Posts

Post not yet marked as solved
3 Replies
2.2k Views
is I am trying to do this https://developer.apple.com/documentation/storekit/in-app_purchase/generating_a_signature_for_subscription_offers in PHP.I don't have any error on the generation of the signature but on the client side we get a "SKErrorInvalidSignature" error.I am wondering if I did the signature generation properly. It's really specific to PHP but maybe someone can help:public function generateSubscriptionOfferSignature($productIdentifier, $offerIdentifier) { $nonce = strtolower(Uuid::uuid1()->toString()); $timestamp = time() * 1000; $applicationUsername = ''; $separator = json_decode('"\u2063"'); $unsignedSignature = implode( $separator, [ $this->appBundleID, $this->keyIdentifier, $productIdentifier, $offerIdentifier, $applicationUsername, $nonce, $timestamp ] ); $signature = null; openssl_sign( $unsignedSignature, $signature, openssl_get_privatekey('file://' . $this->itunesPrivateKeyPath), OPENSSL_ALGO_SHA256 ); return new Signature( base64_encode($signature), $nonce, $timestamp, $this->keyIdentifier ); }All the variable have been triple check and durint the implementation I got error on the openssl_sign and the openssl_get_privatekey now they do work.The only 2 things I can spot that could be a problem is:A. $separator = json_decode('"\u2063"'); Does not return the expected character.B.openssl_sign OPENSSL_ALGO_SHA256 does not qualify for (from the documentation):Sign the Combined StringSign the combined UTF-8 string with the following key and algorithm:The PKCS#8 private key (downloaded from App Store Connect) that corresponds to the keyIdentifier in the UTF-8 string.The Elliptic Curve Digital Signature Algorithm (ECDSA) with a SHA-256 hash.But maybe I miss something else ?
Posted
by mpoiriert.
Last updated
.