get "Could not verify message signature" error

Python version: 3.9.6

1. generated a public key (follow from: https://developers.google.com/pay/api/android/guides/resources/payment-data-cryptography#using-openssl)
2. public key put in my frontend code & put public key in Google Pay Developer Profile website
``` js
// frontend 
const tokenizationSpecification = {
  type: 'DIRECT',
  parameters: {
    protocolVersion: 'ECv2',
    publicKey:
      'BKskkqKpva07y2w5ysyEMbdFvJV68DgPwhyw6ZSKxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx',
  },
};
```
<img width="772" alt="pk" src="https://user-images.githubusercontent.com/68468916/212841410-07910e79-37ef-4bf0-bdca-b51c8ca7bbcb.png">

3. using this decryption code
``` python
from google_pay_token_decryption import GooglePayTokenDecryptor
# keyValue from google: https://payments.developers.google.com/paymentmethodtoken/test/keys.json
root_signing_keys = [
    {
        'keyValue':
        'MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEGnJ7Yo1sX9b4kr4Aa5uq58JRQfzD8bIJXw7WXaap/hVE+PnFxvjx4nVxt79SdRuUVeu++HZD0cGAv4IOznc96w==',
        'protocolVersion': 'ECv2',
        'keyExpiration': '2154841200000',
    }
]

# test env should be 12345678901234567890
recipient_id = "12345678901234567890"  

# use `openssl pkcs8 -topk8 -inform PEM -outform DER -in key.pem -nocrypt | base64 | paste -sd "\0" -` to generate private key
private_key = "MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgNbvxZtgmjZFNlFSIowv8L47xNNmXr9Zhnr+mmM/9WrWhRANCAASrJJKiqb2txxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
decryptor = GooglePayTokenDecryptor(
    root_signing_keys, recipient_id, private_key)

# my token when I finish a test payment
token = {
    "signature": "MEUCIFoTCvc6cOuP4rAQAmN+zSbKTjLd+HRDi9Mgi04iCESVAiEA4Tlu7cRaDRmXVnrdmAq1uNlVHsx2pT+plrvEZX2Pavw\u003d",
    "intermediateSigningKey": {
        "signedKey": "{\"keyValue\":\"MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAExb51gUkQj+H6Yhl8oVkvD8NdNf8JCkrhc+hYoIeUo/fZhyXg6KIiE8rPaFkUkRfFVvpxtkINEXOoN1jwK1JzGQ\\u003d\\u003d\",\"keyExpiration\":\"1674629723202\"}",
        "signatures": [
            "MEYCIQCL5p42NREkgGYmFyNtFFfDf+OUxa2bBdewpsn3F7AAnAIhAIHAXCMoApI9BrWbd91RdPdyRNH8uLf43S81G8AKiGk3"
        ]
    },
    "protocolVersion": "ECv2",
    "signedMessage": "{\"encryptedMessage\":\"vxHitmL4VXCaMmmkPo47DYEHXs3tQNSdGs22VhLiLZpNvp/F+hhFQiaxeL00SCEI4ekRoyVX2Y5mNwPZBMu0jkZP9Ajor83gvB6XEsjhl+YXPKMXLN0UcHR1siY2dOkzN7jtIeD1x7IBGyYg1THpx7xP0zq4v/Na50iqLsgNXsZONwz3SAgtgO/j2d5374JHNcBjthJNC0+OlaBRaUT3YwVxiQty9DCcI2XeyBL6lI1Ihoeif9HA6G3RnH5TxgQHookPuEWlC7W7CAluHCIxOaxTNZVCx76iMcnl5Q1VzaeHXmz6kvPiWrNAZIhxME80LmMogTYzIf8+yLge6RClK8baka5IB3Xw9eRMUL4kcVcNl0BQr54BuxtjKJzViK1Zk5W25PnWbQiul2OvE/yNa0yyAamXDE7+lWk/4LT3tVdWyQFWgwVMfvdCjOwHbscrjz3U2RFBioBJbzfib5v09LyegzFBhQ0e3MEkbPwBt3OlqufZCk1civfW9WXdcSNRYqfmmbh1g2l3xsdpVdNLpwhedTXQtpyx\",\"ephemeralPublicKey\":\"BAhbfkFsRDBPA+b/PeIpasKSWxd+oBgEYr9eBRDX20pvsasUq7B9jW5nJkTcIqu3CBhMRbNjUv0dkjK1acdwWzA\\u003d\",\"tag\":\"N75LIJ3m/ZNfLMliwFGMtSd2Vn2ghbGvJP/q5mrQXDM\\u003d\"}"}
decrypted_token = decryptor.decrypt_token(token)
print(decrypted_token)
```

it turn out I will get this error "raise GooglePayError("Could not verify message signature")"
do I miss something?

Thank you...!


Provide feedback

Saved searches

Use saved searches to filter your results more quickly

get "Could not verify message signature" error #5

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

get "Could not verify message signature" error #5

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions