我正在尝试验证收据是使用来自一个名为RMStore的收据验证流行库的代码:
NSUUID * uuid = [[UIDevice currentDevice] identifierForVendor];
uuid_t uuidBytes;
[uuid getUUIDBytes:uuidBytes];
NSMutableData * data = [[NSMutableData alloc] init];
[data appendBytes:uuidBytes length:sizeof(uuidBytes)];
[data appendData:_parsedReceipt.opaqueValue];
[data appendData:_parsedReceipt.bundleIdentifierData];
NSMutableData * computedHash = [NSMutableData dataWithLength:SHA_DIGEST_LENGTH];
SHA1(data.bytes, data.length, computedHash.mutableBytes);
return [computedHash isEqualToData:_parsedReceipt.hash];
但是这两个哈希值不相等。代码有问题吗?
编辑
SKReceiptRefreshRequest * request = [[SKReceiptRefreshRequest alloc] initWithReceiptProperties:@{SKReceiptPropertyIsRevoked: @YES}];
[request setDelegate:self];
[request start];
在我重新获取收据一次后,哈希开始匹配。这是我见过的最奇怪的行为。有人知道为什么会这样吗?
正如您获取代码的答案所示,如果验证失败,Apple建议刷新收据。以下是RMStore验证收据/交易的操作:
RMAppReceipt *receipt = [RMAppReceipt bundleReceipt];
const BOOL verified = [self verifyTransaction:transaction inReceipt:receipt success:successBlock failure:nil]; // failureBlock is nil intentionally. See below.
if (verified) return;
// Apple recommends to refresh the receipt if validation fails on iOS
[[RMStore defaultStore] refreshReceiptOnSuccess:^{
RMAppReceipt *receipt = [RMAppReceipt bundleReceipt];
[self verifyTransaction:transaction inReceipt:receipt success:successBlock failure:failureBlock];
} failure:^(NSError *error) {
[self failWithBlock:failureBlock error:error];
}];
我只在这里添加一件事-花了我一段时间来弄清楚为什么我的哈希是不匹配的…
收据bundleId示例:ASN1 OCTET STRING(27字节)0C19636F6D2E706177656C6B6C61707563682E536B696E4578616D
它实际上是由标识符(0C),长度(19)和值(63..6D)组成的。
用于比较app.bundleId ==收据。bundleId→只使用值
用于生成哈希->使用整个ASN1缓冲区
(否则SHA1将导致不同的值)