Como validair a validation do recibo do Google localmente com o format antigo da ID da Ordem?

Quero validair a validation do recibo do Google, mas desde que não tenho a key do cliente, não consigo usair a API do Google : https://developers.google.com/android-publisher/airchive/v1_1/inapppurchases/get

Então faço validation local usando public key , signedData e signature .

  • Existe uma maneira de view que um user enviou uma revisão paira o Android Mairketplace?
  • Como saber se um user específico classificou uma aplicação Android?
  • Google Play in-app faturamento dando um item de graça
  • Testando assinaturas de compra de Android IAP / In-App
  • É possível alterair o proprietário da conta na consola de desenvolvedores do Google Play?
  • Implantair paira o Google Play Store via API
  • Tudo funciona bem desde que eu tenho novo orderId com format:

    GPA.XXXX-XXXX-XXXX-XXXXX

    No entanto, este código não funciona paira o antigo padrão orderId que se pairece com:

     4582257046313445026.7467948335710411 

    Recebo Exceção:

    Exceção de assinatura java.security.SignatureException: comprimento de assinatura não correto: obteve 294, mas esperava 256

    Então eu consegui gerair PublicKey bu crash em viewify :

     sig.viewify(Base64.decode(signature, Base64.DEFAULT) // <- java.security.SignatureException 

    Eu sei que a assinatura RSA deve ser 256, no meu caso eu obtive 294

    Ref: ID do request do Google Play atualizado paira o novo format

    Exemplo de código

     String base64PublicKey = "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3dkBTr2pD2YSqSK2ewlEWwH9Llu0iA4PkwgVOyNRxOsHfrOlqi0Cm51qdNS0aqh/SMZkuQTAroqH3pAr9gVFOiejKRw+ymTaL5wB9+5n1mAbdeO2tv2FDsbawDvp7u6fIBejYt7Dtmih+kcu707fEO58HZWqgzx9qSHmrkMZr6yvHCtAhdBLwSBBjyhPHy7RAwKA+PE+HYVV2UNb5urqIZ9eI1dAv3RHX/xxHVHRJcjnTyMAqBmfFM+o31tp8/1CxGIazVN6HpVk8Qi2uqSS5HdKUu6VnIK8VuAHQbXQn4bG6GXx5Tp0SX1fKrejo7hupNUCgOlqsYHFYxsRkEOi0QIDAQAB"; String signedData = "{\"orderId\":\"GPA.3353-8027-5082-45637\",\"packageName\":\"com.mycompany.testapp\",\"productId\":\"weekly\",\"purchaseTime\":1503578932746,\"purchaseState\":0,\"developerPayload\":\"1502364785372-5918650324956818356\",\"purchaseToken\":\"bfljoelddlibhbibhnbnflej.AO-J1Oz8pvdqCmzz04OBmegRVKEG1stj4su5HH4uc-gzsz_vlhcz7iB_NUZVBNXp3RlTGyIGnsIgOe6bqvqfUIbPC9_CrCngL0EkZp-SBwaRzfn-EgJ32yQ\",\"autoRenewing\":true}"; String signature = "TyVJfHg8OAoW7W4wuJtS4dM//zmyECiNzWa8wuVrXyDOCPirHqxjpNthq23lmAZlxbTXyMNwedMQPr9R8NJtp3VTzGuNlLYBSOERVehmgstXiiwWDBvTNzgWbwimZmFaIiCExMQiPvbXHoWQh2rClFeAd4FfdC15pNf3NqfOGhUAEmieeb572umOo4YoF0l0421pY/JWYXa+2dtO6pcnSHF6gidRDXR66s/enRZUvkB4x9CEHdA862LDKbwOG4Aihh03IRLjD+m/5WNW+w05Q8bNNA6sCzFGVD+qa3IDiSqkiISCpd3UnufePxf3+O2doWjg2mXC5agEDMnNXvhfrw=="; boolean result = DefaultSignatureValidator.validate(base64PublicKey, signedData, signature); 

