Post not yet marked as solved
Post marked as unsolved with 3 replies, 2,227 views
is I am trying to do this https://developer.apple.com/documentation/storekit/in-app_purchase/generating_a_signature_for_subscription_offers in PHP.I don't have any error on the generation of the signature but on the client side we get a "SKErrorInvalidSignature" error.I am wondering if I did the signature generation properly. It's really specific to PHP but maybe someone can help:public function generateSubscriptionOfferSignature($productIdentifier, $offerIdentifier)
{
$nonce = strtolower(Uuid::uuid1()->toString());
$timestamp = time() * 1000;
$applicationUsername = '';
$separator = json_decode('"\u2063"');
$unsignedSignature = implode(
$separator,
[
$this->appBundleID,
$this->keyIdentifier,
$productIdentifier,
$offerIdentifier,
$applicationUsername,
$nonce,
$timestamp
]
);
$signature = null;
openssl_sign(
$unsignedSignature,
$signature,
openssl_get_privatekey('file://' . $this->itunesPrivateKeyPath),
OPENSSL_ALGO_SHA256
);
return new Signature(
base64_encode($signature),
$nonce,
$timestamp,
$this->keyIdentifier
);
}All the variable have been triple check and durint the implementation I got error on the openssl_sign and the openssl_get_privatekey now they do work.The only 2 things I can spot that could be a problem is:A. $separator = json_decode('"\u2063"'); Does not return the expected character.B.openssl_sign OPENSSL_ALGO_SHA256 does not qualify for (from the documentation):Sign the Combined StringSign the combined UTF-8 string with the following key and algorithm:The PKCS#8 private key (downloaded from App Store Connect) that corresponds to the keyIdentifier in the UTF-8 string.The Elliptic Curve Digital Signature Algorithm (ECDSA) with a SHA-256 hash.But maybe I miss something else ?