Create a gist now

Instantly share code, notes, and snippets.

What would you like to do?
function ValidateGooglePlaySignature( $responseData, $signature, $publicKey, &$status, &$response )
{
$responseData = trim( $responseData );
$signature = trim( $signature );
$response = json_decode( $responseData );
// Create an RSA key compatible with openssl_verify from our Google Play sig
$key = "-----BEGIN PUBLIC KEY-----\n".
chunk_split($publicKey, 64,"\n").
'-----END PUBLIC KEY-----';
$key = openssl_get_publickey( $key );
// Pre-add signature to return array before we decode it
$retArray = array( 'signature' => $signature );
//Signature should be in binary format, but it comes as BASE64.
$signature = base64_decode( $signature );
//Verify the signature
$result = openssl_verify( $responseData, $signature, $key, OPENSSL_ALGO_SHA1 );
$status = ( 1 === $result ) ? 1 : 0;
$retArray["status"] = $status;
return $retArray;
}
@mitchobrian

This comment has been minimized.

Show comment Hide comment
@mitchobrian

mitchobrian Nov 12, 2014

Any updates? I have no idea how to change the JSON to a valid validation responseData!?

Any updates? I have no idea how to change the JSON to a valid validation responseData!?

@zeeshank22

This comment has been minimized.

Show comment Hide comment
@zeeshank22

zeeshank22 Apr 2, 2015

Shouldn't the line 22 be: $status = (1 === $result)?1:0;

Shouldn't the line 22 be: $status = (1 === $result)?1:0;

@ragcsalo

This comment has been minimized.

Show comment Hide comment
@ragcsalo

ragcsalo Apr 30, 2015

Yeeeeah, it's WORKING!!!!! THANKS!! :-)

Yeeeeah, it's WORKING!!!!! THANKS!! :-)

@felipefrancisco

This comment has been minimized.

Show comment Hide comment
@felipefrancisco

felipefrancisco Mar 7, 2017

Is this still the correct validation method?

Is this still the correct validation method?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment