Receigen is a smart code generator for App Store receipt validation (both receipt and InApp purchase). The generated code is ready-to-integrate, pure C, fully debuggable and integrates various protection mechanisms to harden the reverse engineering. It also nicely integrates with Xcode for a streamlined build process.
Here are the key points:
- Receigen can generate receipt validation code for OS X and iOS platforms.
- Receigen features a fast and smart code generator; every time the code is generated, it is different in order to defeat binary pattern detection.
- The generated code allows to access all the receipt properties.
- The generated code is compatible with ARC (Automatic Reference Counting).
- The binary code produced is obfuscated by integrating various mechanisms like string and constant obfuscation, non-predictable branching, non-explicit function calls, dead-code, etc.
- Receigen can also be invoked on the command line so it integrates inside a Xcode build process.
Check out the Receigen website for documentation, tutorial and support.
If you want to provide translations for Receigen, please contact me.
In this release:
- [Code] Remove the infamous DEBUG definition
- [Code] Fix date parsing to avoid shifted date
- [Code] Use C99 varadic macros instead of GNU ones
- [Code] Goodbye to ASCII art
- [Code] Add a check on expiration date to support Volume Purchase Program
- [Code] Add ability to have a loose identifier check
- [Code] Add ability to make entitlement check optional
- [Code] Add logs to exit points
- [UI] Default failure behavior for iOS is now DoNothing.
Ratings and Reviews
Works well with Xcode 7
The application has not been updated for a long time, and the negative review below further increased my doubt whether I should buy this incredibly useful tool. But yesterday I did anyway, because I realized that that negative review is actually the result of a user error. And indeed it is. The tool works just fine on Xcode 7.1 on El Capitan. There’s no need to replace any imports at all. Just configure your project right regarding the include files.
I would have given it 5 stars if it had not been for the lack of updates. I obviously wouldn’t be too happy if, say, 4.0 comes out tomorrow, but then again I believe it would be wise for the developer to continue to add more obfuscation to the output, as well as finding a way to obfuscate the openssl source itself.
Starting with Xcode 7 Apple has removed openssl. This caused Receigen to stop working. You can get your project to build by replacing all 222 instances of #import <openssl/headername> with #import “header name” to use the supplied headers. The problem is that the resulting app won’t work. It will fail to correctly verify the valid receipt added by the App Store, exiting with error 173. The proceedure at the Receigen site for testing receipt validation also doesn’t work.
The developer doesn’t respond to E-mail requests for help.
Untill this is fixed Don’t buy this App. This is a shame because this was such a huge time saver for developers.
So many angry customers
I didn’t want to roll my own solution for receipt validation, so this looked tempting. I’m relying on it to grandfather features to users that previously bought my app.
2.0, 2.0.1, and 2.0.2 of my app all have shipped with failing receipt validation, each with a frantic 7-day turnaround to resubmit and see it fail again. Everything looks good, and the developer is stumped on why it’s failing.
For such a mission critical app the developer is very slow to respond. Trying to be helpful, but a 4-day turnaround when I have customers emailing me that they think they have to pay again for features is terrible.
With Family Sharing set up, up to six family members can use this app.