我缩进以验证服务器端实现的 C 或 C++ 中的“谷歌应用程序计费签名”
我找到了通过 php(php 服务器中的 Android 应用内计费签名验证)的方法,并建议它可以在 openssl 中使用 EVP_Verify... 函数。但要使用:
int EVP_VerifyFinal(EVP_MD_CTX *ctx,unsigned char *sigbuf, unsigned int siglen,EVP_PKEY *pkey);
它需要“EVP_PKEY* pkey”结构的实例作为参数……但我没有!
我相信有办法将“Google InApp Billing 签名字符串(base64 编码的 SHA1-with-RAS 签名与 PKCS#1 填充)”转换为 EVP_PKEY ..但我不知道该怎么做。
如何将它作为 EVP_VerifyFinal 函数的参数传递?
int main()
{
OPENSSL_config(NULL);
OpenSSL_add_all_digests();
ERR_load_crypto_strings();
EVP_MD_CTX* ctx = EVP_MD_CTX_create();
const EVP_MD* md = EVP_get_digestbyname("SHA1");
if(0 == EVP_VerifyInit_ex(ctx, md, NULL))
{
std::cerr << "init error" << std::endl;
return 0;
}
const char* data = "{\"orderId\":\"12999763169054705758.1310724241212373\",\"packageName\":\"com.company.game.google\",\"productId\":\"game_product_001\",\"purchaseTime\":1358227642000,\"purchaseState\":0,\"developerPayload\":\"12322144\",\"purchaseToken\":\"}";
if(0 == EVP_VerifyUpdate(ctx, (void*)data, strlen(data)))
{
std::cerr << "update error" << std::endl;
return 0;
}
const char* key_context = "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh0UDlUA1aYPvfRFq6qUjDVG/fi5EetC6LsjdT/WNmHUAy0muvuOTFfQEzBoELciDfh23VXgwVnb/XsfuvQrCgtnQbuMKsj+sDhofLjeq8TznEMlQcJ//0LsGSM8rRVHw72BYA2mSVKi04k1GIicB9J25c2f+eIwF7lEWJlWqVDlNqOS7GIIjnq3HPhqki3ZRSA9c";
EVP_PKEY* pub_key = EVP_PKEY_new();
if(NULL == pub_key)
{
std::cerr << "evp_pkey new error" << std::endl;
return 0;
}
// I have to call 'EVP_VerifyFinish' here!! but I don't know how to!!
ERR_remove_state(0);
ERR_free_strings();
return 0;
}
请有人帮助我!