jen6/skadnetwork_postback_signature_verify_example.py

## skadnetwork_postback_signature_verify_example.py
# https://github.com/pyca/cryptography
from cryptography.hazmat.primitives import hashes, serialization
from cryptography.hazmat.primitives.asymmetric import ec
from base64 import b64decode

apple_pbkey = b64decode(
    "MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEWdp8GPcGqmhgzEFj9Z2nSpQVddayaPe4FMzqM9wib1+aHaaIzoHoLN9zW4K8y4SPykE3YVK3sVqW6Af0lfx3gg=="
)

data = {
    "version": "2.1",
    "ad-network-id": "com.example",
    "campaign-id": "42",
    "transaction-id": "6aafb7a5-0170-41b5-bbe4-fe71dedf1e28",
    "app-id": "525463029",
    "attribution-signature": "MEUCID6rbq3qt4GvFaAaynh5/LAcvn1d8CQTRhrZhLIxLKntAiEAo7IrvoMw6u2qDg6Tr5vIsEHXjlLkPlCOL0ojJcEh3Qw=",
    "redownload": "true",
    "source-app-id": "1234567891",
    "conversion-value": "20",
}

post_back_parameter = "\u2063".join(
    [
        data["version"],
        data["ad-network-id"],
        data["campaign-id"],
        data["app-id"],
        data["transaction-id"],
        data["redownload"],
        data["source-app-id"],
    ]
).encode("utf-8")


pbkey = serialization.load_der_public_key(apple_pbkey)
sig = b64decode(data["attribution-signature"])
pbkey.verify(
    sig, post_back_parameter, ec.ECDSA(hashes.SHA256())
)  # success with no exception


data["redownload"] = "false"
post_back_parameter = "\u2063".join(
    [
        data["version"],
        data["ad-network-id"],
        data["campaign-id"],
        data["app-id"],
        data["transaction-id"],
        data["redownload"],
        data["source-app-id"],
    ]
).encode("utf-8")
pbkey.verify(sig, post_back_parameter, ec.ECDSA(hashes.SHA256())) #fail with exception. verify successed
	# https://github.com/pyca/cryptography
	from cryptography.hazmat.primitives import hashes, serialization
	from cryptography.hazmat.primitives.asymmetric import ec
	from base64 import b64decode

	apple_pbkey = b64decode(
	"MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEWdp8GPcGqmhgzEFj9Z2nSpQVddayaPe4FMzqM9wib1+aHaaIzoHoLN9zW4K8y4SPykE3YVK3sVqW6Af0lfx3gg=="
	)

	data = {
	"version": "2.1",
	"ad-network-id": "com.example",
	"campaign-id": "42",
	"transaction-id": "6aafb7a5-0170-41b5-bbe4-fe71dedf1e28",
	"app-id": "525463029",
	"attribution-signature": "MEUCID6rbq3qt4GvFaAaynh5/LAcvn1d8CQTRhrZhLIxLKntAiEAo7IrvoMw6u2qDg6Tr5vIsEHXjlLkPlCOL0ojJcEh3Qw=",
	"redownload": "true",
	"source-app-id": "1234567891",
	"conversion-value": "20",
	}

	post_back_parameter = "\u2063".join(
	[
	data["version"],
	data["ad-network-id"],
	data["campaign-id"],
	data["app-id"],
	data["transaction-id"],
	data["redownload"],
	data["source-app-id"],
	]
	).encode("utf-8")


	pbkey = serialization.load_der_public_key(apple_pbkey)
	sig = b64decode(data["attribution-signature"])
	pbkey.verify(
	sig, post_back_parameter, ec.ECDSA(hashes.SHA256())
	) # success with no exception


	data["redownload"] = "false"
	post_back_parameter = "\u2063".join(
	[
	data["version"],
	data["ad-network-id"],
	data["campaign-id"],
	data["app-id"],
	data["transaction-id"],
	data["redownload"],
	data["source-app-id"],
	]
	).encode("utf-8")
	pbkey.verify(sig, post_back_parameter, ec.ECDSA(hashes.SHA256())) #fail with exception. verify successed