On Thu, Apr 14, 2011 at 2:05 AM, Nate Totura <[email protected]> wrote: > > > Thanks, the openssl_sign() php function is just being used to verify > that if I sign something myself, instead of using the Google returned > version, that it works in my php verification code. The openssl_sign() > does return binary and I am encoding it to base64 before using it > elsewhere. >
I don't use PHP, but my point is that if openssl_sign() returns binary, it stands to reason that openssl_verify() expects binary as well. So you need to Base64-decode what you got from Google before you feed it to openssl_verify() if you are not already doing so. If you are, make sure you are not changing the format (new lines, etc): depending on how forgiving the Base64 decoder is you might get a slightly different binary blob. You can try this to check: 1. Base64 decode, then hex dump in Java (your app) 2. Do the same in PHP 3. Compare the two hex strings Also make sure the signature algorithm is the same as in Java SHA1withRSA (this is probably the default though). -- You received this message because you are subscribed to the Google Groups "Android Developers" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
