wfp
diff --git a/‎src/crypto/gpg.ts‎
Lines changed: 182 additions & 144 deletions b/‎src/crypto/gpg.ts‎
Lines changed: 182 additions & 144 deletions
@@ -1,169 +1,207 @@
-import { constants, existsSync } from 'fs';
+
+import { constants, existsSync } from 'node:fs';
 import { access } from 'node:fs/promises';
-import { spawn, type StdioOptions } from 'node:child_process';
 import { dirname, join } from 'node:path';
-import os, { homedir } from 'node:os';
+import { spawnSync } from 'node:child_process';
 import Debug from 'debug';
 import type { Config } from '../config';
-import { GpgError, GpgErrorCode, type GpgErrorContext } from './gpgErrors';
-import { parseGpgStderr } from './gpgErrorParser';
-import { execFileCapture, type ExecError, type ExecResult } from './util';
-import { defaultGnuPgHome, resolveViaGpgConf } from './gpgDiscover';
+import { GpgErrorCode, identifyError } from './gpgError';
 
 const log = Debug('cid::engine::crypto::gpg');
 
-export interface EncryptWithGpgInput {
-  inputPath: string;
-  outputPath: string;
-  gpgPath: string;
-  recipient: string;
-  signer?: string;
+export type GpgOptions = {
   armor?: boolean;
   trustAlways?: boolean;
-  homedir?: string;
+  binaryPathOverride?: string;
   pinentryMode?: Config.CryptoPinentryMode;
-  passphrase?: string;
-  allowOverwrite?: boolean,
-  timeoutMs?: number,
+  timeoutMs?: number;
+  verifyRecipientKey?: boolean;
+  verifySignerKey?: boolean;
 }
 
-function hasPubKey(listColons: string): boolean {
-  return listColons.split('\n').some(line => line.startsWith('pub:'));
-}
-function hasSecKey(listColons: string): boolean {
-  return listColons.split('\n').some(line => line.startsWith('sec:'));
-}
 
-async function assertKeyExists(gpgPath: string, homedir: string, keyId: string, keyType: 'recipient' | 'signer') {
-  log(`[DEBUG] Checking for ${keyType} key: ${keyId}`);
+export type EncryptFileInput = {
+  inputPath: string;
+  outputPath: string;
+  recipient: string;
+  signer?: string;
+  signerPassphrase?: string;
+}
 
-  const listArgs = keyType === 'signer'
-      ? ['--with-colons', '--homedir', homedir, '--batch', '--yes', '--list-secret-keys', keyId]
-      : ['--with-colons', '--homedir', homedir, '--batch', '--yes', '--list-keys', keyId];
+export type EncryptFileResult = 
+  | { success: true; outputPath: string }
+  | { success: false; error: string; code?: string | GpgErrorCode };
 
-  let out: ExecResult
-  try { out = await execFileCapture(gpgPath, listArgs, { ...process.env, GNUPGHOME: homedir }); }
-  catch (err) {
-    const e = err as ExecError;
 
-    throwDefaultGpgError(e.message, { binary: gpgPath, homedir, args: listArgs });  
+export class GpgWrapper {
+  private binPath: string;
+  
+  constructor(private options: GpgOptions={}) {
+    this.binPath = this.resolveGpgPath(options.binaryPathOverride);
+  }
 
