8
  public static boolean verify(PublicKey publicKey, String signedData, String signature) {
    Log.i(TAG, "signature: " + signature);
    Signature sig;
    try {
        sig = Signature.getInstance(SIGNATURE_ALGORITHM);
        sig.initVerify(publicKey);
        sig.update(signedData.getBytes());
        if (!sig.verify(Base64.decode(signature))) {
            Log.e(TAG, "Signature verification failed.");
            return false;
        }
        return true;
    } catch (NoSuchAlgorithmException e) {
        Log.e(TAG, "NoSuchAlgorithmException.");
    } catch (InvalidKeyException e) {
        Log.e(TAG, "Invalid key specification.");
    } catch (SignatureException e) {
        Log.e(TAG, "Signature exception.");
    }  catch (Base64DecoderException e) {
        Log.e(TAG, "Base64DecoderException.", e);
    }
    return false;
}

我输入了我的 google play 测试帐户的公钥,但此方法返回 false 值。我使用 android SDK 的 market_billing 项目进行 InApp 计费。除了用于 InApp 计费的公钥之外,还有其他值吗?

logcat output-
  09-03 14:10:43.439: I/BillingService(3683): Starting
  09-03 14:10:43.556: D/dalvikvm(3683): GC_EXTERNAL_ALLOC freed 843 objects / 59184 bytes in 99ms
  09-03 14:10:43.665: I/BillingService(3683): Service starting with onCreate
  09-03 14:10:43.669: I/BillingService(3683): Market Billing Service Successfully Bound
  09-03 14:10:43.732: I/BillingService(3683): Market Billing Service Connected.
  09-03 14:10:48.595: I/BillingService(3683): isBillingSupported response was:    RESULT_OK
  09-03 14:10:48.595: I/BillingService(3683): requestPurchase()
  09-03 14:10:48.619: I/BillingService(3683): current request is:4403061459445471804
  09-03 14:10:48.619: I/BillingService(3683): REQUEST_PURCHASE Sync Response code: RESULT_OK
  09-03 14:10:48.708: I/BillingService(3683): onPause())
  09-03 14:11:04.228: I/BillingService(3683): Received action: com.android.vending.billing.IN_APP_NOTIFY
  09-03 14:11:04.228: I/BillingService(3683): notify got id: android.test.purchased
  09-03 14:11:04.228: I/BillingService(3683): getPurchaseInformation()
  09-03 14:11:04.228: I/BillingService(3683): Nonce generateD: -9092176369901149507
  09-03 14:11:04.255: I/BillingService(3683): current request is:7271094427995930240
  09-03 14:11:04.255: I/BillingService(3683): GET_PURCHASE_INFORMATION Sync Response code: RESULT_OK
  09-03 14:11:04.599: I/BillingService(3683): Received action: com.android.vending.billing.RESPONSE_CODE
  09-03 14:11:04.599: I/BillingService(3683): checkResponseCode got requestId: 4403061459445471804
  09-03 14:11:04.599: I/BillingService(3683): checkResponseCode got responseCode: RESULT_OK
  09-03 14:11:05.044: I/BillingService(3683): Received action: com.android.vending.billing.PURCHASE_STATE_CHANGED
  09-03 14:11:05.044: I/BillingService(3683): purchaseStateChanged got signedData: {"nonce":-9092176369901149507,"orders":[{"notificationId":"android.test.purchased","orderId":"transactionId.android.test.purchased","packageName":"com.blundell.test","productId":"android.test.purchased","purchaseTime":1346661666055,"purchaseState":0}]}
  09-03 14:11:05.044: I/BillingService(3683): purchaseStateChanged got signature: KZAEykaTIdqZ+to+hJNolkmDcYdliPw+fgg4xa6uBYq77GGiVSma0sbVHCCv3T7WJ5sRMTRLuFgbTM1NC3YEl+paEj5QnIlD1GgDiQBJ9PEErEhGSft1BTmvi+6BS/cu8KFXp7v1h5c+WBNHWNBeNckl433yhoKElOWbY1gvfNakEJ2LdBUesaCbLeHohP+OoZJq4U20zO1sQGhjerRdRpX0Jg7bPJErHTka58GNbaclz/xwVhDs54GZwsBECDceo0fSNfUsmBfpYAe+/kyCnO+Ip+N49pDeN+2FKAnhJ3d8An3IaNX990P8vqShgTHxBpAznc7YHro2sVWtzAXVZQ==
  09-03 14:11:05.044: I/BillingService(3683): signedData: {"nonce":-9092176369901149507,"orders":[{"notificationId":"android.test.purchased","orderId":"transactionId.android.test.purchased","packageName":"com.blundell.test","productId":"android.test.purchased","purchaseTime":1346661666055,"purchaseState":0}]}
