protected function revokeKey(array $keyData, array $nodeData) : bool
{
$supplier = \preg_replace('/[^A-Za-z0-9_\\-]/', '', $keyData['supplier']);
if (empty($supplier)) {
throw new InvalidType(\__('Expected non-empty string for supplier name'));
}
$filePath = ROOT . '/config/supplier_keys/' . $supplier . '.json';
if (\file_exists($filePath)) {
$supplierData = \Airship\loadJSON($filePath);
if (!$this->verifyMasterSignature($supplierData, $keyData, $nodeData)) {
return false;
}
// Remove the revoked key.
foreach ($supplierData['signing_keys'] as $i => $key) {
if (\hash_equals($keyData['public_key'], $key['public_key'])) {
unset($supplierData['signing_keys'][$i]);
break;
}
}
return \file_put_contents($filePath, \json_encode($supplierData, JSON_PRETTY_PRINT)) !== false;
}
// Fail closed:
return false;
}