-    throw parseGpgStderr(
-      e.stderr?.trim().length ? e.stderr : e.stdout || "",
-      { binary: gpgPath, homedir, exitCode: e.code ?? null, args: listArgs, ...(keyType === "recipient" ? { recipient: keyId} : { signer: keyId })}
-    );
+  private resolveGpgPath(override?: string): string {
+    // 1. if explicit path provided, use it.
+    if (override && existsSync(override)) {
+      log(`[INFO] Using overridden GPG binary path: ${override}`);
+      return override;
+    }
+    // TODO: maybe try gpgconf to discover homedir
+
+    // 2. Try common install locations
+    // NOTE: We try this before PATH to give preference to known locations since most users of this library
+    //       will likely be on Windows and using Kleopatra/Gpg4win, which installs by default into AppData.
+    //       For headless usage or usage on Linux/MacOS, users should ensure GPG is set on PATH or provide
+    //       path explicitly.
+    if (isWindows()) {
+      const candidates = resolveWindowsGpgBinCandidates();
+      for (const c of candidates) if (existsSync(c)) {
+        log(`[INFO] Found GPG binary at common location: ${c}`);
+        return c;
+      }
+    }
+
+    // 2. Try PATH
+    const which = isWindows() ? 'where' : 'which';
+    try {
+      const r = spawnSync(which, [ 'gpg' ], { encoding: 'utf-8' });
+      if (r.status === 0 && r.stdout) {
+        const path = r.stdout.split(/\r?\n/).find(Boolean);
+        if (path && existsSync(path)) {
+          log(`[INFO] Found GPG binary at PATH: ${path}`);
+          return path.trim();
+        }
+      }
+    }
+    catch { /* ignore and try next method */}
+
+    // 4. Fallback to 'gpg' and let error handling deal with it.
+    log(`[WARN] Falling back to GPG binary 'gpg' without validation.`);
+    return 'gpg';
   }
-  
-  const exists = keyType === 'signer' ? hasSecKey(out.stdout) : hasPubKey(out.stdout);
-  
-  if (!exists) throw new GpgError(
-    keyType === 'signer' ? GpgErrorCode.SIGNER_KEY_NOT_FOUND : GpgErrorCode.RECIPIENT_KEY_NOT_FOUND,
-    keyType === 'signer'
-      ? `Signing failed: no private key for signer "${keyId}"`
-      : `Encryption failed: no public key for recipient "${keyId}"`,
-    { binary: gpgPath, homedir, exitCode: 0, args: listArgs, ...(keyType === "recipient" ? { recipient: keyId} : { signer: keyId }) },
-    keyType === 'signer'
-      ? [ 'Ensure your signing key (private key) is present in this keyring and not on a different account.' ]
-      : [ 'Import or publish the recipient\' public key into this keyring.' ]
-  );
-}
 
-function throwDefaultGpgError(message: string, context: GpgErrorContext) {
-  if (message.includes("ENOENT")) throw new GpgError(GpgErrorCode.GPG_NOT_FOUND, `GPG failed to start: ${message}`, context);
-}
+  private keyExists(key: string, keyType: "RECIPIENT" | "SIGNER"): boolean {
+    const args = keyType === "RECIPIENT" ? [ '--list-keys', '--with-colons', key ] : [ '--list-secret-keys', '--with-colons', key ];
+    const r = spawnSync(this.binPath, args, { encoding: "utf-8" });
+    return r.status === 0 && r.stdout?.length > 0;
+  }
 
