value -o`"
     local algo="${algopt:-AES256}"
+    local gpgpass opt
+    typeset -a gpgopt
     # here user is prompted for key password
     tombpass=""
     tombpasstmp=""
 
-    { ! option_is_set -r } && {
+    { option_is_set -r } && {
+        local gpgkey=`option_value -r`
+        _verbose "using $gpgkey to encrypt a tomb key"
+        { is_valid_recipients "$gpgkey" } || {
+            _failure "You set an invalid GPG ID."
+        }
+        
+        # Set gpg inputs and options
+        gpgpass="$TOMBSECRET"
+        gpgopt=(--encrypt --recipient "$gpgkey")
+        opt=''
+    } || {
         if [ "$1" = "" ]; then
             while true; do
                 # 3 tries to write two times a matching password
@@ -1219,26 +1240,20 @@ gen_key() {
             }
         }
         print $header
+
+        # Set gpg inputs and options
+        gpgpass="${tombpass}\n$TOMBSECRET"
+        gpgopt=(--passphrase-fd 0 --symmetric)
+        opt='-n'
     }
 
-	_tmp_create
-	local tmpres=$TOMBTMP
-
-    if option_is_set -r; then
-        local gpgkey="`option_value -r`"
-        { is_valid_recipients "$gpgkey" } || { 
-             _failure "You set an invalid GPG ID."
-        }
-        print -n - "${tombpass}\n$TOMBSECRET" \
-		    | gpg --openpgp --force-mdc --cipher-algo ${algo} --batch \
-		    	  --no-options --no-tty --recipient "$gpgkey" \
-		    	  --status-fd 2 -o - --encrypt --armor 2> $tmpres
-    else
-        print -n - "${tombpass}\n$TOMBSECRET" \
-		    | gpg --openpgp --force-mdc --cipher-algo ${algo} --batch \
-		    	  --no-options --no-tty --passphrase-fd 0 \
-		    	  --status-fd 2 -o - --symmetric --armor 2> $tmpres
-	fi
+    _tmp_create
+    local tmpres=$TOMBTMP
+    print $opt - "$gpgpass" \
+        | gpg --openpgp --force-mdc --cipher-algo ${algo} --batch \
+              --no-options --no-tty ${gpgopt[@]} \
+              --status-fd 2 -o - --armor 2> $tmpres
+    unset gpgpass
     # check result of gpg operation
     for i in ${(f)"$(cat $tmpres)"}; do
         _verbose "$i"