苹果收货设备哈希验证

Question

我正在尝试验证收据是否针对这个特定的设备，它使用了一个流行的接收库的代码来进行收据验证，名为RMStore：

NSUUID * uuid = [[UIDevice currentDevice] identifierForVendor];
uuid_t uuidBytes;
[uuid getUUIDBytes:uuidBytes];

NSMutableData * data = [[NSMutableData alloc] init];
[data appendBytes:uuidBytes length:sizeof(uuidBytes)];
[data appendData:_parsedReceipt.opaqueValue];
[data appendData:_parsedReceipt.bundleIdentifierData];

NSMutableData * computedHash = [NSMutableData dataWithLength:SHA_DIGEST_LENGTH];
SHA1(data.bytes, data.length, computedHash.mutableBytes);

return [computedHash isEqualToData:_parsedReceipt.hash];

但这两个哈希并不相等。密码有问题吗？

编辑

    SKReceiptRefreshRequest * request = [[SKReceiptRefreshRequest alloc] initWithReceiptProperties:@{SKReceiptPropertyIsRevoked: @YES}];
    [request setDelegate:self];
    [request start];

当我重取收据一次后，散列开始匹配。这是我见过的最奇怪的行为。有人知道为什么会发生这种事吗？

Answer 1

正如您所使用代码的答案所示，如果验证失败，Apple建议刷新收据。这是RMStore为验证收据/事务所做的工作：

RMAppReceipt *receipt = [RMAppReceipt bundleReceipt];
const BOOL verified = [self verifyTransaction:transaction inReceipt:receipt success:successBlock failure:nil]; // failureBlock is nil intentionally. See below.
if (verified) return;

// Apple recommends to refresh the receipt if validation fails on iOS
[[RMStore defaultStore] refreshReceiptOnSuccess:^{
    RMAppReceipt *receipt = [RMAppReceipt bundleReceipt];
    [self verifyTransaction:transaction inReceipt:receipt success:successBlock failure:failureBlock];
} failure:^(NSError *error) {
    [self failWithBlock:failureBlock error:error];
}];

Answer 2

我只想补充一件事--我花了一段时间才弄明白为什么我的散列不匹配.

接收bundleId示例: ASN1八进制字符串(27字节)ASN1

它实际上由标识符(0C)、长度(19)和值(63.6D)组成。

用于比较app.bundleId == receipt.bundleId ->只使用

生成散列->的使用整个ASN1缓冲区

(否则SHA1将导致不同的值)