-async function ensureGpgAvailable(gpgPath: string, homedir: string) {
-  log(`[DEBUG] Ensuring GPG is available at: ${gpgPath}`);
-  const args = ['--version'];
-
-  let out: ExecResult;
-  try { out = await execFileCapture(gpgPath, args, { ...process.env, GNUPGHOME: homedir }); }
-  catch (err) {
-    const e = err as ExecError;
-    throwDefaultGpgError(e.message, { binary: gpgPath, homedir, args });  
-
-    throw new GpgError(
-      GpgErrorCode.GPG_NOT_FOUND,
-      `GPG not available (exit ${e.code}) at "${gpgPath}"`,
-      { binary: gpgPath, homedir, exitCode: e.code ?? null, args },
-      ['Reinstall Gpg4win (Windows) or GnuPG (Linux/macOS) or adjust the configuration to a working gpg.exe.']
-    );
+  public async encryptFile({ inputPath, outputPath, recipient, signer, signerPassphrase }: EncryptFileInput): Promise<EncryptFileResult> {
+
+    // check read permissions on input
+    try { await access(inputPath, constants.R_OK) }
+    catch {
+      log(`[ERROR] Unable to read input file, insufficient permissions for path: '${inputPath}'`);
+      return { success: false, error: `Unable to read input file: '${inputPath}'`, code: "INPUT_NOT_READABLE" }
+    }
+
+    // check write permissions on output
+    const outputDir = dirname(outputPath);
+    try { await access(outputDir, constants.W_OK) }
+    catch {
+      log(`[ERROR] Unable to write to output directory, insufficient permissions for path: '${outputDir}'`);
+      return { success: false, error: `Unable to write to output path: '${outputPath}'`, code: "OUTPUT_NOT_WRITABLE" }
+    }
+
+    // check recipient key is in keyring and valid
+    if (this.options.verifyRecipientKey) {
+      const okay = this.keyExists(recipient, "RECIPIENT");
+      if (!okay) {
+        const msg = `Recipient key not found in local keyring: '${recipient}'`;
+        log(`[ERROR] ${msg}`);
+        return { success: false, error: msg, code: GpgErrorCode.RECIPIENT_KEY_NOT_FOUND }
+      }
+    }
+
+    // check signer key is in the keyring and valid
+    if (signer && this.options.verifySignerKey) {
+      const okay = this.keyExists(signer, "SIGNER");
+      if (!okay) {
+        const msg = `Signer secret key not found in local keyring: '${signer}'`
+        log(`[ERROR] ${msg}`);
+        return { success: false, error: msg, code: GpgErrorCode.SIGNER_KEY_NOT_FOUND }
+      }
+    }
+
+    // https://www.gnupg.org/documentation/manuals/gnupg/GPG-Configuration-Options.html
+    const args = ['--batch', '--yes', '--status-fd', '2', '--no-tty', '--with-colons'];
+
+    if (this.options.armor) args.push('--armor');
+    if (this.options.trustAlways) args.push('--trust-model', 'always');
+    if (this.options.pinentryMode === 'loopback') args.push('--pinentry-mode', 'loopback');
+
+    args.push('--output', outputPath);
+
+    if (signer) {
+      args.push('--sign', '--local-user', signer);
+      if (this.options.pinentryMode === "loopback" && !signerPassphrase) {
+        log(`[WARN] pinentry-mode=loopback is set but no passphrase has been provided; signing may fail if the key is protected.`);
+      }
+    }
+
+    args.push('--encrypt');
+    args.push('--recipient', recipient);
+    args.push(inputPath);
+
+    log(`Running cmd: ${JSON.stringify(this.binPath)} ${args.map(a => JSON.stringify(a)).join(' ')}`);
+
+    let finalArgs = args.slice();
+    let inputData: string | undefined;
+
+    if (signer && this.options.pinentryMode === "loopback" && signerPassphrase) {
+      finalArgs = [ ...args.slice(0, 1), '--passphrase-fd', '0', ...args.slice(1)];
+      inputData = signerPassphrase.endsWith("\n") ? signerPassphrase : signerPassphrase + "\n";
+    }
+
+    const result = spawnSync(this.binPath, finalArgs, {
+      stdio: ['pipe', 'pipe', 'pipe'],
+      env: { ...process.env },
+      timeout: this.options.timeoutMs ?? 30_000,
+      encoding: "utf-8",
+      input: inputData
+    });
+
+    if ((result as any).error?.code === "ETIMEDOUT") {
+      log(`[ERROR] GPG timed out while encrypting file '${inputPath}'`);
+      log(`\tstderr: \n${result.stderr}`);
+      return { success: false, error: `GPG operation timed out`, code: GpgErrorCode.GENERAL_GPG_ERROR }
+    }
+
+    if (result.status == null) {
+      log(`[ERROR] GPG terminated without an exit status (timeout/signal).`);
+      log(`\tstderr: \n${result.stderr}`);
+      return { success: false, error: `GPG terminated without an exit status`, code: GpgErrorCode.GENERAL_GPG_ERROR }
+    }
+
+    if (result.status !== 0) {
+      const errorDetail = identifyError(result.stderr);
+
+      log(`[ERROR] Unable to encrypt file '${inputPath};\n\terrorCode=${errorDetail.code};\n\tmessage=${errorDetail.message}'`);
+      log(`\tstderr: \n${result.stderr}`);
+      return { success: false, error: errorDetail.message, code: errorDetail.code }
+    }
+
+    log(`[INFO] Successfully encrypted file ${outputPath}`);
+
+    return { success: true, outputPath }
   }
-  log(`[DEBUG] GPG version output: ${out.stdout.split('\n')[0]}`);
-}
 
