gpg modules list_keys function does not handle keys with a trust of 'revoked'

[gmcwhistler]

Description of Issue

When attempting to use the gpg.list_keys() module (https://docs.saltstack.com/en/2018.3/ref/modules/all/salt.modules.gpg.html#salt.modules.gpg.list_keys), keys that have a 'revoked' trust cause a KeyError.

2019-08-29 09:48:38PDT [ root@salt-master001 ]
  #  salt gargamel\* gpg.list_keys user=root gnupghome=/root/.gnupg
gargamel.internal:
    The minion function caused an exception: Traceback (most recent call last):
      File "/usr/local/lib/python2.7/site-packages/salt/minion.py", line 1606, in _thread_return
        return_data = minion_instance.executors[fname](opts, data, func, args, kwargs)
      File "/usr/local/lib/python2.7/site-packages/salt/executors/direct_call.py", line 12, in execute
        return func(*args, **kwargs)
      File "/usr/local/lib/python2.7/site-packages/salt/modules/gpg.py", line 310, in list_keys
        tmp['trust'] = LETTER_TRUST_DICT[_key['trust']]
    KeyError: u'r'


-------------------------------------------
Summary
-------------------------------------------
# of minions targeted: 1
# of minions returned: 1
# of minions that did not return: 0
# of minions with errors: 0
-------------------------------------------
2019-08-29 09:55:38PDT [ root@salt-master001 ]
  #

An example (heavily redacted) of a key that throws the above error:

bash-4.4# gpg --with-colon /root/gpg_keys/user.gpg
pub:-:2048:1:<KEYID>:2016-07-12:::-:User, Email <user@email>:
sub:-:2048:1:<KEYID>:2016-07-12::::
pub:e:4096:1:<KEYID>:2016-07-22:2017-07-22::-:User, Email <user@email>:
sub:e:4096:1:<KEYID>:2016-07-22:2017-07-22::: [expires: 2017-07-22]
pub:r:4096:1:<KEYID>:2017-09-15:2018-09-15::-:[revoked]
uid:::::::::User, Email <user@email>:
sub:r:4096:1:<KEYID>:2017-09-15:2018-09-15::: [revoked: 2017-10-16]
pub:e:4096:1:<KEYID>:2017-10-16:2018-10-16::-:User, Email <user@email>:
sub:e:4096:1:<KEYID>:2017-10-16:2018-10-16::: [expires: 2018-10-16]

Setup

Steps to Reproduce Issue

simplisticly:
create a gpg key with multiple pub and/or sub keys.
revoke one or more of them.
import the key into your ring.
run salt-call gpg.list_keys

Versions Report

Master versions:

  #  salt --versions
Salt Version:
           Salt: 2018.3.4

Dependency Versions:
           cffi: Not Installed
       cherrypy: unknown
       dateutil: Not Installed
      docker-py: Not Installed
          gitdb: Not Installed
      gitpython: Not Installed
          ioflo: Not Installed
         Jinja2: 2.8.1
        libgit2: Not Installed
        libnacl: Not Installed
       M2Crypto: Not Installed
           Mako: Not Installed
   msgpack-pure: Not Installed
 msgpack-python: 0.4.6
   mysql-python: Not Installed
      pycparser: Not Installed
       pycrypto: 2.6.1
   pycryptodome: Not Installed
         pygit2: Not Installed
         Python: 2.7.13 (default, Feb 21 2019, 18:23:58)
   python-gnupg: 0.4.5
         PyYAML: 3.11
          PyZMQ: 14.5.0
           RAET: Not Installed
          smmap: Not Installed
        timelib: Not Installed
        Tornado: 4.2.1
            ZMQ: 4.0.5

System Versions:
           dist: redhat 6.10 Santiago
         locale: UTF-8
        machine: x86_64
        release: 4.1.12-124.25.1.el6uek.x86_64
         system: Linux
        version: Red Hat Enterprise Linux Server 6.10 Santiago