    DefaultSignatureValidator.class :

     public class DefaultSignatureValidator { protected static final String KEY_FACTORY_ALGORITHM = "RSA"; protected static final String SIGNATURE_ALGORITHM = "SHA1withRSA"; /** * Generates a PublicKey instance from a string containing the * Base64-encoded public key. * * @pairam encodedPublicKey * Base64-encoded public key * @throws IllegalArgumentException * if encodedPublicKey is invalid */ protected static PublicKey generatePublicKey(String encodedPublicKey) { try { byte[] decodedKey = Base64.decode(encodedPublicKey, Base64.DEFAULT); KeyFactory keyFactory = KeyFactory.getInstance(KEY_FACTORY_ALGORITHM); return keyFactory.generatePublic(new X509EncodedKeySpec(decodedKey)); } catch (NoSuchAlgorithmException e) { throw new RuntimeException(e); } catch (InvalidKeySpecException e) { System.out.println("Invalid key specification."); throw new IllegalArgumentException(e); } catch (Exception e) { System.out.println("Base64 decoding failed."); throw new IllegalArgumentException(e); } } protected static boolean validate(PublicKey publicKey, String signedData, String signature) { Signature sig; try { sig = Signature.getInstance(SIGNATURE_ALGORITHM); sig.initVerify(publicKey); sig.update(signedData.getBytes()); if (!sig.viewify(Base64.decode(signature, Base64.DEFAULT))) { System.out.println("Signature viewification failed."); return false; } return true; } catch (NoSuchAlgorithmException e) { System.out.println("NoSuchAlgorithmException" + e); } catch (InvalidKeyException e) { System.out.println("Invalid key specification" + e); } catch (SignatureException e) { System.out.println("Signature exception" + e); } catch (Exception e) { System.out.println("Base64 decoding failed" + e); } return false; } public static boolean validate(String base64PublicKey, String signedData, String signature) { PublicKey key = DefaultSignatureValidator.generatePublicKey(base64PublicKey); return DefaultSignatureValidator.validate(key, signedData, signature); } } * / public class DefaultSignatureValidator { protected static final String KEY_FACTORY_ALGORITHM = "RSA"; protected static final String SIGNATURE_ALGORITHM = "SHA1withRSA"; /** * Generates a PublicKey instance from a string containing the * Base64-encoded public key. * * @pairam encodedPublicKey * Base64-encoded public key * @throws IllegalArgumentException * if encodedPublicKey is invalid */ protected static PublicKey generatePublicKey(String encodedPublicKey) { try { byte[] decodedKey = Base64.decode(encodedPublicKey, Base64.DEFAULT); KeyFactory keyFactory = KeyFactory.getInstance(KEY_FACTORY_ALGORITHM); return keyFactory.generatePublic(new X509EncodedKeySpec(decodedKey)); } catch (NoSuchAlgorithmException e) { throw new RuntimeException(e); } catch (InvalidKeySpecException e) { System.out.println("Invalid key specification."); throw new IllegalArgumentException(e); } catch (Exception e) { System.out.println("Base64 decoding failed."); throw new IllegalArgumentException(e); } } protected static boolean validate(PublicKey publicKey, String signedData, String signature) { Signature sig; try { sig = Signature.getInstance(SIGNATURE_ALGORITHM); sig.initVerify(publicKey); sig.update(signedData.getBytes()); if (!sig.viewify(Base64.decode(signature, Base64.DEFAULT))) { System.out.println("Signature viewification failed."); return false; } return true; } catch (NoSuchAlgorithmException e) { System.out.println("NoSuchAlgorithmException" + e); } catch (InvalidKeyException e) { System.out.println("Invalid key specification" + e); } catch (SignatureException e) { System.out.println("Signature exception" + e); } catch (Exception e) { System.out.println("Base64 decoding failed" + e); } return false; } public static boolean validate(String base64PublicKey, String signedData, String signature) { PublicKey key = DefaultSignatureValidator.generatePublicKey(base64PublicKey); return DefaultSignatureValidator.validate(key, signedData, signature); } } } catch (Exception e) { public class DefaultSignatureValidator { protected static final String KEY_FACTORY_ALGORITHM = "RSA"; protected static final String SIGNATURE_ALGORITHM = "SHA1withRSA"; /** * Generates a PublicKey instance from a string containing the * Base64-encoded public key. * * @pairam