ADX Library
  • ADXLibrary
  • Android
    • Integrate
    • SDK Integration
      • Initialize
      • Ad Formats
        • Banner Ad
        • Interstitial Ad
        • Native Ad
        • Rewarded Ad
          • AD(X)
          • AdMob
      • Ad Error
      • Ad Revenue
        • Banner Ad
        • Interstitial Ad
        • Native Ad
        • Rewarded Ad
      • Sample Application
    • Targeting Android 12
    • Change log
  • iOS
    • Integrate
    • SDK Integration
      • Initialize
      • Ad Formats
        • Banner Ad
        • Interstitial Ad
        • Native Ad
        • Rewarded Ad
          • AD(X)
          • AdMob
      • Ad Error
      • Ad Revenue
        • Banner Ad
        • Interstitial Ad
        • Native Ad
        • Rewarded Ad
      • Sample Application
    • Supporting iOS 14+
      • App Tracking Transparency
      • SKAdNetwork ID List
    • Change log
  • Unity
    • Integrate
    • SDK Integration
      • Initialize
      • Ad Formats
        • Banner Ad
        • Interstitial Ad
        • Rewarded Ad
          • AD(X)
          • AdMob (ADX v2.4.0 미만)
          • AdMob (ADX v2.4.0 이상)
      • Ad Error
      • Ad Revenue
        • Banner Ad
        • Interstitial Ad
        • Rewarded Ad
      • Sample Application
    • Change log
  • Flutter
    • Integrate
    • SDK Integration
      • Initialize
      • Ad Formats
        • Banner Ad
        • Interstitial Ad
        • Rewarded Ad
      • Sample Application
    • Change log
  • Appendix
    • SSV Callback (Server-Side Verification)
    • UMP (User Messaging Platform)
Powered by GitBook
On this page
  • 서버에서 SSV 콜백 검증 과정
  • 1) Java Security 사용
  • 2) Tink Library 사용

Was this helpful?

  1. Appendix

SSV Callback (Server-Side Verification)

PreviousChange logNextUMP (User Messaging Platform)

Last updated 1 month ago

Was this helpful?

서버에서 SSV 콜백 검증 과정

  • SSV 콜백서버 등록시 서버로 아래와 같은 형태로 데이터가 들어오게 됩니다.

    • https://callback_url?adnetwork=sampleadnetwork&adunit=sampleAdUnitID&customdata=sampleCustomData&keyid=62031534a8bbd887dcca3d05&rewardamount=5&timestamp=1698114496119094000&transactionid=119065000_sampleAdUnitID_sampleMediationID&userid=sampleUserID&signature=MIGIAkIA4Urg1Hs7p9hLbZ-SLUemeluocwENpbiwxVmhEw9KtVGEcH6d7dRmIyAENHcTPDcPeJP_YVAG9YO6K3cw24jUpD0CQgEZKN68mjOytwG1-H4VgYs3QXRWOBHx3D3bqYaWJvQwQ52X-OxsIDcxSuDo_FyC1m2c7fxV7ybgNKLFmUuo7zN2qA==

    • 이때 query에서 signature와 나머지를 분리합니다

    • AD(X) 제공되는 를 통해 key 목록을 가져옵니다.

    • key 목록 중 query에 있던 keyid와 동일한 keyid를 가진 public key를 가져옵니다.

    • 해당 public key와 를 지원하는 library로 signature 검증을 합니다.

    • 이 과정은 과 비슷합니다.

    • 아래의 Java Security 또는 Tink Library 코드 샘플을 참고하여 진행해주세요.

