Sometimes, when a person makes a purchase on an android device via IAB, the signature that the client sends back to the server cannot be decoded with base64 due to an exception of the TypeError: Incorrect padding type.
The server code looks like this, where the "signature" is transmitted to the server from our clients, who received the value from the IAB API:
signature_encoded = signature.encode() key = RSA.importKey(GOOGLE_PLAY_STORE_KEY_PEM) verifier = PKCS1_v1_5.new(key) signed_data_hash = SHA.new(signed_data)
The length of the string "signature" must be divisible by 4, but sometimes they enter with a length of 342 and give this filling error.
I tried to add "==" to the end, and this raises us around an exception, but the result is invalid compared to "signed_data_hash" (i.e. verifier.verify (signed_data_hash, signature_decoded) returns False).
I donβt think itβs a hacking attempt, as the customer logs we see show that they go through our shopping stream.
Any help here would be greatly appreciated! Thank you
python android in-app-billing
user701632
source share