How to verify GKLocalPlayer on third party server .net core

Question

I have the followinf code for verification of GKLocalPlayer:

var cert = await GetCertificate(gameCenter.PublicKeyURL);
if (cert.Verify())
{
    var rsa = cert.GetRSAPublicKey();
    if (rsa != null)
    {
        var sha256 = new SHA256Managed();
        var sig = ConcatSignature(gameCenter.PlayerID, gameCenter.BundleID, gameCenter.TimeStamp, gameCenter.Salt);

        var hash = sha256.ComputeHash(sig);
        if (rsa.VerifyHash(hash, Convert.FromBase64String(gameCenter.Signature), HashAlgorithmName.SHA256, RSASignaturePadding.Pkcs1))
        {
            return true;
        }
        return false;
    }
}

private async Task<X509Certificate2> GetCertificate(string url)
{
    var client = new HttpClient();
    var response = await client.GetAsync(url);
    var rawData = await response.Content.ReadAsByteArrayAsync();
    return new X509Certificate2(rawData);
}

private byte[] ConcatSignature(string playerId, string bundleId, string timestamp, string salt)
{
    var b = Convert.FromBase64String(salt);

    var data = new List<byte>();
    data.AddRange(Encoding.UTF8.GetBytes(playerId));
    data.AddRange(Encoding.UTF8.GetBytes(bundleId));
    data.AddRange(ToBigEndian(Convert.ToUInt64(timestamp)));
    data.AddRange(Convert.FromBase64String(salt));
    return data.ToArray();
}

private static byte[] ToBigEndian(ulong value)
{
    var buffer = new byte[8];
    for (int i = 0; i < 8; i++)
    {
        buffer[7 - i] = unchecked((byte)(value & 0xff));
        value = value >> 8;
    }
    return buffer;
}

but this always returns false, when I am trying to verify the accurate GameCenter. I browsed through all the comments, but I cannot find anything posted specifically for .net Core and GKLocalPlayer verification.

Answer 1

Your code worked for me. Note it will fail if you not testing it on a device (as the data is time sensitive)