in files/validate_config.py [0:0]
def confirm_submission_privkey_file(self):
"""
Import privkey into temporary keyring, to validate.
"""
if not os.path.exists(self.secret_key_filepath):
raise ValidationError(f"PGP secret key file not found: {self.secret_key_filepath}")
gpg_cmd = ["gpg", "--import", self.secret_key_filepath]
result = False
with tempfile.TemporaryDirectory() as d:
gpg_env = {"GNUPGHOME": d}
# Call out to gpg to confirm it's a valid keyfile
try:
subprocess.check_call(
gpg_cmd, env=gpg_env, stderr=subprocess.DEVNULL, stdout=subprocess.DEVNULL
)
result = True
except subprocess.CalledProcessError:
# suppress error since "result" is checked next
pass
if not result:
raise ValidationError(f"PGP secret key is not valid: {self.secret_key_filepath}")