I have implemented expansion files and In-App Purchase in my app. And app published on beta channel.
While testing when i am downloading expansion files manually for testing below code giving me the error.
E/LicenseValidator: Signature verification failed.
String userId = null;
// Skip signature check for unsuccessful requests
ResponseData data = null;
Log.i(TAG, "verify responseCode : " + responseCode);
if (responseCode == LICENSED || responseCode == NOT_LICENSED ||
responseCode == LICENSED_OLD_KEY) {
// Verify signature.
Log.i(TAG, "verify signature : " + signature);
try {
Signature sig = Signature.getInstance(SIGNATURE_ALGORITHM);
sig.initVerify(publicKey);
sig.update(signedData.getBytes());
if (!sig.verify(Base64.decode(signature))) {
Log.e(TAG, "Signature verification failed.");
handleInvalidResponse();
return;
}
} catch (NoSuchAlgorithmException e) {
throw new RuntimeException(e);
} catch (InvalidKeyException e) {
handleApplicationError(LicenseCheckerCallback.ERROR_INVALID_PUBLIC_KEY);
return;
} catch (SignatureException e) {
throw new RuntimeException(e);
} catch (Base64DecoderException e) {
Log.e(TAG, "Could not Base64-decode signature.");
handleInvalidResponse();
return;
}
signature and signedData are not null or empty in response. And receiving responseCode equal to LICENSED
I have checked Base64 encoded public RSA key with Google play console key it is same. Code sig.verify(signatureBytes) always returning false.
Signature verification is also not working in In-App purchase with same app.
