Merge pull request #63 from jokeyrhyme/fix-gpg-tests

ci: install `gnupg2` for testing

Author: jokeyrhyme

.travis.yml

@@ -5,12 +5,14 @@ node_js:
 env:
   global:
     - CXX=g++-4.8
+    - DEBUG=gpg
 addons:
   apt:
     sources:
       - ubuntu-toolchain-r-test
     packages:
       - g++-4.8
+      - gnupg2
 install:
   - npm install --global npm
   - npm install

lib/gpg.js

@@ -1,7 +1,11 @@
 /* @flow */
 'use strict';
 
+const { promisify } = require('util');
+
+const debug = require('debug')('gpg');
 const execa = require('execa');
+const which = require('which');
 
 const { HKP, key } = require('openpgp');
 global.fetch = require('node-fetch'); // needed for opengpg lookups
@@ -11,10 +15,21 @@ global.fetch = require('node-fetch'); // needed for opengpg lookups
 const pgp = new HKP('https://keyserver.pgp.com');
 const mit = new HKP('https://pgp.mit.edu');
 
-const FINGERPRINT_REGEXP = /[0-9A-F]{40}/m;
+async function exe() /* : Promise<string> */ {
+  try {
+    return await promisify(which)('gpg2');
+  } catch (err) {
+    return await promisify(which)('gpg');
+  }
+}
 
 async function getLocalPublicKey(keyId /* : string */) {
-  const { stdout } = await execa('gpg', ['--export', '--armor', keyId]);
+  const { all, stdout } = await execa(await exe(), [
+    '--export',
+    '--armor',
+    keyId,
+  ]);
+  debug('getLocalPublicKey(): gpg --export --armor %s\n%s', keyId, all);
   if (!stdout.includes('-----BEGIN PGP PUBLIC KEY BLOCK-----')) {
     return null;
   }
@@ -30,22 +45,64 @@ async function getUsernames(keyId /* : string */) {
   );
 }
 
-async function listKnownPublicKeys() {
-  const { stdout } = await execa('gpg', ['--list-public-keys', '--textmode']);
+async function listKnownPublicKeys() /* : Promise<string[]> */ {
+  const { all, stdout } = await execa(await exe(), [
+    '--list-keys',
+    '--fingerprint',
+    '--textmode',
+  ]);
+  debug(
+    'listKnownPublicKeys(): gpg --list-keys --fingerprint --textmode\n%s',
+    all,
+  );
 
-  return stdout
-    .split('\n\n')
-    .map(entry => {
-      const [keyId] = entry.match(FINGERPRINT_REGEXP) || [];
-      return keyId || '';
-    })
-    .filter(keyId => !!keyId);
+  return parseListing(stdout).map(entry => entry.fingerprint);
 }
 
 async function lookupPublicKey(keyId /* : string */) {
   return (await mit.lookup({ keyId })) || (await pgp.lookup({ keyId }));
 }
 
+/* ::
+type ListingEntry = {
+  email: string;
+  fingerprint: string;
+};
+*/
+function parseListing(listing /* : string */) /* : ListingEntry[] */ {
+  const entries = [];
+  let entry = { email: '', fingerprint: '' };
+
+  const saveOldStartNew = () => {
+    if (entry && entry.fingerprint) {
+      entries.push(entry);
+    }
+    entry = { email: '', fingerprint: '' };
+  };
+
+  for (let line of listing.split('\n')) {
+    line = line.trim();
+    if (line.match(/^(pub|sec)\s/)) {
+      // we are at the start of a new entry
+      saveOldStartNew();
+    }
+    let noWhitespace = line.replace(/\s/g, '');
+    if (line.startsWith('Key fingerprint = ')) {
+      noWhitespace = noWhitespace.replace('Keyfingerprint=', '');
+    }
+    if (noWhitespace.match(/^[0-9A-F]{40}$/)) {
+      entry.fingerprint = noWhitespace;
+    }
+    const [, email] = line.match(/<([^\s@]+@[^\s@]+)>/) || [];
+    if (email) {
+      entry.email = email;
+    }
+  }
+  saveOldStartNew();
+  debug('parseListing(): %O', entries);
+  return entries;
+}
+
 async function parsePublicKeys(
   asciiArmor /* :? string */,
 ) /* : Promise<ParsedKey> */ {
@@ -59,9 +116,11 @@ async function parsePublicKeys(
 }
 
 module.exports = {
+  exe,
   getLocalPublicKey,
   getUsernames,
   listKnownPublicKeys,
   lookupPublicKey,
   parsePublicKeys,
+  parseListing,
 };

lib/gpg.test.js

@@ -10,29 +10,32 @@ const execa = require('execa');
 const rimraf = require('rimraf');
 
 const {
+  exe,
   getLocalPublicKey,
   getUsernames,
   listKnownPublicKeys,
   lookupPublicKey,
+  parseListing,
   parsePublicKeys,
 } = require('./gpg');
 
 describe('gpg', () => {
   let tempDir;
 
