android in app billing purchase verification failed

StackOverflow https://stackoverflow.com/questions/19732025

Question

i' having trouble implementing in app billing in my android app. i'm getting a purchase signature verification failed. In a first time i tough it was the base64 key but i checked it many times and i'm still getting the error, then after i took a look at the Security.java file and i found this method which i edited for get some informations about what was wrong:

    public static boolean verifyPurchase(String base64PublicKey, String signedData, String signature) {
    if (TextUtils.isEmpty(signedData) || TextUtils.isEmpty(base64PublicKey) ||
            TextUtils.isEmpty(signature)) {
        if(TextUtils.isEmpty(signedData)) Log.d(TAG, "SIGNED DATA EMPTY");
        if(TextUtils.isEmpty(base64PublicKey)) Log.d(TAG, "KEY IS EMPTY");
        if(TextUtils.isEmpty(signature)) Log.d(TAG, "SIGNATURE IS EMPTY");
        Log.e(TAG, "Purchase verification failed: missing data.");
        return false;
    }

    PublicKey key = Security.generatePublicKey(base64PublicKey);
    return Security.verify(key, signedData, signature);
}

And i'm getting "signature is empty". Even after i follow the steps below: -Sign the apk with my release key -upload it as a draft -install it on a device with "adb -d install app.apk"

I'm testing with real purchases. Thanks.

Edit The purchase flow is fine, i get the error when i call queryInventoryAsync

Was it helpful?

Solution 2

Replace your verifyPurchase() method with below one. Use old code that given below, google developer are trying to solve this error in the near future but before they updated their code you should prefer below code. 

 public static boolean verifyPurchase(String base64PublicKey, String signedData, String signature) {
              if (signedData == null) {
                Log.e(TAG, "data is null");
                return false;
            }

            boolean verified = false;
            if (!TextUtils.isEmpty(signature)) {
                PublicKey key = Security.generatePublicKey(base64PublicKey);
                verified = Security.verify(key, signedData, signature);
                if (!verified) {
                    Log.w(TAG, "signature does not match data.");
                    return false;
                }
            }
            return true;
        }

check this link for more information:

In App billing not working after update - Google Store

Use try to replace OLD CODE method verifyPurchase() method in your project. But It should be only happens when you are trying to purchase test products. Let me know for the real products purchase also after using this code.

Edit:

Why it happens because we will not get any signature while we are using dummy product like "android.test.purchased". So in the old code it is working good because we were return true even if signature is not given and for the New code we are returning false.

more information about the signature data null or blank from link1 and link2

So I suggest you just replace old code method verifyPurchase() instead of New Code method.

I think may be New Code will work fine for the real product but not in the dummy product. But yet I have not tested for the real product.

or

use GvS's answer for the test purchases it also the good solution for the new code.

Hope it will solve your problem.

OTHER TIPS

You can use the test SKU's to do testing, as explained here. These are:

  • android.test.purchased
  • android.test.canceled
  • android.test.refunded
  • android.test.item_unavailable

These purchases will be successful (at least the android.test.purchased) even in test and debug scenario's, without the need to cancel the purchase.

In the verifyPurchase I changed return false to:

    Log.e(TAG, "Purchase verification failed: missing data.");
    if (BuildConfig.DEBUG) {
            return true;
    }
    return false;

but you should be aware to use this only in test scenario's.

This will return true, if you have a debug build, and the signature data is missing. Since the BuildConfig.DEBUG will be false in a production build this should be OK. But better is to remove this code after everything is debugged.

Make sure that you are logged in with the right user on your phone or e.g. add your phone's google account as a test user in the developer console.

http://developer.android.com/google/play/billing/billing_testing.html#billing-testing-static:

In some cases, the reserved items may return signed static responses, which lets you test signature verification in your application. The reserved items only return signed responses if the user running the application has a developer or test account.

set return value to true In 

public static boolean verifyPurchase(String base64PublicKey, String signedData, String signature) {
    return true;
}

after tesing undo the change

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top