Tighten Pro - App Store Receipt Validation and Security Code Generator
Mac OS Developer Tools
ANSI-C CODE GENERATOR FOR APP STORE RECEIPT VALIDATION AND SECURITY
"I had a look at the code generated by Tighten Pro, it's a nice piece of software. I don't really have any comments or enhancements, it's good code :)" - Graham Lee, www.securemacprogramming.com
Getting your Mac OS X App ready for the App Store is simple. Until you start thinking about verifying the store receipt, checking the certificate chain used to sign your application and checking the integrity of the application bundle. Implementing all of the WWDR recommendations for the App Store could take up to a month (that's the voice of experience speaking), even for experienced developers!
Tighten changes all that. With a built-in code generator that reads directly from your codesign app bundle, you can add a complete, robust App Store implementation to your own application in under 30 minutes. And since the code generator creates inlined customized security code, your app will be more secure than if you simply reused sample code from the internet. Include redundant unique security checks as a best practice.
This Pro version of Tighten includes a code generator that secures your receipt checking code with customized security checks based on your Developer certificates, your unique Xcode generated designated requirements, your app Bundle ID and the WWDR certificate signing "trust" chain.
Saves up to 30 days of work per-implementation and generates code unique to your app. Use it over and over again for all your little Apps. Reduce piracy, increase developer productivity, have plenty of time to watch this week's episode of Caprica or V.
Tighten's receipt validation implements all the recommended checks for App Store receipts, including:
• App Store receipt validation, inlined and with a unique binary footprint.
• Testing the code signature of the appilcation bundle.
• Testing SHA1 fingerprints of application signing chain.
• Testing SHA1 fingerprints of MASReceipt signing chain.
• Inlinable, secure validation of in-app purchases for redundant checks and code 'salting'.
• Custom security code unique to your Mac Developer identity.
• Create security requirements code without programming.
• Inspect application code signatures, security assessments and entitlements.
• Calculates SHA1 fingerprints of application signing certificate chain.
• Generates code for codesign requirement checks.
• Inspect App Store Receipts and verify values against your own receipt-checking code.
• Create 32/64-bit clean inline ANSI C (GCC) code for inclusion in .h .c, .m, .cpp and .mm files.
• Quickly review public symbols and strings without opening console.
+++ About +++
Gen Kiyooka is an imagineer of fun and useful things. His programming career started with Applesoft BASIC and 6502 assembly language in the early 80s. He bought a NeXT Dimension cube in 1994 and has been noodling with Objective-C ever since. His first developer product (now called Adobe RoboHelp) is the worldwide standard for help authoring. Tighten Pro is his first product aimed at increasing the productivity of Mac developers.
• Fixes for handling app bundles containing receipts signed with "Mac App Store Receipt Signing" certificate which expired on 2015.11.11
• Updated to verify receipts signed with "Mac App Store and iTunes Store Receipt Signing" certificate expires 2017.10.23 or 2023.02.07.
• Fixes for 10.8.5 and higher (exception thrown when App bundle opened).
• Light dusting and cleaning for (32/64) standard binary.