  09-03 14:11:05.052: I/BillingService(3683): signature: KZAEykaTIdqZ+to+hJNolkmDcYdliPw+fgg4xa6uBYq77GGiVSma0sbVHCCv3T7WJ5sRMTRLuFgbTM1NC3YEl+paEj5QnIlD1GgDiQBJ9PEErEhGSft1BTmvi+6BS/cu8KFXp7v1h5c+WBNHWNBeNckl433yhoKElOWbY1gvfNakEJ2LdBUesaCbLeHohP+OoZJq4U20zO1sQGhjerRdRpX0Jg7bPJErHTka58GNbaclz/xwVhDs54GZwsBECDceo0fSNfUsmBfpYAe+/kyCnO+Ip+N49pDeN+2FKAnhJ3d8An3IaNX990P8vqShgTHxBpAznc7YHro2sVWtzAXVZQ==
  09-03 14:11:05.068: E/BillingService(3683): Signature verification failed.
  09-03 14:11:05.072: D/verified(3683): false
  09-03 14:11:05.072: W/BillingService(3683): signature does not match data.
  09-03 14:11:05.076: D/AndroidRuntime(3683): Shutting down VM
  09-03 14:11:05.076: W/dalvikvm(3683): threadid=1: thread exiting with uncaught exception (group=0x4001d7d0)
  09-03 14:11:05.083: E/AndroidRuntime(3683): FATAL EXCEPTION: main
  09-03 14:11:05.083: E/AndroidRuntime(3683): java.lang.RuntimeException: Unable to start receiver com.blundell.test.BillingReceiver: java.lang.NullPointerException
  09-03 14:11:05.083: E/AndroidRuntime(3683):   at android.app.ActivityThread.handleReceiver(ActivityThread.java:2821)
  09-03 14:11:05.083: E/AndroidRuntime(3683):   at android.app.ActivityThread.access$3200(ActivityThread.java:125)
  09-03 14:11:05.083: E/AndroidRuntime(3683):   at android.app.ActivityThread$H.handleMessage(ActivityThread.java:2083)
  09-03 14:11:05.083: E/AndroidRuntime(3683):   at android.os.Handler.dispatchMessage(Handler.java:99)
  09-03 14:11:05.083: E/AndroidRuntime(3683):   at android.os.Looper.loop(Looper.java:123)
  09-03 14:11:05.083: E/AndroidRuntime(3683):   at android.app.ActivityThread.main(ActivityThread.java:4627)
  09-03 14:11:05.083: E/AndroidRuntime(3683):   at java.lang.reflect.Method.invokeNative(Native Method)
  09-03 14:11:05.083: E/AndroidRuntime(3683):   at java.lang.reflect.Method.invoke(Method.java:521)
  09-03 14:11:05.083: E/AndroidRuntime(3683):   at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:858)
  09-03 14:11:05.083: E/AndroidRuntime(3683):   at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:616)
  09-03 14:11:05.083: E/AndroidRuntime(3683):   at dalvik.system.NativeStart.main(Native Method)
  09-03 14:11:05.083: E/AndroidRuntime(3683): Caused by: java.lang.NullPointerException
  09-03 14:11:05.083: E/AndroidRuntime(3683):   at com.blundell.test.BillingHelper.verifyPurchase(BillingHelper.java:249)
  09-03 14:11:05.083: E/AndroidRuntime(3683):   at com.blundell.test.BillingReceiver.purchaseStateChanged(BillingReceiver.java:44)
  09-03 14:11:05.083: E/AndroidRuntime(3683):   at com.blundell.test.BillingReceiver.onReceive(BillingReceiver.java:27)
  09-03 14:11:05.083: E/AndroidRuntime(3683):   at android.app.ActivityThread.handleReceiver(ActivityThread.java:2810)
  09-03 14:11:05.083: E/AndroidRuntime(3683):   ... 10 more
  09-03 14:16:09.611: I/Process(3683): Sending signal. PID: 3683 SIG: 9
  09-03 14:16:14.880: I/BillingService(3793): Service starting with onCreate
  09-03 14:16:14.888: I/BillingService(3793): Market Billing Service Successfully Bound
  09-03 14:16:14.896: I/BillingService(3793): Market Billing Service Connected.

有人告诉我验证过程。

4

1 回答 1

0

verify代码看起来不错。你怎么一代的publicKey?它应该如下所示:

protected PublicKey generatePublicKey(String encodedPublicKey) {
    try {
        byte[] decodedKey = Base64.decode(encodedPublicKey);
        KeyFactory keyFactory = KeyFactory.getInstance(KEY_FACTORY_ALGORITHM);
        return keyFactory.generatePublic(new X509EncodedKeySpec(decodedKey));
    } catch (NoSuchAlgorithmException e) {
        throw new RuntimeException(e);
    } catch (InvalidKeySpecException e) {
        Log.e(BillingController.LOG_TAG, "Invalid key specification.");
        throw new IllegalArgumentException(e);
    } catch (Base64DecoderException e) {
        Log.e(BillingController.LOG_TAG, "Base64 decoding failed.");
        throw new IllegalArgumentException(e);
    }
}

查看AndroidBillingLibrary中的DefaultSignatureValidator类。可能有帮助。

于 2012-09-02T09:53:32.367 回答