Removed direct substitution in encrypt and decrypt scripts.

src/zlevis-decrypt

@@ -55,9 +55,10 @@ trap 'on_exit' EXIT
 
 # Read the JWE protected header
 read -r -d . hdr
+echo "$hdr" > "$tmp"/hdr
 
 # Decode the JWE protected header
-if ! jhd="$(jose b64 dec -i- < <(echo "$hdr"))"; then
+if ! jhd="$(jose b64 dec -i- < "$tmp"/hdr)"; then
     echo "Error decoding JWE protected header" >&2
     exit 1
 fi

src/zlevis-encrypt

@@ -233,8 +233,8 @@ fi
 jwe="$(jose fmt -j "$jwe" -g protected -g clevis -g tpm2 -q "$jwk_pub" -s jwk_pub -UUUUo-)"
 jwe="$(jose fmt -j "$jwe" -g protected -g clevis -g tpm2 -q "$jwk_priv" -s jwk_priv -UUUUo-)"
 
-# Clean up the temporary directory at the end of the script
-[ -d "${tmp}" ] && rm -rf "${tmp}"
-
 # Output the final JWE
-exec jose jwe enc -i- -k- -I- -c < <(echo -n "$jwe$jwk"; /bin/cat)
+(echo "$jwe$jwk"; /bin/cat) | jose jwe enc -i- -k- -I- -c
+
+# Exit with the status of the last command
+exit $?