in files/validate_config.py [0:0]
def confirm_submission_privkey_fingerprint(self):
if "submission_key_fpr" not in self.config:
raise ValidationError('"submission_key_fpr" is not defined in config.json')
if not re.match("^[a-fA-F0-9]{40}$", self.config["submission_key_fpr"]):
raise ValidationError("Invalid PGP key fingerprint specified")
gpg_cmd = ["gpg2", "--show-keys", self.secret_key_filepath]
try:
out = subprocess.check_output(gpg_cmd, stderr=subprocess.STDOUT).decode(
sys.stdout.encoding
)
match = " {}".format(self.config["submission_key_fpr"])
if not re.search(match, out):
raise ValidationError("Configured fingerprint does not match key!")
except subprocess.CalledProcessError as e:
raise ValidationError(f"Key validation failed: {e.output.decode(sys.stdout.encoding)}")