+}
 
-export async function encryptFileWithGpg(input: EncryptWithGpgInput) {
-  const homedir = input.homedir ?? defaultGnuPgHome();
-
-  await ensureGpgAvailable(input.gpgPath, homedir);
-
-  // try { await access(inputPath, constants.R_OK); }
-  // catch {
-  //   throw new GpgError(
-  //     GpgErrorCode.INPUT_NOT_READABLE,
-  //     `Cannot read input file: ${inputPath}`,
-  //     { binary: gpg, homedir, inputPath },
-  //     ['Check the file path and permissions.']
-  //   );
-  // }
-
-  // const outputDir = dirname(outputPath);
-  // try { await access(outputDir, constants.W_OK); }
-  // catch {
-  //   throw new GpgError(
-  //     GpgErrorCode.OUTPUT_NOT_WRITABLE,
-  //     `Cannot write to output path: ${outputDir}`,
-  //     { binary: gpg, homedir, outputPath },
-  //     ['Check the file path and permissions.']
-  //   );
-  // }
-
-  // if (!allowOverwrite && existsSync(outputPath)) {
-  //   throw new GpgError(
-  //     GpgErrorCode.OUTPUT_WRITE_FAILED,
-  //     `Refusing to overwrite existing file: ${outputPath}`,
-  //     { outputPath },
-  //     ['Pass allowOverwrite=true to permit overwriting.']);
-  // }
-
-  // await assertKeyExists(gpg, homedir, recipient, 'recipient');
-  // if (signer) await assertKeyExists(gpg, homedir, signer, 'signer');
-
-  // const args = ['--batch', '--yes', '--status-fd', '2', '--homedir', homedir];
-  // if (armor) args.push('--armor');
-  // if (trustAlways) args.push('--trust-model', 'always');
-  // args.push('--output', outputPath);
-
-  // if (signer) {
-  //   args.push('--sign', '--local-user', signer);
-  //   if (pinentryMode === 'loopback') {
-  //     args.push('--pinentry-mode', 'loopback');
-  //     if (passphrase) args.push('--passphrase-fd', '0');
-  //   }
-  // }
-  // args.push('--encrypt');
-  // args.push('--recipient', recipient);
-  // args.push(inputPath);
-
-  // log(`Running: ${JSON.stringify(gpg)} ${args.map(a => JSON.stringify(a)).join(' ')}`);
-
-  // let stderr = ''; let stdout = '';
-  // await new Promise<void>((resolve, reject) => {
-  //   const stdio: StdioOptions = passphrase ? ['pipe', 'pipe', 'pipe'] : ['ignore', 'pipe', 'pipe'];
-  //   const p = spawn(gpg, args, { stdio, env: { ...process.env, GNUPGHOME: homedir }, timeout: timeoutMs });
-  //   p.stdout?.on('data', d => (stdout += String(d)));
-  //   p.stderr?.on('data', d => (stderr += String(d)));
-  //   if (p.stdin && passphrase) { p.stdin.write(passphrase + '\n'); p.stdin.end(); }
-  //   p.once('error', e => reject(new GpgError(
-  //     GpgErrorCode.GENERAL_GPG_ERROR, `Failed to start GPG: ${(e as Error).message}`,
-  //     { binary: gpg, homedir, args }, ['Check antivirus/process control tools and try again.']
-  //   )));
-  //   p.once('close', code => (code === 0 ? resolve() : reject(parseGpgStderr(stderr || stdout, {
-  //     binary: gpg, homedir, recipient , signer, inputPath, outputPath, exitCode: code, args
-  //   }))));
-  // });
-
-  // return { outputPath, recipient, signed: Boolean(signer) };
+function resolveWindowsGpgBinCandidates(): string[] {
+  const localAppData = process.env.LOCALAPPDATA;
+  const programFiles = process.env['ProgramFiles'];
+  const programFilesX86 = process.env['ProgramFiles(x86)'];
+
+  // Order matters
+  const opts: string[] = [];
+  if (localAppData) opts.push(join(localAppData, 'Programs', 'GnuPG', 'bin', 'gpg.exe'));
+  if (programFiles) opts.push(join(programFiles, 'GnuPG', 'bin', 'gpg.exe'));
+  if (programFilesX86) opts.push(join(programFilesX86, 'GnuPG', 'bin', 'gpg.exe'));
+  if (programFiles) opts.push(join(programFiles, 'Gpg4win', 'bin', 'gpg.exe'));
+  if (programFilesX86) opts.push(join(programFilesX86, 'Gpg4win', 'bin', 'gpg.exe'));
+  return opts;
 }
 
+
+export const isWindows = () => process.platform === 'win32';