Skip to content
Create a gist now

Instantly share code, notes, and snippets.

Embed URL


Subversion checkout URL

You can clone with
Download ZIP
function ValidateGooglePlaySignature($responseData, $signature, $publicKey, &$status, &$response)
$response = json_decode($responseData);
//Create an RSA key compatible with openssl_verify from our Google Play sig
$key = "-----BEGIN PUBLIC KEY-----\n".
chunk_split($publicKey, 64,"\n").
'-----END PUBLIC KEY-----';
$key = openssl_get_publickey($key);
// Pre-add signature to return array before we decode it
$retArray = array('signature' => $signature);
//Signature should be in binary format, but it comes as BASE64.
$signature = base64_decode($signature);
//Verify the signature
$result = openssl_verify($responseData, $signature, $key, OPENSSL_ALGO_SHA1);
$status = (1 === $result)?0:1;
$retArray["status"] = $status;
return $retArray;

Any updates? I have no idea how to change the JSON to a valid validation responseData!?


Shouldn't the line 22 be: $status = (1 === $result)?1:0;


Yeeeeah, it's WORKING!!!!! THANKS!! :-)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Something went wrong with that request. Please try again.