dzeikei
/ verify_receipt.sh
Last active
November 24, 2020 10:36
Verify Google Play In-app billing receipt in command line using OpenSSL
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Convert base64 string from Google to a pem file | |
| openssl enc -base64 -d -in publickey.base64 -A | openssl rsa -inform DER -pubin > public.pem | |
| # Decode base64 signature to binary | |
| openssl base64 -d -A -in signature.txt -out signature.sha1 | |
| # Verify signature | |
| openssl dgst -sha1 -verify public.pem -signature signature.sha1 receipt.json |
rob-murray
/ commands.txt
Last active
November 24, 2020 10:36
Testing Google Play In App Billing receipt validation.Commands to generate signature digest from receipt using private key; also validate signature using public key
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #1 Generate Public & Private Keypair | |
| #2 Create receipt.json - eg below - careful with line-endings, etc if line breaks | |
| #3 Create signature & Encode | |
| openssl dgst -binary -sha1 -sign private.pem receipt.json | openssl base64 > signature.txt | |
| #4 Verify using OpenSSL & public key | |
| openssl base64 -d -in signature.txt -out signature.sha1 | openssl dgst -sha1 -verify public.pem -signature signature.sha1 receipt.json | |