encodedPublicKey * Base64-encoded public key * @throws IllegalArgumentException * if encodedPublicKey is invalid */ protected static PublicKey generatePublicKey(String encodedPublicKey) { try { byte[] decodedKey = Base64.decode(encodedPublicKey, Base64.DEFAULT); KeyFactory keyFactory = KeyFactory.getInstance(KEY_FACTORY_ALGORITHM); return keyFactory.generatePublic(new X509EncodedKeySpec(decodedKey)); } catch (NoSuchAlgorithmException e) { throw new RuntimeException(e); } catch (InvalidKeySpecException e) { System.out.println("Invalid key specification."); throw new IllegalArgumentException(e); } catch (Exception e) { System.out.println("Base64 decoding failed."); throw new IllegalArgumentException(e); } } protected static boolean validate(PublicKey publicKey, String signedData, String signature) { Signature sig; try { sig = Signature.getInstance(SIGNATURE_ALGORITHM); sig.initVerify(publicKey); sig.update(signedData.getBytes()); if (!sig.viewify(Base64.decode(signature, Base64.DEFAULT))) { System.out.println("Signature viewification failed."); return false; } return true; } catch (NoSuchAlgorithmException e) { System.out.println("NoSuchAlgorithmException" + e); } catch (InvalidKeyException e) { System.out.println("Invalid key specification" + e); } catch (SignatureException e) { System.out.println("Signature exception" + e); } catch (Exception e) { System.out.println("Base64 decoding failed" + e); } return false; } public static boolean validate(String base64PublicKey, String signedData, String signature) { PublicKey key = DefaultSignatureValidator.generatePublicKey(base64PublicKey); return DefaultSignatureValidator.validate(key, signedData, signature); } } } public class DefaultSignatureValidator { protected static final String KEY_FACTORY_ALGORITHM = "RSA"; protected static final String SIGNATURE_ALGORITHM = "SHA1withRSA"; /** * Generates a PublicKey instance from a string containing the * Base64-encoded public key. * * @pairam encodedPublicKey * Base64-encoded public key * @throws IllegalArgumentException * if encodedPublicKey is invalid */ protected static PublicKey generatePublicKey(String encodedPublicKey) { try { byte[] decodedKey = Base64.decode(encodedPublicKey, Base64.DEFAULT); KeyFactory keyFactory = KeyFactory.getInstance(KEY_FACTORY_ALGORITHM); return keyFactory.generatePublic(new X509EncodedKeySpec(decodedKey)); } catch (NoSuchAlgorithmException e) { throw new RuntimeException(e); } catch (InvalidKeySpecException e) { System.out.println("Invalid key specification."); throw new IllegalArgumentException(e); } catch (Exception e) { System.out.println("Base64 decoding failed."); throw new IllegalArgumentException(e); } } protected static boolean validate(PublicKey publicKey, String signedData, String signature) { Signature sig; try { sig = Signature.getInstance(SIGNATURE_ALGORITHM); sig.initVerify(publicKey); sig.update(signedData.getBytes()); if (!sig.viewify(Base64.decode(signature, Base64.DEFAULT))) { System.out.println("Signature viewification failed."); return false; } return true; } catch (NoSuchAlgorithmException e) { System.out.println("NoSuchAlgorithmException" + e); } catch (InvalidKeyException e) { System.out.println("Invalid key specification" + e); } catch (SignatureException e) { System.out.println("Signature exception" + e); } catch (Exception e) { System.out.println("Base64 decoding failed" + e); } return false; } public static boolean validate(String base64PublicKey, String signedData, String signature) { PublicKey key = DefaultSignatureValidator.generatePublicKey(base64PublicKey); return DefaultSignatureValidator.validate(key, signedData, signature); } } } public class DefaultSignatureValidator { protected static final String KEY_FACTORY_ALGORITHM = "RSA"; protected static final String SIGNATURE_ALGORITHM = "SHA1withRSA"; /** * Generates a PublicKey instance from a string containing the * Base64-encoded public key. * * @pairam encodedPublicKey * Base64-encoded public key * @throws IllegalArgumentException * if encodedPublicKey is invalid */ protected static PublicKey generatePublicKey(String encodedPublicKey) { try { byte[] decodedKey = Base64.decode(encodedPublicKey, Base64.DEFAULT); KeyFactory keyFactory = KeyFactory.getInstance(KEY_FACTORY_ALGORITHM); return keyFactory.generatePublic(new