public

  • Download Gist
Google Play PHP Receipt Validation
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
function ValidateGooglePlaySignature($responseData, $signature, $publicKey, &$status, &$response)
{
$responseData=trim($responseData);
$signature=trim($signature);
$response = json_decode($responseData);
 
//Create an RSA key compatible with openssl_verify from our Google Play sig
$key = "-----BEGIN PUBLIC KEY-----\n".
chunk_split($publicKey, 64,"\n").
'-----END PUBLIC KEY-----';
$key = openssl_get_publickey($key);
// Pre-add signature to return array before we decode it
$retArray = array('signature' => $signature);
//Signature should be in binary format, but it comes as BASE64.
$signature = base64_decode($signature);
//Verify the signature
$result = openssl_verify($responseData, $signature, $key, OPENSSL_ALGO_SHA1);
$status = (1 === $result)?0:1;
$retArray["status"] = $status;
return $retArray;
}

Please sign in to comment on this gist.

Something went wrong with that request. Please try again.