Hi, I don't mean to thread jack but i've searched all over the internet on
this already and i've found nothing. Could any of you familiar help me?
<?php
ini_set('display_errors', 'On');
error_reporting(E_ALL | E_STRICT);
$data = $_POST['signeddata'];
$signature = $_POST['signature'];
$signature = base64_decode($signature);
// fetch public key from certificate and ready it
$fp = fopen("./public_key.pem", "r");
$cert = fread($fp, 8192);
fclose($fp);
$pubkeyid = openssl_get_publickey($cert);
// state whether signature is okay or not
$ok = openssl_verify($data, $signature, $pubkeyid);
if ($ok == 1) {
echo "good";
} else if ($ok == 0) {
echo "bad";
} else {
echo "ugly, error checking signature";
}
// free the key from memory
openssl_free_key($pubkeyid);
?>
I've quadruple checked that $signature, $data, and $pubkeyid exists and is
imported.
but for some reason i am still getting the result "bad".
If you guys think that its still my pubkeyid then please tell me step by
step on how to get
the android developer public key to .pem because heres what i've done.
1. installed openssl for windows 64
2. ran the script "openssl enc -base64 -d -in publickey.base64 -A | openssl
rsa -inform DER -pubin > pub.pem"
3. took pub.pem and uploaded it to server
i've also tried to delete the linebreak after END but i get errors on not
given right to openssl_verify.
Additionally i've ran the same variables through BillingSecurity and i got
a success. But the same variables just don't seem to be working here.
My openssl version on the server is 1.0.0
On Tuesday, June 21, 2011 1:50:58 PM UTC-7, facetious wrote:
>
> Just to make your life a little easier (and remove some dependency on
> non-PHP tools):
>
> $public_key_str = "<This is the string right off your Android dev
> portal. Load from DB or file if you choose.>";
> $cert = "-----BEGIN PUBLIC KEY-----\r\n" .
> chunk_split($public_key_str, 64, "\r\n") . "-----END PUBLIC KEY-----";
>
> No more relying on openssl pipes for you! :)
>
> Cheers,
> Ian MacDonald
>
> On Apr 25, 10:30 pm, Nate Totura <[email protected]> wrote:
> > Thanks for the help, you were correct, the data I was using to test
> > everything was in a file an had an extra newline appended to the end.
> >
> > On Apr 20, 7:37 pm, Nikolay Elenkov <[email protected]> wrote:
> >
> >
> >
> >
> >
> >
> >
> > > On Thu, Apr 21, 2011 at 6:24 AM, Nate Totura <[email protected]>
> wrote:
> >
> > > > Still no luck, I am pretty confident I am sending the PHP routines
> > > > correctly formatted data.
> >
> > > > A followup question:
> > > > How can I verify the signature and data using only openssl, here is
> > > > what I am currently doing:
> >
> > > > openssl dgst -sha1 -verify public.key.ssl -signature signature.bin
> > > > data
> >
> > > What you are doing is correct. Just make sure that the data file has
> > > no trailing newlines (use a binary editor to remove them, or save as
> > > binary from your Java or PHP program). I just tried it with a response
> from
> > > Market, it verifies OK.
--
You received this message because you are subscribed to the Google
Groups "Android Developers" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to
[email protected]
For more options, visit this group at
http://groups.google.com/group/android-developers?hl=en