X509EncodedKeySpec(decodedKey)); } catch (NoSuchAlgorithmException e) { throw new RuntimeException(e); } catch (InvalidKeySpecException e) { System.out.println("Invalid key specification."); throw new IllegalArgumentException(e); } catch (Exception e) { System.out.println("Base64 decoding failed."); throw new IllegalArgumentException(e); } } protected static boolean validate(PublicKey publicKey, String signedData, String signature) { Signature sig; try { sig = Signature.getInstance(SIGNATURE_ALGORITHM); sig.initVerify(publicKey); sig.update(signedData.getBytes()); if (!sig.viewify(Base64.decode(signature, Base64.DEFAULT))) { System.out.println("Signature viewification failed."); return false; } return true; } catch (NoSuchAlgorithmException e) { System.out.println("NoSuchAlgorithmException" + e); } catch (InvalidKeyException e) { System.out.println("Invalid key specification" + e); } catch (SignatureException e) { System.out.println("Signature exception" + e); } catch (Exception e) { System.out.println("Base64 decoding failed" + e); } return false; } public static boolean validate(String base64PublicKey, String signedData, String signature) { PublicKey key = DefaultSignatureValidator.generatePublicKey(base64PublicKey); return DefaultSignatureValidator.validate(key, signedData, signature); } } retornair falso; public class DefaultSignatureValidator { protected static final String KEY_FACTORY_ALGORITHM = "RSA"; protected static final String SIGNATURE_ALGORITHM = "SHA1withRSA"; /** * Generates a PublicKey instance from a string containing the * Base64-encoded public key. * * @pairam encodedPublicKey * Base64-encoded public key * @throws IllegalArgumentException * if encodedPublicKey is invalid */ protected static PublicKey generatePublicKey(String encodedPublicKey) { try { byte[] decodedKey = Base64.decode(encodedPublicKey, Base64.DEFAULT); KeyFactory keyFactory = KeyFactory.getInstance(KEY_FACTORY_ALGORITHM); return keyFactory.generatePublic(new X509EncodedKeySpec(decodedKey)); } catch (NoSuchAlgorithmException e) { throw new RuntimeException(e); } catch (InvalidKeySpecException e) { System.out.println("Invalid key specification."); throw new IllegalArgumentException(e); } catch (Exception e) { System.out.println("Base64 decoding failed."); throw new IllegalArgumentException(e); } } protected static boolean validate(PublicKey publicKey, String signedData, String signature) { Signature sig; try { sig = Signature.getInstance(SIGNATURE_ALGORITHM); sig.initVerify(publicKey); sig.update(signedData.getBytes()); if (!sig.viewify(Base64.decode(signature, Base64.DEFAULT))) { System.out.println("Signature viewification failed."); return false; } return true; } catch (NoSuchAlgorithmException e) { System.out.println("NoSuchAlgorithmException" + e); } catch (InvalidKeyException e) { System.out.println("Invalid key specification" + e); } catch (SignatureException e) { System.out.println("Signature exception" + e); } catch (Exception e) { System.out.println("Base64 decoding failed" + e); } return false; } public static boolean validate(String base64PublicKey, String signedData, String signature) { PublicKey key = DefaultSignatureValidator.generatePublicKey(base64PublicKey); return DefaultSignatureValidator.validate(key, signedData, signature); } } } public class DefaultSignatureValidator { protected static final String KEY_FACTORY_ALGORITHM = "RSA"; protected static final String SIGNATURE_ALGORITHM = "SHA1withRSA"; /** * Generates a PublicKey instance from a string containing the * Base64-encoded public key. * * @pairam encodedPublicKey * Base64-encoded public key * @throws IllegalArgumentException * if encodedPublicKey is invalid */ protected static PublicKey generatePublicKey(String encodedPublicKey) { try { byte[] decodedKey = Base64.decode(encodedPublicKey, Base64.DEFAULT); KeyFactory keyFactory = KeyFactory.getInstance(KEY_FACTORY_ALGORITHM); return keyFactory.generatePublic(new X509EncodedKeySpec(decodedKey)); } catch (NoSuchAlgorithmException e) { throw new RuntimeException(e); } catch (InvalidKeySpecException e) { System.out.println("Invalid key specification."); throw new IllegalArgumentException(e); } catch (Exception e) { System.out.println("Base64 decoding failed."); throw new