1

I try generate signature with the below code to be used from mobile side in Apple store but the generated signature is invalid.

Apple Link: https://developer.apple.com/documentation/storekit/in-app_purchase/subscriptions_and_offers/generating_a_signature_for_promotional_offers

My Code:

            string appBundleID = ConfigurationManager.AppSettings["Apple:AppBundleId"];
            string keyIdentifier = ConfigurationManager.AppSettings["Apple:KeyId"];
            string privateKey = ConfigurationManager.AppSettings["Apple:PrivateKey"];

            var nonce = Guid.NewGuid().ToString().ToLower();
            var unixTimestamp = (long)DateTime.UtcNow.Subtract(new DateTime(1970, 1, 1)).TotalMilliseconds;
            string unsignedString = appBundleID + '\u2063' + keyIdentifier + '\u2063' + productIdentifier + '\u2063' + offerIdentifier + '\u2063' + applicationUsername + '\u2063' + nonce + '\u2063' + unixTimestamp;

            CngKey key = CngKey.Import(Convert.FromBase64String(privateKey), CngKeyBlobFormat.Pkcs8PrivateBlob);

            using (ECDsaCng dsa = new ECDsaCng(key))
            {
                dsa.HashAlgorithm = CngAlgorithm.Sha256;
                var unsignedData = Encoding.UTF8.GetBytes(unsignedString);
                var signature = dsa.SignData(unsignedData);
                if (dsa.VerifyData(unsignedData, signature))
                {
                    var signatureString = Convert.ToBase64String(signature);
                    return new IAPSignatureViewModel()
                    {
                        KeyIdentifier = keyIdentifier,
                        Nonce = nonce,
                        Signature = signatureString,
                        TimeStamp = unixTimestamp
                    };
                }

Example of the generated signature which is invalid be Apple Store: "EbnuPbJn0ht/xtRBN6jDZAIg1LfxPo+YMYg/PbNQEoASSbI/m1+SeOF/uD+HXm6Jv+Xbh/jbsyvxY3cfrSQNAQ=="

Appreciate your help.

adelahmed
  • 47
  • 5
  • The example signature you posted has the r|s format, while the linked instruction in the _Sign the Combined String_ chapter states that the signature should be specified in ASN.1 format (_The result should be a Digital Encoding Rules (DER)-formatted binary value, which is the signature_). For the differences between the two formats, see. [here](https://crypto.stackexchange.com/q/57731). Therefore the signature has to be converted (or directly generated in ASN.1 format, e.g. with BouncyCastle). – Topaco Mar 30 '21 at 18:28
  • @Topaco - minor nit-pick: __Distinguished__ Encoding Rules – garethTheRed Mar 30 '21 at 18:48
  • @garethTheRed - That's a quote from the linked article (though I admit I didn't notice the mistake). – Topaco Mar 30 '21 at 18:55

0 Answers0