gpg: Send --with-keygrip when listing keys

* src/engine-gpg.c (gpg_keylist_build_options): Always pass
--with-keygrip when listing keys.

--

Some older versions of GnuPG (at least gpg in version
2.2.12-1+deb10u1) appear to unilaterally emit the keygrip, and it's
certainly useful to know that programmatically it will always be
present in the output needed.

However, as of GnuPG 2.2.19-1, the following command does not emit the
keygrip for non-secret keys:

   gpg --with-colons --with-secret --list-keys

This change fixes tests/json/t-json by making the output comply with
tests/json/t-keylist-secret.out.json correctly.

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
GnuPG-Bug-Id: 4820

src/engine-gpg.c

@@ -2961,6 +2961,7 @@ gpg_keylist_build_options (engine_gpg_t gpg, int secret_only,
   gpg_error_t err;
 
   err = add_arg (gpg, "--with-colons");
+  err = add_arg (gpg, "--with-keygrip");
 
   /* Since gpg 2.1.15 fingerprints are always printed, thus there is
    * no more need to explicitly request them.  */

tests/json/t-keylist-secret.out.json

@@ -91,7 +91,7 @@
             "can_sign":     true,
             "can_certify":  true,
             "can_authenticate":     true,
-            "secret":       true,
+            "secret":       false,
             "is_qualified": false,
             "protocol":     "OpenPGP",
             "fingerprint":  "D695676BDCEDCC2CDD6152BCFE180B1DA9E3B0B2",