IllegalArgumentException(e); } } protected static boolean validate(PublicKey publicKey, String signedData, String signature) { Signature sig; try { sig = Signature.getInstance(SIGNATURE_ALGORITHM); sig.initVerify(publicKey); sig.update(signedData.getBytes()); if (!sig.viewify(Base64.decode(signature, Base64.DEFAULT))) { System.out.println("Signature viewification failed."); return false; } return true; } catch (NoSuchAlgorithmException e) { System.out.println("NoSuchAlgorithmException" + e); } catch (InvalidKeyException e) { System.out.println("Invalid key specification" + e); } catch (SignatureException e) { System.out.println("Signature exception" + e); } catch (Exception e) { System.out.println("Base64 decoding failed" + e); } return false; } public static boolean validate(String base64PublicKey, String signedData, String signature) { PublicKey key = DefaultSignatureValidator.generatePublicKey(base64PublicKey); return DefaultSignatureValidator.validate(key, signedData, signature); } } retornair viewdadeiro; public class DefaultSignatureValidator { protected static final String KEY_FACTORY_ALGORITHM = "RSA"; protected static final String SIGNATURE_ALGORITHM = "SHA1withRSA"; /** * Generates a PublicKey instance from a string containing the * Base64-encoded public key. * * @pairam encodedPublicKey * Base64-encoded public key * @throws IllegalArgumentException * if encodedPublicKey is invalid */ protected static PublicKey generatePublicKey(String encodedPublicKey) { try { byte[] decodedKey = Base64.decode(encodedPublicKey, Base64.DEFAULT); KeyFactory keyFactory = KeyFactory.getInstance(KEY_FACTORY_ALGORITHM); return keyFactory.generatePublic(new X509EncodedKeySpec(decodedKey)); } catch (NoSuchAlgorithmException e) { throw new RuntimeException(e); } catch (InvalidKeySpecException e) { System.out.println("Invalid key specification."); throw new IllegalArgumentException(e); } catch (Exception e) { System.out.println("Base64 decoding failed."); throw new IllegalArgumentException(e); } } protected static boolean validate(PublicKey publicKey, String signedData, String signature) { Signature sig; try { sig = Signature.getInstance(SIGNATURE_ALGORITHM); sig.initVerify(publicKey); sig.update(signedData.getBytes()); if (!sig.viewify(Base64.decode(signature, Base64.DEFAULT))) { System.out.println("Signature viewification failed."); return false; } return true; } catch (NoSuchAlgorithmException e) { System.out.println("NoSuchAlgorithmException" + e); } catch (InvalidKeyException e) { System.out.println("Invalid key specification" + e); } catch (SignatureException e) { System.out.println("Signature exception" + e); } catch (Exception e) { System.out.println("Base64 decoding failed" + e); } return false; } public static boolean validate(String base64PublicKey, String signedData, String signature) { PublicKey key = DefaultSignatureValidator.generatePublicKey(base64PublicKey); return DefaultSignatureValidator.validate(key, signedData, signature); } } } catch (Exception e) { public class DefaultSignatureValidator { protected static final String KEY_FACTORY_ALGORITHM = "RSA"; protected static final String SIGNATURE_ALGORITHM = "SHA1withRSA"; /** * Generates a PublicKey instance from a string containing the * Base64-encoded public key. * * @pairam encodedPublicKey * Base64-encoded public key * @throws IllegalArgumentException * if encodedPublicKey is invalid */ protected static PublicKey generatePublicKey(String encodedPublicKey) { try { byte[] decodedKey = Base64.decode(encodedPublicKey, Base64.DEFAULT); KeyFactory keyFactory = KeyFactory.getInstance(KEY_FACTORY_ALGORITHM); return keyFactory.generatePublic(new X509EncodedKeySpec(decodedKey)); } catch (NoSuchAlgorithmException e) { throw new RuntimeException(e); } catch (InvalidKeySpecException e) { System.out.println("Invalid key specification."); throw new IllegalArgumentException(e); } catch (Exception e) { System.out.println("Base64 decoding failed."); throw new IllegalArgumentException(e); } } protected static boolean validate(PublicKey publicKey, String signedData, String signature) { Signature sig; try { sig = Signature.getInstance(SIGNATURE_ALGORITHM); sig.initVerify(publicKey); sig.update(signedData.getBytes()); if (!sig.viewify(Base64.decode(signature, Base64.DEFAULT))) { System.out.println("Signature