1) Java Security 사용

import java.security.*;

public void verifyUsingJavaSecurityPackage() {
    String publicKeyBase64 = "MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQAfu3ar6/tvJwXvDDIl9pfU0lPomGC6rxi37zbc6SYDl4bo7CRhm/sx/0hjitWXCRZddlv7b6O301PR/SZ9WVHpmgAcWeBxfAmEk7t4tyo1qStUYOApy4VZLaVsAnqklLhaM9qZp+79ck2UMxxD/QkClrTlxR+b/Sz42tD+Tv7YbvNZZs=";

    String signatureBase64 = "MIGIAkIA4Urg1Hs7p9hLbZ-SLUemeluocwENpbiwxVmhEw9KtVGEcH6d7dRmIyAENHcTPDcPeJP_YVAG9YO6K3cw24jUpD0CQgEZKN68mjOytwG1-H4VgYs3QXRWOBHx3D3bqYaWJvQwQ52X-OxsIDcxSuDo_FyC1m2c7fxV7ybgNKLFmUuo7zN2qA==";
    String dataToVerify = "adnetwork=sampleadnetwork&adunit=sampleAdUnitID&customdata=sampleCustomData&keyid=62031534a8bbd887dcca3d05&rewardamount=5&timestamp=1698114496119094000&transactionid=119065000_sampleAdUnitID_sampleMediationID&userid=sampleUserID";

    try {
        // Create a public key from the encoded bytes
        KeyFactory keyFactory = KeyFactory.getInstance("EC");
        X509EncodedKeySpec publicKeySpec = new X509EncodedKeySpec(Base64.getDecoder().decode(publicKeyBase64));
        PublicKey publicKey = keyFactory.generatePublic(publicKeySpec);

        // Initialize the Signature object for ECDSA
        Signature ecdsa = Signature.getInstance("SHA256withECDSA");
        ecdsa.initVerify(publicKey);

        // Update the Signature object with the data
        ecdsa.update(dataToVerify.getBytes("UTF-8"));

        // Verify the signature
        boolean isVerified = ecdsa.verify(Base64.getUrlDecoder().decode(signatureBase64));

        if (isVerified) {
            System.out.println("Signature is verified.");
        } else {
            System.out.println("Signature verification failed.");
        }
    } catch (Exception e) {
        System.out.println("e:" + e.toString());
    }
}

2) Tink Library 사용

public void verifyUsingGoogleTinkLibrary() {
    String publicKeyBase64 = "MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQAfu3ar6/tvJwXvDDIl9pfU0lPomGC6rxi37zbc6SYDl4bo7CRhm/sx/0hjitWXCRZddlv7b6O301PR/SZ9WVHpmgAcWeBxfAmEk7t4tyo1qStUYOApy4VZLaVsAnqklLhaM9qZp+79ck2UMxxD/QkClrTlxR+b/Sz42tD+Tv7YbvNZZs=";

    String signatureBase64 = "MIGIAkIA4Urg1Hs7p9hLbZ-SLUemeluocwENpbiwxVmhEw9KtVGEcH6d7dRmIyAENHcTPDcPeJP_YVAG9YO6K3cw24jUpD0CQgEZKN68mjOytwG1-H4VgYs3QXRWOBHx3D3bqYaWJvQwQ52X-OxsIDcxSuDo_FyC1m2c7fxV7ybgNKLFmUuo7zN2qA==";
    String dataToVerify = "adnetwork=sampleadnetwork&adunit=sampleAdUnitID&customdata=sampleCustomData&keyid=62031534a8bbd887dcca3d05&rewardamount=5&timestamp=1698114496119094000&transactionid=119065000_sampleAdUnitID_sampleMediationID&userid=sampleUserID";

    try {
        ECPublicKey publicKey = EllipticCurves.getEcPublicKey(Base64.getDecoder().decode(publicKeyBase64));
        EcdsaVerifyJce verifier = new EcdsaVerifyJce(publicKey, Enums.HashType.SHA256, EllipticCurves.EcdsaEncoding.DER);
        verifier.verify(Base64.getUrlDecoder().decode(signatureBase64), dataToVerify.getBytes("UTF-8"));
    } catch (Exception e) {
        System.out.println("e:" + e.toString());
    }
}
공개키
ECDSA
애드몹 SSV 서버 검증