Pregunta
I download AppleRootCertificate.cer and now I try to check if my in-app receipt certificate is valid (same as apples one).
I do it like apple present in his WWDS videos.
https://stackoverflow.com/questions/22716149
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
Russian BIO *b_receipt = BIO_new_mem_buf((void *)[receipt bytes], (long)[receipt length]);
BIO *b_x509 = BIO_new_mem_buf((void *)[certificateData bytes], (long)[certificateData length]);
// Convert receipt data to PKCS #7 Representation
PKCS7 * p7 = d2i_PKCS7_bio(b_receipt, NULL);
// Create the certificate store for matching white Apple cerif.
X509_STORE * store = X509_STORE_new();
X509 * appleRootCA = d2i_X509_bio(b_x509, NULL);
X509_STORE_add_cert(store, appleRootCA);
// Verify the Signature
BIO * b_receiptPayload = BIO_new(BIO_s_mem());
int result = PKCS7_verify(p7, NULL, store, NULL, b_receiptPayload, 0);
NSLog(@"Result == %i", result);
but the result is always 0 and not 1.
What do I do wrong?
Solución
As suggested by #noloader I print error whit ERR_get_error().
When I get : Error:0D0C50A1:lib(13):func(197):reason(161), I google it and discovered that I need to add this line above :
OpenSSL_add_all_algorithms();
This solve all my problem :D