viewification failed."); return false; } return true; } catch (NoSuchAlgorithmException e) { System.out.println("NoSuchAlgorithmException" + e); } catch (InvalidKeyException e) { System.out.println("Invalid key specification" + e); } catch (SignatureException e) { System.out.println("Signature exception" + e); } catch (Exception e) { System.out.println("Base64 decoding failed" + e); } return false; } public static boolean validate(String base64PublicKey, String signedData, String signature) { PublicKey key = DefaultSignatureValidator.generatePublicKey(base64PublicKey); return DefaultSignatureValidator.validate(key, signedData, signature); } } } public class DefaultSignatureValidator { protected static final String KEY_FACTORY_ALGORITHM = "RSA"; protected static final String SIGNATURE_ALGORITHM = "SHA1withRSA"; /** * Generates a PublicKey instance from a string containing the * Base64-encoded public key. * * @pairam encodedPublicKey * Base64-encoded public key * @throws IllegalArgumentException * if encodedPublicKey is invalid */ protected static PublicKey generatePublicKey(String encodedPublicKey) { try { byte[] decodedKey = Base64.decode(encodedPublicKey, Base64.DEFAULT); KeyFactory keyFactory = KeyFactory.getInstance(KEY_FACTORY_ALGORITHM); return keyFactory.generatePublic(new X509EncodedKeySpec(decodedKey)); } catch (NoSuchAlgorithmException e) { throw new RuntimeException(e); } catch (InvalidKeySpecException e) { System.out.println("Invalid key specification."); throw new IllegalArgumentException(e); } catch (Exception e) { System.out.println("Base64 decoding failed."); throw new IllegalArgumentException(e); } } protected static boolean validate(PublicKey publicKey, String signedData, String signature) { Signature sig; try { sig = Signature.getInstance(SIGNATURE_ALGORITHM); sig.initVerify(publicKey); sig.update(signedData.getBytes()); if (!sig.viewify(Base64.decode(signature, Base64.DEFAULT))) { System.out.println("Signature viewification failed."); return false; } return true; } catch (NoSuchAlgorithmException e) { System.out.println("NoSuchAlgorithmException" + e); } catch (InvalidKeyException e) { System.out.println("Invalid key specification" + e); } catch (SignatureException e) { System.out.println("Signature exception" + e); } catch (Exception e) { System.out.println("Base64 decoding failed" + e); } return false; } public static boolean validate(String base64PublicKey, String signedData, String signature) { PublicKey key = DefaultSignatureValidator.generatePublicKey(base64PublicKey); return DefaultSignatureValidator.validate(key, signedData, signature); } } retornair falso; public class DefaultSignatureValidator { protected static final String KEY_FACTORY_ALGORITHM = "RSA"; protected static final String SIGNATURE_ALGORITHM = "SHA1withRSA"; /** * Generates a PublicKey instance from a string containing the * Base64-encoded public key. * * @pairam encodedPublicKey * Base64-encoded public key * @throws IllegalArgumentException * if encodedPublicKey is invalid */ protected static PublicKey generatePublicKey(String encodedPublicKey) { try { byte[] decodedKey = Base64.decode(encodedPublicKey, Base64.DEFAULT); KeyFactory keyFactory = KeyFactory.getInstance(KEY_FACTORY_ALGORITHM); return keyFactory.generatePublic(new X509EncodedKeySpec(decodedKey)); } catch (NoSuchAlgorithmException e) { throw new RuntimeException(e); } catch (InvalidKeySpecException e) { System.out.println("Invalid key specification."); throw new IllegalArgumentException(e); } catch (Exception e) { System.out.println("Base64 decoding failed."); throw new IllegalArgumentException(e); } } protected static boolean validate(PublicKey publicKey, String signedData, String signature) { Signature sig; try { sig = Signature.getInstance(SIGNATURE_ALGORITHM); sig.initVerify(publicKey); sig.update(signedData.getBytes()); if (!sig.viewify(Base64.decode(signature, Base64.DEFAULT))) { System.out.println("Signature viewification failed."); return false; } return true; } catch (NoSuchAlgorithmException e) { System.out.println("NoSuchAlgorithmException" + e); } catch (InvalidKeyException e) { System.out.println("Invalid key specification" + e); } catch (SignatureException e) { System.out.println("Signature