showsky/ssv_verify.php

## ssv_verify.php
<?php

/**
 * Validating Server-Side Verification (SSV) Callbacks
 * https://developers.google.com/admob/android/rewarded-video-ssv
 *
 * @author showsky <showsky@gmail.com>
 */

function fetch_verifier_keys() {
    $admob_key_server = 'https://www.gstatic.com/admob/reward/verifier-keys.json';
    return file_get_contents($admob_key_server);
}

function signature($query_string) {
    parse_str($query_string, $result);
    $signature = trim($result['signature']);
    $signature = str_replace(['-', '_'], ['+', '/'], $signature);
    $signature .= '===';
    return $signature;
}

function verify($message, $signature, $public_key) {
    $return = [
        'code' => 0,
        'message' => 'error'
    ];

    $success = openssl_verify(
        $message,
        base64_decode($signature),
        $public_key,
        OPENSSL_ALGO_SHA256
    );

    if ($success === -1) {
        $return['message'] = openssl_error_string();
    } elseif ($success === 1) {
        $return['code'] = 1;
        $return['message'] = 'success';
    } else {
        $return['message'] = openssl_error_string();
    }

    return $return;
}

// callback data
$result_data = array (
    'ad_network' => '5450213213286189855',
    'ad_unit' => '1234567890',
    'timestamp' => '1600314497379',
    'transaction_id' => '123456789',
    'signature' => 'MEUCICmf-BtqS8zBJnzHm9dZc3bwY77sIa8FoG8Lu6nJBzCPAiEArlvVhzcS97qSXMHwuAVFl8MTiByB0mwQgEPv3Tfm87w',
    'key_id' => '3335741209',
);
$query_string = http_build_query($result_data);

// fetch admob key server
$verifier_keys = json_decode(fetch_verifier_keys(), true);
$public_key = openssl_pkey_get_public(
    $verifier_keys['keys'][0]['pem']
);
$signature = signature($query_string);

// verify ECDSA
$message = substr($query_string, 0, strpos($query_string, 'signature') - 1);
$result = verify(
    $message,
    $signature,
    $public_key
);
var_dump($result);
	<?php

	/**
	* Validating Server-Side Verification (SSV) Callbacks
	* https://developers.google.com/admob/android/rewarded-video-ssv
	*
	* @author showsky <showsky@gmail.com>
	*/

	function fetch_verifier_keys() {
	$admob_key_server = 'https://www.gstatic.com/admob/reward/verifier-keys.json';
	return file_get_contents($admob_key_server);
	}

	function signature($query_string) {
	parse_str($query_string, $result);
	$signature = trim($result['signature']);
	$signature = str_replace(['-', '_'], ['+', '/'], $signature);
	$signature .= '===';
	return $signature;
	}

	function verify($message, $signature, $public_key) {
	$return = [
	'code' => 0,
	'message' => 'error'
	];

	$success = openssl_verify(
	$message,
	base64_decode($signature),
	$public_key,
	OPENSSL_ALGO_SHA256
	);

	if ($success === -1) {
	$return['message'] = openssl_error_string();
	} elseif ($success === 1) {
	$return['code'] = 1;
	$return['message'] = 'success';
	} else {
	$return['message'] = openssl_error_string();
	}

	return $return;
	}

	// callback data
	$result_data = array (
	'ad_network' => '5450213213286189855',
	'ad_unit' => '1234567890',
	'timestamp' => '1600314497379',
	'transaction_id' => '123456789',
	'signature' => 'MEUCICmf-BtqS8zBJnzHm9dZc3bwY77sIa8FoG8Lu6nJBzCPAiEArlvVhzcS97qSXMHwuAVFl8MTiByB0mwQgEPv3Tfm87w',
	'key_id' => '3335741209',
	);
	$query_string = http_build_query($result_data);

	// fetch admob key server
	$verifier_keys = json_decode(fetch_verifier_keys(), true);
	$public_key = openssl_pkey_get_public(
	$verifier_keys['keys'][0]['pem']
	);
	$signature = signature($query_string);

	// verify ECDSA
	$message = substr($query_string, 0, strpos($query_string, 'signature') - 1);
	$result = verify(
	$message,
	$signature,
	$public_key
	);
	var_dump($result);