Starting with Receigen 3.0, the generated code requires OpenSSL. This page will explain you why and how to integrate OpenSSL.

A bit of history

From the beginning, Receigen has always used up-to-date code and functions and carefully avoided deprecated APIs, in order to stay fully functional across system upgrades. As the system-bundled OpenSSL shared library is deprecated (since OS X 10.7), Receigen was using the Security framework functions for the receipt parsing and for the cryptographic operations. Unfortunately, using the Security framework has lead to a serie of exploits by offering a way to attack validation code; long story short, the Security framework symbols are vulnerable to runtime injection/swap/swizzling. An attacker can make the application load a shared libraries that will replace some symbols and bypass the various validation checks. In order to prevent this kind of attacks , Receigen is now using a statically linked OpenSSL library for all its cryptographic operations.

Another major reason to switch to OpenSSL was that iOS does not offer enough API to parse and verify the receipt. OpenSSL is therefore the best candidate to provide a robust and cross-platform receipt validation code.

How to obtain OpenSSL ?

One particular aspect of the OpenSSL project, is that the binaries are not distributed; only the sources are available.

So far, you have the following options:

Download OpenSSL

If you don't have the time or the resources to build OpenSSL by your own, here is the latest build of the OpenSSL libraries:

The distribution includes the header files and the libcrypto and libssl static libraries, build as universal binaries for the i386, x86_64 architectures.

The distribution includes the header files and the libcrypto and libssl static libraries, build as universal binaries for the i386, x86_64, armv7, armv7s and arm64 architectures.

Building OpenSSL

If you prefer to build OpenSSL on your own, a build script is freely available.

Here is was the script does:

Integrating OpenSSL

The following guide covers the integration of OpenSSL with Xcode (if you are using another tool, you mileage may vary).