我下载AppleRootCertificate.cer,现在我尝试检查我的应用内收据证书是否有效(与苹果一样)。
我喜欢他的WWDS视频中出现的苹果。
BIO *b_receipt = BIO_new_mem_buf((void *)[receipt bytes], (long)[receipt length]);
BIO *b_x509 = BIO_new_mem_buf((void *)[certificateData bytes], (long)[certificateData length]);
// Convert receipt data to PKCS #7 Representation
PKCS7 * p7 = d2i_PKCS7_bio(b_receipt, NULL);
// Create the certificate store for matching white Apple cerif.
X509_STORE * store = X509_STORE_new();
X509 * appleRootCA = d2i_X509_bio(b_x509, NULL);
X509_STORE_add_cert(store, appleRootCA);
// Verify the Signature
BIO * b_receiptPayload = BIO_new(BIO_s_mem());
int result = PKCS7_verify(p7, NULL, store, NULL, b_receiptPayload, 0);
NSLog(@"Result == %i", result);
但结果始终为0而不是1.
我做错了什么?
答案 0 :(得分:5)
根据#noloader的建议,我使用ERR_get_error()打印错误。
当我得到:Error:0D0C50A1:lib(13):func(197):reason(161)时,我会谷歌并发现我需要在上面添加以下内容:
OpenSSL_add_all_algorithms();
这解决了我所有的问题:D