From 2955acbdb94fed1d905ac3d9aca43595a2b1600f Mon Sep 17 00:00:00 2001
From: Christian Weiske <cweiske@cweiske.de>
Date: Sun, 26 Jan 2020 13:56:43 +0100
Subject: [PATCH] double encryption for purchase responses

---
 www/api/v1/games/purchase.php | 14 ++++++++++++--
 1 file changed, 12 insertions(+), 2 deletions(-)

diff --git a/www/api/v1/games/purchase.php b/www/api/v1/games/purchase.php
index 38e58d2..ef6531c 100644
--- a/www/api/v1/games/purchase.php
+++ b/www/api/v1/games/purchase.php
@@ -43,12 +43,22 @@ if ($product === null) {
 $payload = $product;
 $payload->uuid = $buyRequest->uuid;
 
-$enc = [
+//"god of blades" and "pinball arcade" want double-encrypted responses
+// muffin knights works with single encryption
+$enc1 = [
     'key'  => base64_encode('0123456789abcdef'),
     'iv'   => 't3jir1LHpICunvhlM76edQ==',//random bytes
     'blob' => base64_encode(
         json_encode($payload, JSON_PRETTY_PRINT | JSON_UNESCAPED_SLASHES)
     ),
 ];
-echo json_encode($enc, JSON_PRETTY_PRINT | JSON_UNESCAPED_SLASHES) . "\n";
+
+$enc2 = [
+    'key'  => base64_encode('0123456789abcdef'),
+    'iv'   => 't3jir1LHpICunvhlM76edQ==',//random bytes
+    'blob' => base64_encode(
+        json_encode($enc1, JSON_PRETTY_PRINT | JSON_UNESCAPED_SLASHES)
+    ),
+];
+echo json_encode($enc2, JSON_PRETTY_PRINT | JSON_UNESCAPED_SLASHES) . "\n";
 ?>
-- 
2.30.2