game-center - 怎麼用php驗證game center GKLocalPlayer 返回的簽名

來源:互聯網
上載者:User
game center就給出了下面幾句驗證的流程:
https://developer.apple.com/library/mac/documentation/GameKit/Referenc...:

下面是它的步驟:
1. Call [GKLocalPlayer generateIdentityVerificationSignatureWithCompletionHandler] in your app.(用戶端調用此方法)

  1. Send the publicKeyURL, signature, salt, and timestamp parameters to the third party server used for authentication.(拿到game center 返回的資料發送給服務端校正)

  2. Use the publicKeyURL on the third party server to download the public key.(使用用戶端提供的public key url下載公匙)

  3. Verify with the appropriate signing authority that the public key is signed by Apple.(驗證是否是蘋果公司簽名的公匙?)

  4. Retrieve the player’s playerID and bundleID.(提取玩家的ID和App的BundleId.也是用戶端提供)

  5. Concatenate into a data buffer the following information, in the order listed:

    The playerID parameter in UTF-8 format

    The bundleID parameter in UTF-8 format

    The timestamp parameter in Big-Endian UInt-64 format

    The salt parameter

  6. Generate a SHA-1 hash value for the buffer.(用上面的參數按照順序SHA1產生hash值)

  7. Using the public key downloaded in step 3, verify that the hash value generated in step 7 matches the signature parameter provided by the API.(用第三步下載的公匙和game center提供的signature驗證第7步產生的hash值)

我根據這些文檔寫了下面的代碼:

$playerID = 'G:869***86';$bundleID = 'com.****.gcc';$signature =base64_decode('q/rE6vsNyb0458HzYs0TCK/Cz88JmAqob8DM1uwkl5Y9AKrFfZQo/HRtilGlCKvek40PVKUelL0qLZ8M3IBNdV+HshyZVB/SOdo1M7UG1xcqlkRCMlNYLqdpQgpw6GrK3zw4QyyG1Znk2K0AqKN7eeBwcj7KsF2tCFGQpvu+pB+4hEXUYVLRRJ5ElG05/mOzH5oKfugBestANEwPBSheN1FIOFBPVcCbp/9P7HamB3Yi3+rzE1Kv8KIKM5iOi01pIAFMmSfPYjKzrSHGOkI4/KSItAIFq9jQv67YvZP1oCQRttD/K+XvtxbikX++jB4pmq4ctaCZXeFrW6gXxIRGsA==');$timestamp = 1429756461745;$salt = '/Mxf3w==';$pubkeyid  = openssl_pkey_get_public(file_get_contents('gc-sb-2.crt'));$data = sha1($playerID.$bundleID.$timestamp.$salt);var_dump(openssl_verify($data,$signature,$pubkeyid,OPENSSL_ALGO_SHA1));openssl_free_key($pubkeyid);

上面的認證檔案是通過下面的網站轉換成pem,php不支援對.cer操作。
https://www.google.com.tw/url?sa=t&rct=j&q=&esrc=s&sou...

總是驗證失敗,請求各位大神幫幫忙,指點一下。

回複內容:

game center就給出了下面幾句驗證的流程:
https://developer.apple.com/library/mac/documentation/GameKit/Referenc...:

下面是它的步驟:
1. Call [GKLocalPlayer generateIdentityVerificationSignatureWithCompletionHandler] in your app.(用戶端調用此方法)

  1. Send the publicKeyURL, signature, salt, and timestamp parameters to the third party server used for authentication.(拿到game center 返回的資料發送給服務端校正)

  2. Use the publicKeyURL on the third party server to download the public key.(使用用戶端提供的public key url下載公匙)

  3. Verify with the appropriate signing authority that the public key is signed by Apple.(驗證是否是蘋果公司簽名的公匙?)

  4. Retrieve the player’s playerID and bundleID.(提取玩家的ID和App的BundleId.也是用戶端提供)

  5. Concatenate into a data buffer the following information, in the order listed:

    The playerID parameter in UTF-8 format

    The bundleID parameter in UTF-8 format

    The timestamp parameter in Big-Endian UInt-64 format

    The salt parameter

  6. Generate a SHA-1 hash value for the buffer.(用上面的參數按照順序SHA1產生hash值)

  7. Using the public key downloaded in step 3, verify that the hash value generated in step 7 matches the signature parameter provided by the API.(用第三步下載的公匙和game center提供的signature驗證第7步產生的hash值)

我根據這些文檔寫了下面的代碼:

$playerID = 'G:869***86';$bundleID = 'com.****.gcc';$signature =base64_decode('q/rE6vsNyb0458HzYs0TCK/Cz88JmAqob8DM1uwkl5Y9AKrFfZQo/HRtilGlCKvek40PVKUelL0qLZ8M3IBNdV+HshyZVB/SOdo1M7UG1xcqlkRCMlNYLqdpQgpw6GrK3zw4QyyG1Znk2K0AqKN7eeBwcj7KsF2tCFGQpvu+pB+4hEXUYVLRRJ5ElG05/mOzH5oKfugBestANEwPBSheN1FIOFBPVcCbp/9P7HamB3Yi3+rzE1Kv8KIKM5iOi01pIAFMmSfPYjKzrSHGOkI4/KSItAIFq9jQv67YvZP1oCQRttD/K+XvtxbikX++jB4pmq4ctaCZXeFrW6gXxIRGsA==');$timestamp = 1429756461745;$salt = '/Mxf3w==';$pubkeyid  = openssl_pkey_get_public(file_get_contents('gc-sb-2.crt'));$data = sha1($playerID.$bundleID.$timestamp.$salt);var_dump(openssl_verify($data,$signature,$pubkeyid,OPENSSL_ALGO_SHA1));openssl_free_key($pubkeyid);

上面的認證檔案是通過下面的網站轉換成pem,php不支援對.cer操作。
https://www.google.com.tw/url?sa=t&rct=j&q=&esrc=s&sou...

總是驗證失敗,請求各位大神幫幫忙,指點一下。

在用POST或者GET傳送資料時,如果資料裡含有"+"(加號),但接收程式解析資料時,會把這個加號解析成空格。
解決辦法:
在php裡面,先用str_replace函數,將加號替換成"%2B",然後進行urlencode編碼,在接收方用urldecode解碼就可正常使用了。

用戶端發送的“signature”這個參數裡有“+”,需要替換成“%2B”

  • 聯繫我們

    該頁面正文內容均來源於網絡整理,並不代表阿里雲官方的觀點,該頁面所提到的產品和服務也與阿里云無關,如果該頁面內容對您造成了困擾,歡迎寫郵件給我們,收到郵件我們將在5個工作日內處理。

    如果您發現本社區中有涉嫌抄襲的內容,歡迎發送郵件至: info-contact@alibabacloud.com 進行舉報並提供相關證據,工作人員會在 5 個工作天內聯絡您,一經查實,本站將立刻刪除涉嫌侵權內容。

    A Free Trial That Lets You Build Big!

    Start building with 50+ products and up to 12 months usage for Elastic Compute Service

    • Sales Support

      1 on 1 presale consultation

    • After-Sales Support

      24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.