Receipt Validation fails on Catalyst, but works on iOS

I can easily verify the on device receipt hash using OpenSSL on iOS. However, it's failing on Catalyst.

The following code chunk works perfectly on iOS and has for several years. I reported this: FB7470452



- (BOOL)verifyReceiptHash

{


NSUUID *uuid = [UIDevice currentDevice].identifierForVendor;

unsigned char uuidBytes[16];

[uuid getUUIDBytes:uuidBytes];


NSMutableData *data = [NSMutableData data];

[data appendBytes:uuidBytes length:sizeof(uuidBytes)];

[data appendData:self.opaqueValue];

[data appendData:self.bundleIdentifierData];


NSMutableData *expectedHash = [NSMutableData dataWithLength:SHA_DIGEST_LENGTH]; //20

SHA1((const uint8_t*)data.bytes, data.length, (uint8_t*)expectedHash.mutableBytes);


return [expectedHash isEqualToData:self.receiptHash];

}


I'm not certain [UIDevice currentDevice].identifierForVendor is returning the correct UUID. Even when using a chunk of code to get the correct UUID (matches up in with system information), the verify still fails.


Is there something special about Catalyst?

Answered by gregm in 396333022

On the Mac you need to use the machine's mac address instead of the identifierForVendor as you do on iPhone/iPad. Take a look at:

https://developer.apple.com/library/archive/releasenotes/General/ValidateAppStoreReceipt/Chapters/ValidateLocally.html#//apple_ref/doc/uid/TP40010573-CH1-SW10


You can use the "copy_mac_address()" code on this page to replace the identifierForVendor when building up the expectedHash in the macCatalyst case.

Accepted Answer

On the Mac you need to use the machine's mac address instead of the identifierForVendor as you do on iPhone/iPad. Take a look at:

https://developer.apple.com/library/archive/releasenotes/General/ValidateAppStoreReceipt/Chapters/ValidateLocally.html#//apple_ref/doc/uid/TP40010573-CH1-SW10


You can use the "copy_mac_address()" code on this page to replace the identifierForVendor when building up the expectedHash in the macCatalyst case.

Receipt Validation fails on Catalyst, but works on iOS
 
 
Q