现在我正在寻找一种方法来验证从谷歌应用程式内结算制度的签名。我发现在PHP'openssl_pkey_get_public'和'openssl_verify功能(这是非常容易和简单!),但对C或C ++ ;;;没有例子或文件(我花了最后两天的搜索it..OTL。 ..)
Now I'm looking for a way to verify the signature from 'Google inapp billing' system. I've found 'openssl_pkey_get_public' and 'openssl_verify' functions in php(it is very easy and simple!!), but no example or document for C or C++;;;(I spend last two days for searching it..OTL...)
现在我有:结果 - 公钥结果 - 签名结果 - 从谷歌搜索的购买数据我想实现验证使用C或C ++ code
now I have : - public key - signature - purchase data from google I want to implement verifying code using C or C++
有没有人谁知道我怎样才能得到它呢?
Is there someone who knows how I can get it?
我已经搜查初级讲座.. - http://www.nlnetlabs.nl/downloads/publications/hsm/hsm_node21。 HTML 它涉及OpenSSL的EVP..但它讲述了HSM(硬件安全模块)
I've searched belows.. - http://www.nlnetlabs.nl/downloads/publications/hsm/hsm_node21.html It deals with 'openssl EVP'..but it tells about HSM(hardware security module)
谢谢!
下面是关于什么的,我问了答案..1表示成功,0失败是..感谢..
below is the answer about what I've asked.. 1 means success, 0 is fail.. thanks..
int Verify_GoogleInappBilling_Signature(const char* data, const char* signature, const char* pub_key_id)
{
std::shared_ptr<EVP_MD_CTX> mdctx = std::shared_ptr<EVP_MD_CTX>(EVP_MD_CTX_create(), EVP_MD_CTX_destroy);
const EVP_MD* md = EVP_get_digestbyname("SHA1");
if(NULL == md)
{
return -1;
}
if(0 == EVP_VerifyInit_ex(mdctx.get(), md, NULL))
{
return -1;
}
if(0 == EVP_VerifyUpdate(mdctx.get(), (void*)data, strlen(data)))
{
return -1;
}
std::shared_ptr<BIO> b64 = std::shared_ptr<BIO>(BIO_new(BIO_f_base64()), BIO_free);
BIO_set_flags(b64.get(),BIO_FLAGS_BASE64_NO_NL);
std::shared_ptr<BIO> bPubKey = std::shared_ptr<BIO>(BIO_new(BIO_s_mem()), BIO_free);
BIO_puts(bPubKey.get(),pub_key_id);
BIO_push(b64.get(), bPubKey.get());
std::shared_ptr<EVP_PKEY> pubkey = std::shared_ptr<EVP_PKEY>(d2i_PUBKEY_bio(b64.get(), NULL), EVP_PKEY_free);
std::string decoded_signature = Base64Decode(std::string(signature));
return EVP_VerifyFinal(mdctx.get(), (unsigned char*)decoded_signature.c_str(), decoded_signature.length(), pubkey.get());
}