如何使用c#验证安装验证回发SKAdnetwork?

编程问答 2022-08-14

问题描述

按照文档要求完成此操作: https://developer.apple.com/documentation/storekit/skadnetwork/verifying_an_install_validation_postback

对照您根据参数创建的UTF-8字符串,从归因签名参数中验证Apple的签名值。使用苹果的公钥和使用椭圆曲线数字签名算法(ECDSA)的SHA256哈希。

在回发中,我们收到了这个测试Json:

{
 "version" : "2.0","ad-network-id" : "com.example","campaign-id" : 42,"transaction-id" : "6aafb7a5-0170-41b5-bbe4-fe71dedf1e28","app-id" : 525463029,"attribution-signature" : "MDYCGQCsQ4y8d4BlYU9b8Qb9BPWPi+ixk\/OiRysCGQDZZ8fpJnuqs9my8iSQVbJO\/oU1AXUROYU="
 "redownload": 1,"source-app-id": 1234567891
 "conversion-value": 20
}

然后苹果提供此公钥:

MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEMyHD625uvsmGq4C43cQ9BnfN2xslVT5V1nOmAMP6qaRRUll3PB1JYmgSm+62sosG

我们正在尝试验证签名,但是我们仍然有一个例外:System.Security.Cryptography.CryptographicException:'该参数不正确”。

    static void Main(string[] args)
    {
        string publickey = "MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEMyHD625uvsmGq4C43cQ9BnfN2xslVT5V1nOmAMP6qaRRUll3PB1JYmgSm+62sosG";
        var attribution_signature = "MDYCGQCsQ4y8d4BlYU9b8Qb9BPWPi+ixk/OiRysCGQDZZ8fpJnuqs9my8iSQVbJO/oU1AXUROYU=";
        string pars = getParamsSignature("2.0","com.example","42","525463029","6aafb7a5-0170-41b5-bbe4-fe71dedf1e28","1","1234567891");

        VerifySignature(publickey,attribution_signature,pars);

    }


    // https://stackoverflow.com/questions/59078889/ecdsa-verify-signature-in-c-sharp-using-public-key-and-signature-from-java
    //0x30|b1|0x02|b2|r|0x02|b3|s
    // b1 = Length of remaining data
    //  b2 = Length of r
    //b3 = Length of s
    static void VerifySignature(string publicKey,string signature,string paramss)
    {
        byte[] publicKeyBytes = Convert.FromBase64String(publicKey);

        var signatureBytes = Convert.FromBase64String(signature); //30 49 30 13 06072a8648ce3d020106082a8648ce3d030101 03 32 00043321c3eb6e6ebec986ab80b8ddc43d0677cddb1b25553e55d673a600c3faa9a4515259773c1d496268129beeb6b28b06

        var data = Encoding.UTF8.GetBytes(paramss);

        var key = asn1_to_rs(publicKeyBytes);// "06072a8648ce3d020106082a8648ce3d03010100043321c3eb6e6ebec986ab80b8ddc43d0677cddb1b25553e55d673a600c3faa9a4515259773c1d496268129beeb6b28b06";


        CngKey cngKey = CngKey.Import(key,CngKeyBlobFormat.EccpublicBlob);
        ECDsaCng eCDsaCng = new ECDsaCng(cngKey);

        bool result = eCDsaCng.VerifyData(data,signatureBytes); 

    }

    static byte[] asn1_to_rs(byte[] asn)
    {

        var b1 = asn[1];
        var b2 = asn[3]; //  b2 = Length of r

        var r = asn.Skip(4).Take(b2);

        var b3 = asn[r.Count()];

        var s = asn.Skip(4 + b2 + 4).Take(b3);

        return r.Concat(s).ToArray();
    }

    static string getParamsSignature(string version,string ad_network_id,string campaign_id,string app_id,string transaction_id,string redownload,string source_app_id)
    {
        return (version + '\u2063' + ad_network_id + '\u2063' + campaign_id + '\u2063' + app_id + '\u2063' + transaction_id + '\u2063' + redownload + '\u2063' + source_app_id);
    }

解决方法

Apple says将重新下载值的“ 1”替换为“ true”。

重新下载注意:请使用字符串“ true”或“ false”来表示 redownload参数的布尔值。

c#c#ios14skadnetwork