-
-
Save sandyxu/68a49ecdcbd2f3c70c95 to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #1 Generate Public & Private Keypair | |
| #2 Create receipt.json - eg below - careful with line-endings, etc if line breaks | |
| #3 Create signature & Encode | |
| openssl dgst -binary -sha1 -sign private.pem receipt.json | openssl base64 > signature.txt | |
| #4 Verify using OpenSSL & public key | |
| openssl base64 -d -in signature.txt -out signature.sha1 | openssl dgst -sha1 -verify public.pem -signature signature.sha1 receipt.json | |
| #5 Verify with Ruby script (see below) & public key | |
| ruby ver.rb receipt.json signature.txt public.pem |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "orderId":"12999763169054705758.1371079406387615", | |
| "packageName":"com.example.app", | |
| "productId":"exampleSku", | |
| "purchaseTime":1345678900000, | |
| "purchaseState":0, | |
| "developerPayload":"bGoa+V7g/yqDXvKRqq+JTFn4uQZbPiQJo4pf9RzJ", | |
| "purchaseToken":"rojeslcdyyiapnqcynkjyyjh" | |
| } |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| require 'rubygems' | |
| require 'openssl' | |
| require 'base64' | |
| def main | |
| raise ArgumentError, 'Require receipt, signature and public key to run' unless ARGV.length == 3 | |
| #read files | |
| receipt = read_file(ARGV[0]) | |
| signature = read_file(ARGV[1]) | |
| base64_encoded_public_key = read_file(ARGV[2]) | |
| #decode public key from Base64 string | |
| public_key = OpenSSL::PKey::RSA.new base64_encoded_public_key | |
| #verify the signature digest was encrypted with priv key & matches digest for receipt string | |
| verified = public_key.verify( OpenSSL::Digest::SHA1.new, Base64.decode64(signature), receipt ) | |
| print "Wow... thats #{verified}-ly amazing\n" | |
| end | |
| def read_file(file_name) | |
| file = File.open(file_name, "r") | |
| data = file.read | |
| file.close | |
| return data | |
| end | |
| if __FILE__ == $0 | |
| main() | |
| end |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment