Tighten Pro - App Store Receipt Validation and Security Code Generator

Developer: Gen Kiyooka

Current Version: 1.0.13

Last Updated: 2 years ago

Download Size: 4.1 MB - Download

Description:

ANSI-C CODE GENERATOR FOR APP STORE RECEIPT VALIDATION AND SECURITY
"I had a look at the code generated by Tighten Pro, it's a nice piece of software. I don't really have any comments or enhancements, it's good code :)" - Graham Lee, www.securemacprogramming.com

Getting your Mac OS X App ready for the App Store is simple. Until you start thinking about verifying the store receipt, checking the certificate chain used to sign your application and checking the integrity of the application bundle. Implementing all of the WWDR recommendations for the App Store could take up to a month (that's the voice of experience speaking), even for experienced developers!

Tighten changes all that. With a built-in code generator that reads directly from your codesign app bundle, you can add a complete, robust App Store implementation to your own application in under 30 minutes. And since the code generator creates inlined customized security code, your app will be more secure than if you simply reused sample code from the internet. Include redundant unique security checks as a best practice.

This Pro version of Tighten includes a code generator that secures your receipt checking code with customized security checks based on your Developer certificates, your unique Xcode generated designated requirements, your app Bundle ID and the WWDR certificate signing "trust" chain.

Saves up to 30 days of work per-implementation and generates code unique to your app. Use it over and over again for all your little Apps. Reduce piracy, increase developer productivity, have plenty of time to watch this week's episode of Caprica or V.

Tighten's receipt validation implements all the recommended checks for App Store receipts, including:

• App Store receipt validation, inlined and with a unique binary footprint.
• Testing the code signature of the appilcation bundle.
• Testing SHA1 fingerprints of application signing chain.
• Testing SHA1 fingerprints of MASReceipt signing chain.
• Inlinable, secure validation of in-app purchases for redundant checks and code 'salting'.
• Custom security code unique to your Mac Developer identity.

More Goodies:
• Create security requirements code without programming.
• Inspect application code signatures, security assessments and entitlements.
• Calculates SHA1 fingerprints of application signing certificate chain.
• Generates code for codesign requirement checks.
• Inspect App Store Receipts and verify values against your own receipt-checking code.
• Create 32/64-bit clean inline ANSI C (GCC) code for inclusion in .h .c, .m, .cpp and .mm files.
• Quickly review public symbols and strings without opening console.

+++ About +++

Gen Kiyooka is an imagineer of fun and useful things. His programming career started with Applesoft BASIC and 6502 assembly language in the early 80s. He bought a NeXT Dimension cube in 1994 and has been noodling with Objective-C ever since. His first developer product (now called Adobe RoboHelp) is the worldwide standard for help authoring. Tighten Pro is his first product aimed at increasing the productivity of Mac developers.

SHOW MORE ...

Release Notes:

• Fixes for handling app bundles containing receipts signed with "Mac App Store Receipt Signing" certificate which expired on 2015.11.11
• Updated to verify receipts signed with "Mac App Store and iTunes Store Receipt Signing" certificate expires 2017.10.23 or 2023.02.07.
• Fixes for 10.8.5 and higher (exception thrown when App bundle opened).
• Light dusting and cleaning for (32/64) standard binary.

SHOW LESS ...

Most Helpful Reviews

5/5
Version 1.0.11
Review by barry2010

Better and Better - This app just keeps getting better and better. I've used it in the past to secure my App Store app and now it will provide information on my self-published apps as well. Stop wasting your time on writing your own security code. The price is irrelevant if you are publishing a 'pay for' app. It's seemless and it does everything it says. One less thing to worry about when developing an app. The developer is extremely responsive in providing assistance when necessary. This is the only app I've ever written two reviews on.

Found helpful by 1 out of 4 people
1/5
Version 1.0.11
Review by spotty287

Crashes when chossing bundle to sign! - Your app opens and then crashes immediately on OS X Yosemite when you try to chose a bundle to sign! Please fix as soon as possible. Thanks.

Found helpful by 2 out of 4 people

More Reviews for Current Version

1/5
Version 1.0.13
Review by fishingwoods

$300 down the drain - The new version crashes as soon as it loads an app bundle. Completely useless now.

Found helpful by 0 out of 0 people
SHOW MORE ...