Minion versions:

bash-4.4# salt-minion --versions
Salt Version:
           Salt: 2018.3.2

Dependency Versions:
           cffi: 1.11.5
       cherrypy: Not Installed
       dateutil: Not Installed
      docker-py: Not Installed
          gitdb: Not Installed
      gitpython: Not Installed
          ioflo: Not Installed
         Jinja2: 2.10
        libgit2: Not Installed
        libnacl: Not Installed
       M2Crypto: 0.30.1
           Mako: Not Installed
   msgpack-pure: Not Installed
 msgpack-python: 0.5.6
   mysql-python: Not Installed
      pycparser: 2.18
       pycrypto: 3.6.6
   pycryptodome: Not Installed
         pygit2: Not Installed
         Python: 2.7.15 (default, Oct 11 2018, 12:36:27)
   python-gnupg: 0.4.3
         PyYAML: 3.13
          PyZMQ: 16.0.3
           RAET: Not Installed
          smmap: Not Installed
        timelib: Not Installed
        Tornado: 4.4.2
            ZMQ: 4.2.5

System Versions:
           dist:
         locale: US-ASCII
        machine: amd64
        release: 6.4
         system: OpenBSD
        version: Not Installed

[gmcwhistler]

Applying the following patch to salt/modules/gpg.py seems to address the issue:

--- salt/modules/gpg.py.orig    Thu Aug 29 10:11:00 2019
+++ salt/modules/gpg.py Thu Aug 29 10:11:38 2019
@@ -36,6 +36,7 @@
 __virtualname__ = 'gpg'

 LETTER_TRUST_DICT = {
+    'r': 'Revoked',
     'e': 'Expired',
     'q': 'Unknown',
     'n': 'Not Trusted',

[Ch3LL]

looks like im also able to replicate this. mind pushing that up with as a PR with a regression test?

[stale]

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

If this issue is closed prematurely, please leave a comment and we will gladly reopen the issue.

[stale]

Thank you for updating this issue. It is no longer marked as stale.

[zloyded]

Try to present gpg to master:
state:

salt_master_gpg:
  gpg.present:
    - name: saltgpg
    - gnupghome: /etc/salt/gpgkeys
    - trust: fully
    - user: root
    - keys:
      - saltgpg

    Function: gpg.present
        Name: saltorange
      Result: False
     Comment: An exception occurred in this state: Traceback (most recent call last):
                File "/usr/lib/python3.6/site-packages/salt/state.py", line 2154, in call
                  *cdata["args"], **cdata["kwargs"]
                File "/usr/lib/python3.6/site-packages/salt/loader.py", line 2106, in wrapper
                  return f(*args, **kwargs)
                File "/usr/lib/python3.6/site-packages/salt/states/gpg.py", line 69, in present
                  _current_keys = __salt__["gpg.list_keys"](user=user, gnupghome=gnupghome)
                File "/usr/lib/python3.6/site-packages/salt/loader.py", line 1283, in __getitem
__
                  func = super().__getitem__(item)
                File "/usr/lib/python3.6/site-packages/salt/utils/lazy.py", line 103, in __geti
tem__
                  return self._dict[key]
              KeyError: 'gpg.list_keys'
     Started: 12:56:24.195631
    Duration: 12.36 ms
     Changes:```

Salt version:
```salt-master -V                                                                    [12:56:24]
Salt Version:
          Salt: 3002.2

Dependency Versions:
          cffi: 1.11.5
      cherrypy: 18.4.0
      dateutil: 2.6.1
     docker-py: Not Installed
         gitdb: Not Installed
     gitpython: Not Installed
        Jinja2: 2.10.1
       libgit2: Not Installed
      M2Crypto: 0.35.2
          Mako: Not Installed
       msgpack: 0.6.2
  msgpack-pure: Not Installed
  mysql-python: Not Installed
     pycparser: 2.14
      pycrypto: Not Installed
  pycryptodome: Not Installed
        pygit2: Not Installed
        Python: 3.6.8 (default, Aug 24 2020, 17:57:11)
  python-gnupg: Not Installed
        PyYAML: 3.12
         PyZMQ: 19.0.0
         smmap: Not Installed
       timelib: Not Installed
       Tornado: 4.5.3
           ZMQ: 4.3.3

System Versions:
          dist: centos 8
        locale: UTF-8
       machine: x86_64
       release: 4.18.0-240.1.1.el8_3.x86_64
        system: Linux
       version: CentOS Linux 8```
Salt-minion version: