Openssl 从'给出的公钥初始化EVP#u PKEY(在opensssl中);谷歌inapp账单&x27;
我缩进以验证服务器端实现的c或c中的“google inapp账单签名”++ 我通过php()找到了方法 建议它可以使用EVP_验证。。。openssl中的函数..但是 使用: int EVP_VerifyFinal(EVP_MD_CTX*CTX,无符号字符*sigbuf,无符号int siglen,EVP_PKEY*PKEY) 它需要“EVP_PKEY*PKEY”结构的实例作为参数…但我没有 我相信有一种方法可以将“Google InApp账单签名字符串(base64编码的SHA1,带有带PKCS的RAS签名,#1填充)”转换为EVP#U PKEY..但我不知道如何转换 如何将其作为EVP_VerifyFinal函数的参数传递Openssl 从'给出的公钥初始化EVP#u PKEY(在opensssl中);谷歌inapp账单&x27;,openssl,Openssl,我缩进以验证服务器端实现的c或c中的“google inapp账单签名”++ 我通过php()找到了方法 建议它可以使用EVP_验证。。。openssl中的函数..但是 使用: int EVP_VerifyFinal(EVP_MD_CTX*CTX,无符号字符*sigbuf,无符号int siglen,EVP_PKEY*PKEY) 它需要“EVP_PKEY*PKEY”结构的实例作为参数…但我没有 我相信有一种方法可以将“Google InApp账单签名字符串(base64编码的SHA1,带有带PK
int main()
{
OPENSSL_config(NULL);
OpenSSL_add_all_digests();
ERR_load_crypto_strings();
EVP_MD_CTX* ctx = EVP_MD_CTX_create();
const EVP_MD* md = EVP_get_digestbyname("SHA1");
if(0 == EVP_VerifyInit_ex(ctx, md, NULL))
{
std::cerr << "init error" << std::endl;
return 0;
}
const char* data = "{\"orderId\":\"12999763169054705758.1310724241212373\",\"packageName\":\"com.company.game.google\",\"productId\":\"game_product_001\",\"purchaseTime\":1358227642000,\"purchaseState\":0,\"developerPayload\":\"12322144\",\"purchaseToken\":\"}";
if(0 == EVP_VerifyUpdate(ctx, (void*)data, strlen(data)))
{
std::cerr << "update error" << std::endl;
return 0;
}
const char* key_context = "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh0UDlUA1aYPvfRFq6qUjDVG/fi5EetC6LsjdT/WNmHUAy0muvuOTFfQEzBoELciDfh23VXgwVnb/XsfuvQrCgtnQbuMKsj+sDhofLjeq8TznEMlQcJ//0LsGSM8rRVHw72BYA2mSVKi04k1GIicB9J25c2f+eIwF7lEWJlWqVDlNqOS7GIIjnq3HPhqki3ZRSA9c";
EVP_PKEY* pub_key = EVP_PKEY_new();
if(NULL == pub_key)
{
std::cerr << "evp_pkey new error" << std::endl;
return 0;
}
// I have to call 'EVP_VerifyFinish' here!! but I don't know how to!!
ERR_remove_state(0);
ERR_free_strings();
return 0;
}
intmain()
{
OPENSSL_配置(空);
OpenSSL_添加_所有_摘要();
错误加载加密字符串();
EVP_MD_CTX*CTX=EVP_MD_CTX_create();
const EVP_MD*MD=EVP_get_digestbyname(“SHA1”);
if(0==EVP_VerifyInit_ex(ctx,md,NULL))
{
std::cerr代码未测试,但应该是这样的:
BIO *mem= BIO_new(BIO_s_mem());
BIO_puts(mem, "your data");
RSA *cipher;
PEM_read_bio_RSAPublicKey(mem, &cipher, NULL, NULL);
EVP_PKEY *pkey = EVP_PKEY_new();
EVP_PKEY_set1_RSA(pkey, cipher);
代码未经测试,但应如下所示:
BIO *mem= BIO_new(BIO_s_mem());
BIO_puts(mem, "your data");
RSA *cipher;
PEM_read_bio_RSAPublicKey(mem, &cipher, NULL, NULL);
EVP_PKEY *pkey = EVP_PKEY_new();
EVP_PKEY_set1_RSA(pkey, cipher);
谢谢你的回答。。
但是我做的就像下面。。
(我已经测试过了!!)
ps.Base64代码中的解码功能..你可以在互联网上找到许多来源
int Verify_GoogleInappBilling_Signature(const char* data, const char* signature, const char* pub_key_id)
{
std::shared_ptr<EVP_MD_CTX> mdctx = std::shared_ptr<EVP_MD_CTX>(EVP_MD_CTX_create(), EVP_MD_CTX_destroy);
const EVP_MD* md = EVP_get_digestbyname("SHA1");
if(NULL == md)
{
return -1;
}
if(0 == EVP_VerifyInit_ex(mdctx.get(), md, NULL))
{
return -1;
}
if(0 == EVP_VerifyUpdate(mdctx.get(), (void*)data, strlen(data)))
{
return -1;
}
//!!!!!!!!!!!!!!!!!!!
