By Laurent Etiemble
Open the Mac App Store to buy and download apps.
Receigen is a smart code generator for App Store receipt validation (both receipt and InApp purchase). The generated code is ready-to-integrate, pure C, fully debuggable and integrates various protection mechanisms to harden the reverse engineering. It also nicely integrates with Xcode for a streamlined build process.
Here are the key points:
- Receigen can generate receipt validation code for OS X and iOS platforms.
- Receigen features a fast and smart code generator; every time the code is generated, it is different in order to defeat binary pattern detection.
- The generated code allows to access all the receipt properties.
- The generated code is compatible with ARC (Automatic Reference Counting).
- The binary code produced is obfuscated by integrating various mechanisms like string and constant obfuscation, non-predictable branching, non-explicit function calls, dead-code, etc.
- Receigen can also be invoked on the command line so it integrates inside a Xcode build process.
Check out the Receigen website for documentation, tutorial and support.
If you want to provide translations for Receigen, please contact me.
What's New in Version 3.4.0
In this release:
- [Code] Remove the infamous DEBUG definition
- [Code] Fix date parsing to avoid shifted date
- [Code] Use C99 varadic macros instead of GNU ones
- [Code] Goodbye to ASCII art
- [Code] Add a check on expiration date to support Volume Purchase Program
- [Code] Add ability to have a loose identifier check
- [Code] Add ability to make entitlement check optional
- [Code] Add logs to exit points
- [UI] Default failure behavior for iOS is now DoNothing.
Works well with Xcode 7
The application has not been updated for a long time, and the negative review below further increased my doubt whether I should buy this incredibly useful tool. But yesterday I did anyway, because I realized that that negative review is actually the result of a user error. And indeed it is. The tool works just fine on Xcode 7.1 on El Capitan. There’s no need to replace any imports at all. Just configure your project right regarding the include files.
I would have given it 5 stars if it had not been for the lack of updates. I obviously wouldn’t be too happy if, say, 4.0 comes out tomorrow, but then again I believe it would be wise for the developer to continue to add more obfuscation to the output, as well as finding a way to obfuscate the openssl source itself.
Easiest way to handle this and reduce piracy
I thought receipt validation would be too complex, so I skipped it in v1.0 of my app. After seeing a bunch of piracy I bought Receigen and used it for our next release. So far, it hasn't been cracked. I waited to leave this review to ensure it didn't cause any issues, and so far after 2 updates, it's been great. Great app, and actually has saved us money (as our app uses a premium data provider that charges us). Thank you!
So many angry customers
I didn’t want to roll my own solution for receipt validation, so this looked tempting. I’m relying on it to grandfather features to users that previously bought my app.
2.0, 2.0.1, and 2.0.2 of my app all have shipped with failing receipt validation, each with a frantic 7-day turnaround to resubmit and see it fail again. Everything looks good, and the developer is stumped on why it’s failing.
For such a mission critical app the developer is very slow to respond. Trying to be helpful, but a 4-day turnaround when I have customers emailing me that they think they have to pay again for features is terrible.