1

我正在尝试使用来自名为 RMStore 的流行收据验证库中的代码来验证收据是否适用于此特定设备:

NSUUID * uuid = [[UIDevice currentDevice] identifierForVendor];
uuid_t uuidBytes;
[uuid getUUIDBytes:uuidBytes];

NSMutableData * data = [[NSMutableData alloc] init];
[data appendBytes:uuidBytes length:sizeof(uuidBytes)];
[data appendData:_parsedReceipt.opaqueValue];
[data appendData:_parsedReceipt.bundleIdentifierData];

NSMutableData * computedHash = [NSMutableData dataWithLength:SHA_DIGEST_LENGTH];
SHA1(data.bytes, data.length, computedHash.mutableBytes);

return [computedHash isEqualToData:_parsedReceipt.hash];

但是这两个哈希值不相等。代码有问题吗?

编辑

    SKReceiptRefreshRequest * request = [[SKReceiptRefreshRequest alloc] initWithReceiptProperties:@{SKReceiptPropertyIsRevoked: @YES}];
    [request setDelegate:self];
    [request start];

在我重新获取收据一次后,哈希开始匹配。这是我见过的最离奇的行为。有谁知道为什么会发生这种情况?

4

2 回答 2

1

如您从哪里获取该代码的答案中所示,如果验证失败,Apple 建议刷新收据。这是RMStore验证收据/交易的方法:

RMAppReceipt *receipt = [RMAppReceipt bundleReceipt];
const BOOL verified = [self verifyTransaction:transaction inReceipt:receipt success:successBlock failure:nil]; // failureBlock is nil intentionally. See below.
if (verified) return;

// Apple recommends to refresh the receipt if validation fails on iOS
[[RMStore defaultStore] refreshReceiptOnSuccess:^{
    RMAppReceipt *receipt = [RMAppReceipt bundleReceipt];
    [self verifyTransaction:transaction inReceipt:receipt success:successBlock failure:failureBlock];
} failure:^(NSError *error) {
    [self failWithBlock:failureBlock error:error];
}];
于 2014-03-26T09:10:52.643 回答
0

我将在这里添加一件事 - 我花了一段时间才弄清楚为什么我的哈希不匹配......

收据 bundleId 示例:ASN1 OCTET STRING(27 字节)0C19636F6D2E706177656C6B6C61707563682E536B696E4578616D

它实际上由标识符(0C)、长度(19)和值(63..6D)组成。

用于比较 app.bundleId == receive.bundleId -> 仅使用值
用于生成哈希 -> 使用整个 ASN1 缓冲区
(否则 SHA1 将导致不同的值)

于 2020-11-25T19:23:22.300 回答