-  afterEach(async () => {
+  afterAll(async () => {
     if (tempDir) {
       await promisify(rimraf)(tempDir);
     }
     delete process.env.GNUPGHOME;
   });
 
-  beforeEach(async () => {
+  beforeAll(async () => {
     tempDir = await promisify(mkdtemp)(
       joinPath(tmpdir(), 'git-crypt-test--gpg-'),
     );
+    process.env.DEBUG = 'gpg';
     process.env.GNUPGHOME = tempDir;
-    await execa('gpg', ['--generate-key', '--batch'], {
+    await execa(await exe(), ['--gen-key', '--batch'], {
       input: [
         'Key-Type: default',
         'Subkey-Type: default',
@@ -42,7 +45,7 @@ describe('gpg', () => {
         '%commit',
       ].join('\n'),
     });
-    await execa('gpg', ['--generate-key', '--batch'], {
+    await execa(await exe(), ['--gen-key', '--batch'], {
       input: [
         'Key-Type: default',
         'Subkey-Type: default',
@@ -52,6 +55,10 @@ describe('gpg', () => {
         '%commit',
       ].join('\n'),
     });
+
+    // eslint-disable-next-line no-console
+    console.log('listing keys in test keyring:');
+    await execa(await exe(), ['-K'], { stderr: 'inherit', stdout: 'inherit' });
   });
 
   describe('getLocalPublicKey()', () => {
@@ -93,6 +100,7 @@ describe('gpg', () => {
 
   describe('lookupPublicKey()', () => {
     it('finds the public key for Hashicorp', async () => {
+      jest.setTimeout(30 * 1000);
       try {
         const got = await lookupPublicKey(
           '91A6E7F85D05C65630BEF18951852D87348FFC4C',
@@ -107,6 +115,56 @@ describe('gpg', () => {
     });
   });
 
+  describe('parseListing()', () => {
+    it('parses output from gpg 2.1.11', () => {
+      const listing = `/tmp/git-crypt-test--gpg-KHPaVv/pubring.kbx
+-------------------------------------------
+pub   rsa2048/589EF98F 2019-07-21 [SC]
+      Key fingerprint = 1D5F 7BFE 54E5 C2E9 78AF  88FF 6BC3 D9B3 589E F98F
+uid         [ultimate] Alice <alice@example.local>
+sub   rsa2048/73AF806B 2019-07-21 [E]
+pub   rsa2048/CC38658E 2019-07-21 [SC]
+      Key fingerprint = 9A21 8AA0 BBB0 E64E B6AA  7731 7282 FA72 CC38 658E
+uid         [ultimate] Bob <bob@example.local>
+sub   rsa2048/568A60C0 2019-07-21 [E]
+`;
+      const got = parseListing(listing);
+      expect(got).toContainEqual({
+        email:       'alice@example.local',
+        fingerprint: '1D5F7BFE54E5C2E978AF88FF6BC3D9B3589EF98F',
+      });
+      expect(got).toContainEqual({
+        email:       'bob@example.local',
+        fingerprint: '9A218AA0BBB0E64EB6AA77317282FA72CC38658E',
+      });
+    });
+
+    it('parses output from gpg 2.2.16', () => {
+      const listing = `/tmp/git-crypt-test--gpg-zr7rYT/pubring.kbx
+-------------------------------------------
+sec   rsa2048 2019-07-21 [SC]
+      8E82A43990918AE0BC5AF076438FBEFBB18785ED
+uid           [ultimate] Alice <alice@example.local>
+ssb   rsa2048 2019-07-21 [E]
+
+sec   rsa2048 2019-07-21 [SC]
+      1CC8653C86167701289AB6D398402AEC113CE2BB
+uid           [ultimate] Bob <bob@example.local>
+ssb   rsa2048 2019-07-21 [E]
+
+`;
+      const got = parseListing(listing);
+      expect(got).toContainEqual({
+        email:       'alice@example.local',
+        fingerprint: '8E82A43990918AE0BC5AF076438FBEFBB18785ED',
+      });
+      expect(got).toContainEqual({
+        email:       'bob@example.local',
+        fingerprint: '1CC8653C86167701289AB6D398402AEC113CE2BB',
+      });
+    });
+  });
+
   describe('parsePublicKeys()', () => {
     it('parses ASCII Armor for Alice or Bob', async () => {
       const keyIds = await listKnownPublicKeys();