game center就给出了下面几句验证的流程：
https://developer.apple.com/library/mac/documentation/GameKit/Referenc...:

下面是它的步骤：
1. Call [GKLocalPlayer generateIdentityVerificationSignatureWithCompletionHandler] in your app.(客户端调用此方法)

1. Send the publicKeyURL, signature, salt, and timestamp parameters to the third party server used for authentication.(拿到game center 返回的数据发送给服务端校验)

2. Use the publicKeyURL on the third party server to download the public key.(使用客户端提供的public key url下载公匙)

3. Verify with the appropriate signing authority that the public key is signed by Apple.(验证是否是苹果公司签名的公匙?)

4. Retrieve the player’s playerID and bundleID.(提取玩家的ID和App的BundleId.也是客户端提供)

5. Concatenate into a data buffer the following information, in the order listed:

   The playerID parameter in UTF-8 format

   The bundleID parameter in UTF-8 format

   The timestamp parameter in Big-Endian UInt-64 format

   The salt parameter

6. Generate a SHA-1 hash value for the buffer.(用上面的参数按照顺序SHA1生成hash值)

7. Using the public key downloaded in step 3, verify that the hash value generated in step 7 matches the signature parameter provided by the API.(用第三步下载的公匙和game center提供的signature验证第7步生成的hash值)

我根据这些文档写了下面的代码：

$playerID = 'G:869***86';
$bundleID = 'com.****.gcc';
$signature =base64_decode('q/rE6vsNyb0458HzYs0TCK/Cz88JmAqob8DM1uwkl5Y9AKrFfZQo/HRtilGlCKvek40PVKUelL0qLZ8M3IBNdV+HshyZVB/SOdo1M7UG1xcqlkRCMlNYLqdpQgpw6GrK3zw4QyyG1Znk2K0AqKN7eeBwcj7KsF2tCFGQpvu+pB+4hEXUYVLRRJ5ElG05/mOzH5oKfugBestANEwPBSheN1FIOFBPVcCbp/9P7HamB3Yi3+rzE1Kv8KIKM5iOi01pIAFMmSfPYjKzrSHGOkI4/KSItAIFq9jQv67YvZP1oCQRttD/K+XvtxbikX++jB4pmq4ctaCZXeFrW6gXxIRGsA==');
$timestamp = 1429756461745;
$salt = '/Mxf3w==';
$pubkeyid  = openssl_pkey_get_public(file_get_contents('gc-sb-2.crt'));

$data = sha1($playerID.$bundleID.$timestamp.$salt);

var_dump(openssl_verify($data,$signature,$pubkeyid,OPENSSL_ALGO_SHA1));
openssl_free_key($pubkeyid);

上面的证书文件是通过下面的网站转换成pem，php不支持对.cer操作。
https://www.google.com.tw/url?sa=t&rct=j&q=&esrc=s&sou...

总是验证失败，请求各位大神帮帮忙，指点一下。