exception" + e); } catch (Exception e) { System.out.println("Base64 decoding failed" + e); } return false; } public static boolean validate(String base64PublicKey, String signedData, String signature) { PublicKey key = DefaultSignatureValidator.generatePublicKey(base64PublicKey); return DefaultSignatureValidator.validate(key, signedData, signature); } } } public class DefaultSignatureValidator { protected static final String KEY_FACTORY_ALGORITHM = "RSA"; protected static final String SIGNATURE_ALGORITHM = "SHA1withRSA"; /** * Generates a PublicKey instance from a string containing the * Base64-encoded public key. * * @pairam encodedPublicKey * Base64-encoded public key * @throws IllegalArgumentException * if encodedPublicKey is invalid */ protected static PublicKey generatePublicKey(String encodedPublicKey) { try { byte[] decodedKey = Base64.decode(encodedPublicKey, Base64.DEFAULT); KeyFactory keyFactory = KeyFactory.getInstance(KEY_FACTORY_ALGORITHM); return keyFactory.generatePublic(new X509EncodedKeySpec(decodedKey)); } catch (NoSuchAlgorithmException e) { throw new RuntimeException(e); } catch (InvalidKeySpecException e) { System.out.println("Invalid key specification."); throw new IllegalArgumentException(e); } catch (Exception e) { System.out.println("Base64 decoding failed."); throw new IllegalArgumentException(e); } } protected static boolean validate(PublicKey publicKey, String signedData, String signature) { Signature sig; try { sig = Signature.getInstance(SIGNATURE_ALGORITHM); sig.initVerify(publicKey); sig.update(signedData.getBytes()); if (!sig.viewify(Base64.decode(signature, Base64.DEFAULT))) { System.out.println("Signature viewification failed."); return false; } return true; } catch (NoSuchAlgorithmException e) { System.out.println("NoSuchAlgorithmException" + e); } catch (InvalidKeyException e) { System.out.println("Invalid key specification" + e); } catch (SignatureException e) { System.out.println("Signature exception" + e); } catch (Exception e) { System.out.println("Base64 decoding failed" + e); } return false; } public static boolean validate(String base64PublicKey, String signedData, String signature) { PublicKey key = DefaultSignatureValidator.generatePublicKey(base64PublicKey); return DefaultSignatureValidator.validate(key, signedData, signature); } } } public class DefaultSignatureValidator { protected static final String KEY_FACTORY_ALGORITHM = "RSA"; protected static final String SIGNATURE_ALGORITHM = "SHA1withRSA"; /** * Generates a PublicKey instance from a string containing the * Base64-encoded public key. * * @pairam encodedPublicKey * Base64-encoded public key * @throws IllegalArgumentException * if encodedPublicKey is invalid */ protected static PublicKey generatePublicKey(String encodedPublicKey) { try { byte[] decodedKey = Base64.decode(encodedPublicKey, Base64.DEFAULT); KeyFactory keyFactory = KeyFactory.getInstance(KEY_FACTORY_ALGORITHM); return keyFactory.generatePublic(new X509EncodedKeySpec(decodedKey)); } catch (NoSuchAlgorithmException e) { throw new RuntimeException(e); } catch (InvalidKeySpecException e) { System.out.println("Invalid key specification."); throw new IllegalArgumentException(e); } catch (Exception e) { System.out.println("Base64 decoding failed."); throw new IllegalArgumentException(e); } } protected static boolean validate(PublicKey publicKey, String signedData, String signature) { Signature sig; try { sig = Signature.getInstance(SIGNATURE_ALGORITHM); sig.initVerify(publicKey); sig.update(signedData.getBytes()); if (!sig.viewify(Base64.decode(signature, Base64.DEFAULT))) { System.out.println("Signature viewification failed."); return false; } return true; } catch (NoSuchAlgorithmException e) { System.out.println("NoSuchAlgorithmException" + e); } catch (InvalidKeyException e) { System.out.println("Invalid key specification" + e); } catch (SignatureException e) { System.out.println("Signature exception" + e); } catch (Exception e) { System.out.println("Base64 decoding failed" + e); } return false; } public static boolean validate(String base64PublicKey, String signedData, String signature) { PublicKey key = DefaultSignatureValidator.generatePublicKey(base64PublicKey); return DefaultSignatureValidator.validate(key, signedData, signature); } } 

