protonlabs/ios-receipt-parser

解析苹果颁发的PKCS#7容器中的收据的实用工具

维护者

详细信息

github.com/ProtonMail/ios-receipt-parser

源代码

安装次数: 22,891

依赖关系: 0

建议者: 0

安全: 0

星标: 2

关注者: 2

分支: 6

语言:HTML

v1.0.0 2020-09-01 19:18 UTC

Requires

Requires (Dev)

Suggests

  • symfony/process: To run OpenSSL in process to actually verify PKCS#7 container signatures

MIT 8368edfeac35275727871fc91d59fc71ef6a88ef

  • Denis Yuzhanin <cthulhu.den.woop@gmail.com>

This package is not auto-updated.

Last update: 2024-09-19 05:23:36 UTC

README

License: MIT GitHub tag (latest by date) GitHub issues GitHub pull requests GitHub branch checks state Continuous Integration

此库是从cthulhu/ios-receipt-parser分叉而来,并由Proton维护。

描述

此库可用于解析苹果账单收据,而无需调用苹果服务器。解析器是根据官方苹果文档构建的。更多信息可以在以下链接中找到

特别是当您使用最新的XCode功能来测试您的账单流程时,需要此解析器,因为使用此方法生成的收据是由您本地的专用证书签名的,不能通过苹果自己的服务器进行验证。在其他所有情况下,应强烈建议对所有收据进行苹果服务器的验证。

安装

您可以通过Composer安装此库

composer install protonlabs/ios-receipt-parser

用法

主要用例是解析由StoreKit本地生成的收据。无需验证签名。

<?php

use Proton\IosReceiptParser\InApp;
use Proton\IosReceiptParser\Parser;
use Proton\IosReceiptParser\Receipt;

include __DIR__ . '/vendor/autoload.php';

