Apple receipt validation using Scala/Java -

-

I have a scanned back where I want to validate the in-app purchase receipt, without trusting the remote App Store service , Which offers additional delays and additional points of failure.

Therefore, I want to get locally accepted PKCS # 7 signature included in the receipt.

There are some documents on this topic on the link below the apple, but it has got some trouble trying to map the Java API - API API, and I have to map the Java security API.

Code entry from 1-4: 

  bio * b_p 7; / * PKCS # 7 Container (Receipt) * / PKCS 7 * P7; / * And production of verification. * / Bio * b_x50 9; / * Apple root certificate, raw * / X509 * apple; / * In the data and its OpenSSL representation * / / * Root certificate for chain off trust verification * / X509_STORE * store = X50 9_STORE_new (); To capture / * Receipt payload * / BIO * b_out = BIO_new (BIO_s_mem ()), start the B_out as output bio; / * Capture the contents of the receipt file. * / P7 = d2i_PKCS7_bio (b_p7, null); Apel = D2 E_X50 9_bO (b_x50 9, ft); Start the B_X50 9 as an input bio with the value of * * Apple * / X509_STORE_add_cert (store, apple); / * Root certificate and load it into X509 data structure. * / / * Verify the signature if verification is correct, PKCS # 7 will be payed in / / * b_out and RC1 will be. * / Int RC = PKCS 7_verver (p7, tap, store, tap, b_out, 0);

I found some solutions online using different APIs (Oracle Security, Sun Security, Booming Castle) and different methods within the API, but none of them work Used to be.

One thing that confuses me is that some methods use signatures and unsigned content to check whether they match, but others (including Apple's code sample) sign On behalf of yourself, just using the certificate which signifies which approach is correct?

Can someone point me in the right direction (right library, tutorial, code sample etc)?

Thank you!


Comments

Post a Comment

Popular posts from this blog

apache - 504 Gateway Time-out The server didn't respond in time. How to fix it? -

-
Using a form submission on an embedded iframe , the customer downloads a compressed log file Requested. The request was sent to the server, which is the compressed log files, perform some database operations and returns a compressed file. After just 2 minutes, 504 gateway time-out server did not respond timely message on browser net panel How to fix this error? The log files were taking a long time to compress, and timeout was set to 2min The error was fixed by extending the file file: # # timeout: The number of seconds before getting the time out. # # # Timeout 120 timeout 600
Read more

c# - .net WebSocket: CloseOutputAsync vs CloseAsync -

-
We have a working ASP.NET Web API REST service, which is one of the methods of our controller, HTTPTTEX. .) Socket handler code looks something like this ... Public async task socket handler (AspNetWebSocketContext context) {_webSocket = context.WebSocket; ... while (! Cts.IsCancellationRequested) {WebSocketReceiveResult Results = _webSocket.ReceiveAsync (Input Segment, cts.Token) .Result; WebSocketsStateCollusocketState = _webSocket.State; If (result.MessageType == WebSocketMessageType.Close || currentSocketState == WebSocketState.CloseReceived) {// What should I use. CloseAysnc () or. CloseOutputAsync ()? _webSocket.CloseOutputAsync (WebSocketCloseStatus.NormalClosure, "Client Requested", cts.Token). Wait (); } If (currentSocketState == WebSocketState.Open) {...}}} .What is the difference between .CooseAsync () and CloseOutputAysnc ()? I tried both of them and they both seemed to work fine but some difference should be the same they both describe very similar to...
Read more

c++ - How to properly scale qgroupbox title with stylesheet for high resolution display? -

-
I am trying to apply a stylesheet for QGroupBox (QT4.8), which works on the normal screen ( 96 dpi) high resolution screen (Yoga 2 Pro, 3200x1800, 275 dpi, windows 8.1). The following style looks good on the 275 dpi screen, but the top margins on a regular 96 dpi screen are far too big. QGroupBox {border: 1px solid red; Range radius: 7px; Margin-top: 12x; } QGroupBox :: Title {subcontrol-origin: margin; Subcontrol-position: left above; Padding-left: 10px; Padding-right: 10px; } Changing the top-margin has an effect, but I did not get a proper setting which works on both screens. If I shorten the value, the content of the group box overlaps with the title on 275 dpi screen. I was also playing with units "East", "PX", "MX", "PT". Reading the document I would have guessed, "2 X" was the correct solution, which should be scaled with different screen resolutions. Without the stylesheet, the groupbox works well on both screens. ...
Read more