std::shared_ptr<BIO> b64 = std::shared_ptr<BIO>(BIO_new(BIO_f_base64()), BIO_free);
BIO_set_flags(b64.get(),BIO_FLAGS_BASE64_NO_NL);
std::shared_ptr<BIO> bPubKey = std::shared_ptr<BIO>(BIO_new(BIO_s_mem()), BIO_free);
BIO_puts(bPubKey.get(),pub_key_id);
BIO_push(b64.get(), bPubKey.get());
std::shared_ptr<EVP_PKEY> pubkey = std::shared_ptr<EVP_PKEY>(d2i_PUBKEY_bio(b64.get(), NULL), EVP_PKEY_free);
//!!!!!!!!!!!!!!!!!!!
std::string decoded_signature = Base64Decode(std::string(signature));
return EVP_VerifyFinal(mdctx.get(), (unsigned char*)decoded_signature.c_str(), decoded_signature.length(), pubkey.get());
}
int验证Google应用账单签名(常量字符*数据、常量字符*签名、常量字符*发布密钥\u id)
{
std::shared_ptr mdctx=std::shared_ptr(EVP_MD_CTX_create(),EVP_MD_CTX_destroy);
const EVP_MD*MD=EVP_get_digestbyname(“SHA1”);
if(NULL==md)
{
返回-1;
}
if(0==EVP_VerifyInit_ex(mdctx.get(),md,NULL))
{
返回-1;
}
如果(0==EVP_VerifyUpdate(mdctx.get(),(void*)数据,strlen(数据)))
{
返回-1;
}
//!!!!!!!!!!!!!!!!!!!
std::shared_ptr b64=std::shared_ptr(BIO_new(BIO_f_base64()),BIO_free);
BIO_set_标志(b64.get(),BIO_标志\u BASE64\u NO\u NL);
std::shared_ptr bPubKey=std::shared_ptr(BIO_new(BIO_s_mem()),BIO_free);
BIO_put(bPubKey.get(),pub_key_id);
BIO_push(b64.get(),bPubKey.get());
std::shared_ptr pubkey=std::shared_ptr(d2i_pubkey_bio(b64.get(),NULL),EVP_PKEY_free);
//!!!!!!!!!!!!!!!!!!!
std::string decoded_signature=base64解码(std::string(signature));
返回EVP_VerifyFinal(mdctx.get(),(unsigned char*)decoded_signature.c_str(),decoded_signature.length(),pubkey.get());
}
谢谢您的回答。。
但是我做的就像下面。。
(我已经测试过了!!)
ps.Base64代码中的解码功能..你可以在互联网上找到许多来源
int Verify_GoogleInappBilling_Signature(const char* data, const char* signature, const char* pub_key_id)
{
std::shared_ptr<EVP_MD_CTX> mdctx = std::shared_ptr<EVP_MD_CTX>(EVP_MD_CTX_create(), EVP_MD_CTX_destroy);
const EVP_MD* md = EVP_get_digestbyname("SHA1");
if(NULL == md)
{
return -1;
}
if(0 == EVP_VerifyInit_ex(mdctx.get(), md, NULL))
{
return -1;
}
if(0 == EVP_VerifyUpdate(mdctx.get(), (void*)data, strlen(data)))
{
return -1;
}
//!!!!!!!!!!!!!!!!!!!
std::shared_ptr<BIO> b64 = std::shared_ptr<BIO>(BIO_new(BIO_f_base64()), BIO_free);
BIO_set_flags(b64.get(),BIO_FLAGS_BASE64_NO_NL);
std::shared_ptr<BIO> bPubKey = std::shared_ptr<BIO>(BIO_new(BIO_s_mem()), BIO_free);
BIO_puts(bPubKey.get(),pub_key_id);
BIO_push(b64.get(), bPubKey.get());
std::shared_ptr<EVP_PKEY> pubkey = std::shared_ptr<EVP_PKEY>(d2i_PUBKEY_bio(b64.get(), NULL), EVP_PKEY_free);
//!!!!!!!!!!!!!!!!!!!
std::string decoded_signature = Base64Decode(std::string(signature));
return EVP_VerifyFinal(mdctx.get(), (unsigned char*)decoded_signature.c_str(), decoded_signature.length(), pubkey.get());
}
int验证Google应用账单签名(常量字符*数据、常量字符*签名、常量字符*发布密钥\u id)
{
std::shared_ptr mdctx=std::shared_ptr(EVP_MD_CTX_create(),EVP_MD_CTX_destroy);
const EVP_MD*MD=EVP_get_digestbyname(“SHA1”);
if(NULL==md)
{
返回-1;
}
if(0==EVP_VerifyInit_ex(mdctx.get(),md,NULL))
{
返回-1;
}
如果(0==EVP_VerifyUpdate(mdctx.get(),(void*)数据,strlen(数据)))
{
返回-1;
}
//!!!!!!!!!!!!!!!!!!!
std::shared_ptr b64=std::shared_ptr(BIO_new(BIO_f_base64()),BIO_free);
BIO_set_标志(b64.get(),BIO_标志\u BASE64\u NO\u NL);
std::shared_ptr bPubKey=std::shared_ptr(BIO_new(BIO_s_mem()),BIO_free);
BIO_put(bPubKey.get(),pub_key_id);
BIO_push(b64.get(),bPubKey.get());
std::shared_ptr pubkey=std::shared_ptr(d2i_pubkey_bio(b64.get(),NULL),EVP_PKEY_free);
//!!!!!!!!!!!!!!!!!!!
std::string decoded_signature=base64解码(std::string(signature));
返回EVP_VerifyFinal(mdctx.get(),(unsigned char*)decoded_signature.c_str(),decoded_signature.length(),pubkey.get());
}