const RECEIPT = 'MIAGCSqGSIb3DQEHAqCAMIACAQExDzANBglghkgBZQMEAgEFADCABgkqhkiG9w0BBwGggCSABIIEpzGCBKMwDwIBAAIBAQQHDAVYY29kZTALAgEBAgEBBAMCAQAwIgIBAgIBAQQaDBhjaC5wcm90b25tYWlsLnByb3Rvbm1haWwwCwIBAwIBAQQDDAExMBACAQQCAQEECPh935cGAAAAMBwCAQUCAQEEFNlCV1TqeZ3Bfgoqvy7rh8P2E8ZSMAoCAQgCAQEEAhYAMB4CAQwCAQEEFhYUMjAyMi0wMS0wN1QxNDo1NDozNVowgaECARECAQEEgZgxgZUwDAICBqUCAQEEAwIBATAnAgIGpgIBAQQeDBxpb3NfcGx1c18xMl91c2Rfbm9uX3JlbmV3aW5nMAwCAganAgEBBAMMATMwHwICBqgCAQEEFhYUMjAyMi0wMS0wN1QxMjowMDozMVowDAICBqkCAQEEAwwBMzAfAgIGqgIBAQQWFhQyMDIyLTAxLTA3VDEyOjAwOjMxWjCBoQIBEQIBAQSBmDGBlTAMAgIGpQIBAQQDAgEBMCcCAgamAgEBBB4MHGlvc19wbHVzXzEyX3VzZF9ub25fcmVuZXdpbmcwDAICBqcCAQEEAwwBMTAfAgIGqAIBAQQWFhQyMDIyLTAxLTA3VDEwOjUwOjIxWjAMAgIGqQIBAQQDDAExMB8CAgaqAgEBBBYWFDIwMjItMDEtMDdUMTA6NTA6MjFaMIGhAgERAgEBBIGYMYGVMAwCAgalAgEBBAMCAQEwJwICBqYCAQEEHgwcaW9zX3BsdXNfMTJfdXNkX25vbl9yZW5ld2luZzAMAgIGpwIBAQQDDAE1MB8CAgaoAgEBBBYWFDIwMjItMDEtMDdUMTQ6NTQ6MzVaMAwCAgapAgEBBAMMATUwHwICBqoCAQEEFhYUMjAyMi0wMS0wN1QxNDo1NDozNVowgaECARECAQEEgZgxgZUwDAICBqUCAQEEAwIBATAnAgIGpgIBAQQeDBxpb3NfcGx1c18xMl91c2Rfbm9uX3JlbmV3aW5nMAwCAganAgEBBAMMATAwHwICBqgCAQEEFhYUMjAyMi0wMS0wN1QxMDo0NTo1NFowDAICBqkCAQEEAwwBMDAfAgIGqgIBAQQWFhQyMDIyLTAxLTA3VDEwOjQ1OjU0WjCBoQIBEQIBAQSBmDGBlTAMAgIGpQIBAQQDAgEBMCcCAgamAgEBBB4MHGlvc19wbHVzXzEyX3VzZF9ub25fcmVuZXdpbmcwDAICBqcCAQEEAwwBMjAfAgIGqAIBAQQWFhQyMDIyLTAxLTA3VDExOjU3OjM0WjAMAgIGqQIBAQQDDAEyMB8CAgaqAgEBBBYWFDIwMjItMDEtMDdUMTE6NTc6MzRaMIGhAgERAgEBBIGYMYGVMAwCAgalAgEBBAMCAQEwJwICBqYCAQEEHgwcaW9zX3BsdXNfMTJfdXNkX25vbl9yZW5ld2luZzAMAgIGpwIBAQQDDAE0MB8CAgaoAgEBBBYWFDIwMjItMDEtMDdUMTI6MDU6MzhaMAwCAgapAgEBBAMMATQwHwICBqoCAQEEFhYUMjAyMi0wMS0wN1QxMjowNTozOFowHgIBFQIBAQQWFhQ0MDAxLTAxLTAxVDAwOjAwOjAwWgAAAAAAAKCCA3gwggN0MIICXKADAgECAgEBMA0GCSqGSIb3DQEBCwUAMF8xETAPBgNVBAMMCFN0b3JlS2l0MREwDwYDVQQKDAhTdG9yZUtpdDERMA8GA1UECwwIU3RvcmVLaXQxCzAJBgNVBAYTAlVTMRcwFQYJKoZIhvcNAQkBFghTdG9yZUtpdDAeFw0yMDA0MDExNzUyMzVaFw00MDAzMjcxNzUyMzVaMF8xETAPBgNVBAMMCFN0b3JlS2l0MREwDwYDVQQKDAhTdG9yZUtpdDERMA8GA1UECwwIU3RvcmVLaXQxCzAJBgNVBAYTAlVTMRcwFQYJKoZIhvcNAQkBFghTdG9yZUtpdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANt/kDwscw/blyZLk7sK+KEhPshh2STIXh91PtqT2zEakYC5v+UMyzy7DkRiJvoEKbZJ52/gG+YNaM0lbsN2CPVKC656dDzEqQuzz2IP+7S899uEXijrRw3x7Yus9Z+wCTijbnvLJlAKGuGJ0XJ2CzlMy09uwLNft5W6uahdSnSr729BpX4Jjbo9Pc1wV9jt79Xad8iTBBzvCYh4Zc6B8o1y5wcabiYS9zKxDbs4kGsGxPwN5ZVQzZHIuiX0WMmM4XHbSkXzLRmWA1aBpkTudXdbU894rF26Pl9QK1wpjN3C1yoX3yK01+R4qK+obafB2mgtZszPKQtQLOPC++ZfEsECAwEAAaM7MDkwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAoQwFgYDVR0lAQH/BAwwCgYIKwYBBQUHAwMwDQYJKoZIhvcNAQELBQADggEBALIA4Dzx6OlivcDWHUCeV7k4kHd2UtKoS3BuuGeZ+7OKVZ/vHSi4XyrRc581Rze7RtN2EPLwaezNYplx+WCKhEg4xL2LZyW5q2wzZa3Ywpp4SA/pzMEnDcbPZDxtgFkzjMo2BioRG41Jzgj/ZsBHKEvrWsErCVYspaoJA3syMdzohXhIzsDFEhFqDwyuLwXKb3pkfyAsdeZMsRLT/eMfXg19uFjXoHzkf2Orl5orwyrY0LLh1VoNORtvZyipEoPWh3htmb1eswrgmM726sOObWnrt0CBPYc9cFHRxF2Npdx/alga3mB2N1Ls/6wZXQwVL4oP9YnI1ysdHuwrkQWnPU8xggGPMIIBiwIBATBkMF8xETAPBgNVBAMMCFN0b3JlS2l0MREwDwYDVQQKDAhTdG9yZUtpdDERMA8GA1UECwwIU3RvcmVLaXQxCzAJBgNVBAYTAlVTMRcwFQYJKoZIhvcNAQkBFghTdG9yZUtpdAIBATANBglghkgBZQMEAgEFADANBgkqhkiG9w0BAQsFAASCAQBODolgK/UDq5CtCHtYErFR17HfGkv7IIX7IXs/+jJM3d1YCI4mkrKPqk4RMw0/HxdfrHc584xOCU78RYENnwytZfE1IYyimh0IvbCAd7M/Kt1wyFa0U8k3S/fXLsDdsm6llRHetnMPUwO67MaVtZEQP4bY0DOL9v2lWPG6cT7ZJDjEkjKxUGBrOzbCGOpgsWymMpbclwvNGfAeK0kZ3rY+hUsQOgb/dXNbsKMbptU2/4d9TgQ0HKON+MssQmhuWJ8Nl6SJq/vUIb/L/FFZ28A2Xcm0m80z0sjwtZngSuAaQPL7qtIMAscfPiR+zbLEfMySsiUJK2bx6+zlQyfn626YAAAAAAAA';

$receipt = (new Parser())->parseUnverified(RECEIPT);

// Just for documentation purpose
assert($receipt instanceof Receipt);

var_dump($receipt->getBundleId());

foreach ($receipt->getInApp() as $inApp) {
    // Just for documentation purpose
    assert($inApp instanceof InApp);

    var_dump("{$inApp->getQuantity()} x {$inApp->getProductIdentifier()}");
}

验证签名

可以通过向Parser传递OpenSslProcessPkcs7Reader(PKCS#7读取器)的实例来验证签名。目前仅实现了此类型的读取器,它要求您

  • 安装 symfony/process;
  • 在您的系统中安装openssl;
  • 将您的PHP配置设置为允许执行shell脚本。
<?php

use Proton\IosReceiptParser\ASN1\OpenSslProcessPkcs7Reader;
use Proton\IosReceiptParser\Parser;

include __DIR__ . '/vendor/autoload.php';

$parser = new Parser(new OpenSslProcessPkcs7Reader());

// certificates must be PEM-encoded x.509 certificates
$receipt = $parser->parseUsingOnlyTrustedCerts(RECEIPT, CERT_OR_PATH_TO_CERT, OTHER_CERT);

var_dump($receipt->getBundleId());

使用parseUsingOnlyTrustedCerts保证了PKCS#7中的签名已通过您提供的证书之一进行了验证。证书被认为是可信的(它们的签名不会被验证)。这意味着强烈建议只向此函数传递可信证书。

文档

请在此处查看库的文档这里

代码覆盖率

请在此处查看库的代码覆盖率这里

贡献

欢迎所有贡献。请在开始之前查看此页面

许可

项目许可证可在此处找到。