简体中文(ZH-CN)English(EN)繁体中文(ZH-TW)日本語(JA)한국어(KO)
Home
Article
Q&A
Course
Topic
Download
Game
Dictionary

Home  >  Article  >  Backend Development  >  game-center - 怎么用php验证game center GKLocalPlayer 返回的签名

game-center - 怎么用php验证game center GKLocalPlayer 返回的签名

WBOY
WBOYOriginal
2016-06-06 20:35:281325browse

game center就给出了下面几句验证的流程:
https://developer.apple.com/library/mac/documentation/GameKit/Referenc...:

下面是它的步骤:
1. Call [GKLocalPlayer generateIdentityVerificationSignatureWithCompletionHandler] in your app.(客户端调用此方法)

  1. Send the publicKeyURL, signature, salt, and timestamp parameters to the third party server used for authentication.(拿到game center 返回的数据发送给服务端校验)

  2. Use the publicKeyURL on the third party server to download the public key.(使用客户端提供的public key url下载公匙)

  3. Verify with the appropriate signing authority that the public key is signed by Apple.(验证是否是苹果公司签名的公匙?)

  4. Retrieve the player’s playerID and bundleID.(提取玩家的ID和App的BundleId.也是客户端提供)

  5. Concatenate into a data buffer the following information, in the order listed:

    The playerID parameter in UTF-8 format

    The bundleID parameter in UTF-8 format

    The timestamp parameter in Big-Endian UInt-64 format

    The salt parameter

  6. Generate a SHA-1 hash value for the buffer.(用上面的参数按照顺序SHA1生成hash值)

  7. Using the public key downloaded in step 3, verify that the hash value generated in step 7 matches the signature parameter provided by the API.(用第三步下载的公匙和game center提供的signature验证第7步生成的hash值)

我根据这些文档写了下面的代码:

$playerID = 'G:869***86';
$bundleID = 'com.****.gcc';
$signature =base64_decode('q/rE6vsNyb0458HzYs0TCK/Cz88JmAqob8DM1uwkl5Y9AKrFfZQo/HRtilGlCKvek40PVKUelL0qLZ8M3IBNdV+HshyZVB/SOdo1M7UG1xcqlkRCMlNYLqdpQgpw6GrK3zw4QyyG1Znk2K0AqKN7eeBwcj7KsF2tCFGQpvu+pB+4hEXUYVLRRJ5ElG05/mOzH5oKfugBestANEwPBSheN1FIOFBPVcCbp/9P7HamB3Yi3+rzE1Kv8KIKM5iOi01pIAFMmSfPYjKzrSHGOkI4/KSItAIFq9jQv67YvZP1oCQRttD/K+XvtxbikX++jB4pmq4ctaCZXeFrW6gXxIRGsA==');
$timestamp = 1429756461745;
$salt = '/Mxf3w==';
$pubkeyid  = openssl_pkey_get_public(file_get_contents('gc-sb-2.crt'));

$data = sha1($playerID.$bundleID.$timestamp.$salt);

var_dump(openssl_verify($data,$signature,$pubkeyid,OPENSSL_ALGO_SHA1));
openssl_free_key($pubkeyid);

上面的证书文件是通过下面的网站转换成pem,php不支持对.cer操作。
https://www.google.com.tw/url?sa=t&rct=j&q=&esrc=s&sou...

总是验证失败,请求各位大神帮帮忙,指点一下。

回复内容:

game center就给出了下面几句验证的流程:
https://developer.apple.com/library/mac/documentation/GameKit/Referenc...:

下面是它的步骤:
1. Call [GKLocalPlayer generateIdentityVerificationSignatureWithCompletionHandler] in your app.(客户端调用此方法)

  1. Send the publicKeyURL, signature, salt, and timestamp parameters to the third party server used for authentication.(拿到game center 返回的数据发送给服务端校验)

  2. Use the publicKeyURL on the third party server to download the public key.(使用客户端提供的public key url下载公匙)

  3. Verify with the appropriate signing authority that the public key is signed by Apple.(验证是否是苹果公司签名的公匙?)

  4. Retrieve the player’s playerID and bundleID.(提取玩家的ID和App的BundleId.也是客户端提供)

  5. Concatenate into a data buffer the following information, in the order listed:

    The playerID parameter in UTF-8 format

    The bundleID parameter in UTF-8 format

    The timestamp parameter in Big-Endian UInt-64 format

    The salt parameter

  6. Generate a SHA-1 hash value for the buffer.(用上面的参数按照顺序SHA1生成hash值)

  7. Using the public key downloaded in step 3, verify that the hash value generated in step 7 matches the signature parameter provided by the API.(用第三步下载的公匙和game center提供的signature验证第7步生成的hash值)

我根据这些文档写了下面的代码:

$playerID = 'G:869***86';
$bundleID = 'com.****.gcc';
$signature =base64_decode('q/rE6vsNyb0458HzYs0TCK/Cz88JmAqob8DM1uwkl5Y9AKrFfZQo/HRtilGlCKvek40PVKUelL0qLZ8M3IBNdV+HshyZVB/SOdo1M7UG1xcqlkRCMlNYLqdpQgpw6GrK3zw4QyyG1Znk2K0AqKN7eeBwcj7KsF2tCFGQpvu+pB+4hEXUYVLRRJ5ElG05/mOzH5oKfugBestANEwPBSheN1FIOFBPVcCbp/9P7HamB3Yi3+rzE1Kv8KIKM5iOi01pIAFMmSfPYjKzrSHGOkI4/KSItAIFq9jQv67YvZP1oCQRttD/K+XvtxbikX++jB4pmq4ctaCZXeFrW6gXxIRGsA==');
$timestamp = 1429756461745;
$salt = '/Mxf3w==';
$pubkeyid  = openssl_pkey_get_public(file_get_contents('gc-sb-2.crt'));

$data = sha1($playerID.$bundleID.$timestamp.$salt);

var_dump(openssl_verify($data,$signature,$pubkeyid,OPENSSL_ALGO_SHA1));
openssl_free_key($pubkeyid);

上面的证书文件是通过下面的网站转换成pem,php不支持对.cer操作。
https://www.google.com.tw/url?sa=t&rct=j&q=&esrc=s&sou...

总是验证失败,请求各位大神帮帮忙,指点一下。

在用POST或者GET传送数据时,如果数据里含有"+"(加号),但接收程序解析数据时,会把这个加号解析成空格。
解决办法:
在php里面,先用str_replace函数,将加号替换成"%2B",然后进行urlencode编码,在接收方用urldecode解码就可正常使用了。

客户端发送的“signature”这个参数里有“+”,需要替换成“%2B”

Statement:
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Previous article:使用jsonp完成跨域请求,但是请求的链接是js文件,请求总是那个js报错,怎莫办?Next article:请问大家一般使用php的单元测试吗 如果不 一般怎么科学地测试代码

Related articles

See more