android


Android In-App Billing : Security.java says “Signature Verification Failed”


I have implemented a test app with Android's In-App Billing. I have filled in my Public Key in the Security.java file. Everything works, but when I submit the payment, the app crashes. I receive an error in LogCat that says "Signature Verification Failed", which corresponds to this bit of code:
if (!sig.verify(Base64.decode(signature))) {
Log.e(TAG, "Signature verification failed.");
return false;
}
If I change that bit to return true instead of return false, then everything works properly - I can submit payment and safely return to the app - but I am assuming that something else is wrong, since I probably should change that to return true.
Any ideas about what could be causing this?
That signature verification error can be caused by:
1.- A wrong public key. Maybe you've forgotten to copy some character. It happens :)
2.- The .apk must be signed. You can't use the debug.keystore, if you do your signature string will be empty.
And remember, for testing In-app billing:
Add Android Market public key to Security.java (String base64EncodedPublicKey = "your public key here")
Build in release mode and sign it (If you are using Eclipse, you can use the Export Wizard).
Upload the release version to Android Market, do not publish it, and create the product list.
Install the application onto your device ( adb -d install myapp.apk ) and make a test account primary on your device.
In my case there was a well hidden problem.
When I first set up in-app billing I tried static responses and bought android.test.purchased item. When I switched to production items and tried to query the inventory, that fake product caused all my troubles.
So, in this case, the solution was to remove the fake product from my owned item.
Just add in the IABHelper.java file this snippet:
Purchase p = new Purchase(itemType, purchaseData, signature);
try {
consume(p);
} catch (IabException e) {
e.printStackTrace();
}
in the else statement of the method having this signature:
int queryPurchases(Inventory inv, String itemType) throws JSONException, RemoteException
Once cleaned up your own items, revert back to the original the helper java file.
Of course, this is only for development phase.
In my case, I pasted a wrong public key which has a same prefix and suffix. Just make 100% sure that it's correct.

Related Links

Debugging Android over WiFi without first authorizing over USB?
How to login a site if it has username and password with HttpURLConnection
android wear-debug.apk shows parsing error
error in eclipse when creating Android project
Images set from Assets get resized/rescalled?
Cannot implement list view with only ImageView and no TextView
How to multiple record audio in outfile and show list view?
how to handle list item widget from outside Adapter
How to display Song Duration
Android disable navigationDrawer transparent
Calculating many distances between cities
Python framework choice
align three children left, right and center within LinearLayout
How to use onSaveInstanceState() for Fragments
Disable onScreen keyboard to a particular EditText in Android
Implementing OnFragmentInteractionListener in Tabbed Activity w/ ViewPager

Categories

HOME
service-worker
xml
design-patterns
linkedin
forms
nvd3.js
yahoo-finance
components
composite-primary-key
tivoli
mips
hugo
pkcs#11
p2p
little-proxy
mod-security
ycsb
dynatrace
gource
symfony-2.8
mvc-mini-profiler
mathprog
shortest-path
sse
sigma.js
googlebot
babel
ios10.2
imageresizer
jquery-callback
comparable
winpe
google-cast
panoramas
quickfixj
spring-security4
installshield-le
vue-chartjs
slacktextviewcontroller
python-pptx
graphhopper
diacritics
chef-solo
urlsession
vmware-fusion
skylink
parser-generator
ssrs-2014
android-checkbox
berkeley-db-je
apache-spark-dataset
stylecop
dapper-simplecrud
httr
ntvs
sonarlint-eclipse
dotnet-httpclient
tf
arq
pair-programming
custom-font
context-sensitive-grammar
truezip
opengl-4
android-testing
sundials
rackspace-cloud
trigger.io
reachability
slackware
ziparchive
jodd
jclouds
yajsw
false-sharing
exim4
highland.js
roadkill-wiki
.bash-profile
mod-proxy
uncompress
liquid-layout
botan
omnifaces
git-ftp
teaspoon
genymotion-call
universal-image-loader
create.js
jqmodal
ray
dsym
multitasking
accesscontrolexception
ecslidingviewcontroller
bin
observium
cnf
ui-select2
stacky
booksleeve
web-notifications
iboutlet
rmdir
umra
objective-j
load-time
addchild
asynchronous-wcf-call
linfu-dynamicproxy
firefox-3
business-model
pbcopy

Resources

Encrypt Message