/**
* Verifies that the response was signed with the given signature
* and, optionally, for the right package
*
* @param AndroidMarket_Licensing_ResponseData|string $responseData
* @param string $signature
* @return bool
*/
public function verify($responseData, $signature)
{
if ($responseData instanceof AndroidMarket_Licensing_ResponseData) {
$response = $responseData;
} else {
$response = new AndroidMarket_Licensing_ResponseData($responseData);
}
//check package name is valid
if (!empty($this->_packageName) && $this->_packageName !== $response->getPackageName()) {
return false;
}
if (!$response->isLicensed()) {
return false;
}
$result = openssl_verify($responseData, base64_decode($signature), $this->_publicKey, self::SIGNATURE_ALGORITHM);
//openssl_verify returns 1 for a valid signature
if (0 === $result) {
return false;
} else {
if (1 !== $result) {
require_once 'AndroidMarket/Licensing/RuntimeException.php';
throw new AndroidMarket_Licensing_RuntimeException('Unknown error verifying the signature in openssl_verify');
}
}
return true;
}
/**
* @dataProvider errorResponseCodeProvider
*/
public function testErroneousResponseIsNotLicensed($responseCode)
{
$data = $responseCode . '|1448316265|uk.co.davidcaunt.android.licensingtest|1|ANlOHQOP0LkZ7Y0/zy7PIkZ2Nh5B73SgoA==|1308692145367';
$response = new AndroidMarket_Licensing_ResponseData($data);
$this->assertFalse($response->isLicensed());
}