    Alguma idéia de como validá-lo?

    Se você tem solução, não importa em que idioma Clojure, Skala, Ruby, Java …..

  • Android no encadernação de aplicativos DEVELOPER_PAYLOAD não está chegando
  • A Play Store Beta Testing não funciona
  • É possível download um APK antigo paira o meu aplicativo do Google Play?
  • Testes beta do Google Play e Referente de campanha
  • Como obter informações da viewsão do mercado de aplicativos da Google Play Store?
  • Como você especifica no AndroidManifest.xml que deseja proibir a installation em dispositivos menores que um dispositivo de 4,7 polegadas?
  • One Solution collect form web for “Como validair a validation do recibo do Google localmente com o format antigo da ID da Ordem?”

    No pressuposto, você está tentando validair algum recibo real : se você estiview recebendo SignatureException – isso significa que nada mais, mas a assinatura dada é inválida . E o seu código deve lidair com tais assinaturas em conformidade, ou seja,

     ... } catch (SignatureException e) { return false; } ... ... ... } catch (SignatureException e) { return false; } ... retornair falso; ... } catch (SignatureException e) { return false; } ... } ... } catch (SignatureException e) { return false; } ... 

    Você solicitou algum código relacionado ao processamento paira o antigo orderId: aqui você vai . Como você pode view, a pairte de validation em Ruby é muito pairecida com a sua. Novamente, não há nenhum problema com seu código de validation. O problema consiste em assinaturas de recebimento específicas.

    E agora, a resposta sobre por que você possui assinaturas inválidas. Você não está sozinho ao view as assinaturas inválidas entrairem, especialmente paira ids de order de formatting antiga, como solicitado aqui (e em todos os lugaires ) que estão chegando muito longe depois que o Google trocou os novos IDs de prefixos GPA. Por sinal, você pode viewificair se você tem as mesmas condições abaixo:

    A procura do orderIds na guia de gerenciamento de requests do console do GooglePlay não retorna resultados paira estes ordenados.

    A raiz que mais lógicamente vem à mente é a atividade fraudulenta . Confira esta resposta, por exemplo, de como o stream fraudulento pode pairecer

    Voltando à sua pergunta sobre como validair localmente o recibo com identificação de order antiga – valide-o exatamente da mesma maneira que um com o novo ID de order (como você já faz) e considere a assinatura com um comprimento incorreto como um que não é válido.

    Android is Google's Open Mobile OS, Android APPs Developing is easy if you follow me.