API tools faq
paste
Guest User

Untitled

a guest
Jul 18th, 2018
104
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 3.05 KB | None | 0 0
raw download clone embed print report
  1. // ====================
  2. // 1. If there is no receipt, verification fails.
  3. CFURLRef receiptURL = CFBundleCopyResourceURL(CFBundleGetMainBundle(), CFSTR("receipt"), NULL, CFSTR("_MASReceipt"));
  4. if(NULL == receiptURL)
  5. exit(173);
  6.  
  7. // ====================
  8. // 2. If the receipt is not properly signed by Apple, verification fails.
  9. CFDictionaryRef receiptDictionary = CreateDictionaryForAppStoreReceipt(receiptURL);
  10. if(NULL == receiptDictionary)
  11. exit(173);
  12.  
  13. // ====================
  14. // 3. If the bundle identifier in the receipt does not match the value for CFBundleIdentifier in the Info.plist file, verification fails.
  15. CFStringRef receiptBundleID = CFDictionaryGetValue(receiptDictionary, CFSTR(kReceiptBundleIdentifer));
  16. if(NULL == receiptBundleID)
  17. exit(173);
  18.  
  19. CFStringRef bundleID = CFBundleGetValueForInfoDictionaryKey(CFBundleGetMainBundle(), CFSTR("CFBundleIdentifier"));
  20. if(kCFCompareEqualTo != CFStringCompare(receiptBundleID, bundleID, (CFOptionFlags)0))
  21. exit(173);
  22.  
  23. // ====================
  24. // 4. If the version identifier string in the receipt does not match the value for CFBundleShortVersionString in the Info.plist file, verification fails.
  25. CFStringRef receiptVersionID = CFDictionaryGetValue(receiptDictionary, CFSTR(kReceiptVersion));
  26. if(NULL == receiptVersionID)
  27. exit(173);
  28.  
  29. CFStringRef bundleVersionID = CFBundleGetValueForInfoDictionaryKey(CFBundleGetMainBundle(), CFSTR("CFBundleShortVersionString"));
  30. if(kCFCompareEqualTo != CFStringCompare(receiptVersionID, bundleVersionID, (CFOptionFlags)0))
  31. exit(173);
  32.  
  33. // ====================
  34. // 5. Concatenate the bytes of the computer’s GUID, the opaque value (the attribute of type 4), and the bundle identifier from the receipt. Compute the SHA-1 hash. If the result does not match the hash in the receipt, verification fails.
  35. CFDataRef guid = CopyMachineGUID();
  36. CFDataRef receiptOpaqueValue = CFDictionaryGetValue(receiptDictionary, CFSTR(kReceiptOpaqueValue));
  37. CFDataRef receiptBundleIDData = CFStringCreateExternalRepresentation(kCFAllocatorDefault, receiptBundleID, kCFStringEncodingUTF8, (UInt8)0);
  38.  
  39. if(NULL == guid || NULL == receiptOpaqueValue || NULL == receiptBundleIDData)
  40. exit(173);
  41.  
  42. CC_SHA1_CTX sha1;
  43. CC_SHA1_Init(&sha1);
  44.  
  45. CC_SHA1_Update(&sha1, CFDataGetBytePtr(guid), (CC_LONG)CFDataGetLength(guid));
  46. CC_SHA1_Update(&sha1, CFDataGetBytePtr(receiptOpaqueValue), (CC_LONG)CFDataGetLength(receiptOpaqueValue));
  47. CC_SHA1_Update(&sha1, CFDataGetBytePtr(receiptBundleIDData), (CC_LONG)CFDataGetLength(receiptBundleIDData));
  48.  
  49. unsigned char sha1Digest [CC_SHA1_DIGEST_LENGTH];
  50. CC_SHA1_Final(sha1Digest, &sha1);
  51.  
  52. CFDataRef computedSHA1Hash = CFDataCreate(kCFAllocatorDefault, sha1Digest, (CFIndex)CC_SHA1_DIGEST_LENGTH);
  53.  
  54. CFDataRef receiptSHA1Hash = CFDictionaryGetValue(receiptDictionary, CFSTR(kReceiptHash));
  55. if(kCFCompareEqualTo != CFEqual(computedSHA1Hash, receiptSHA1Hash))
  56. exit(173);
  57.  
  58. // If all of the above checks pass, verification passes.
  59. CFRelease(computedSHA1Hash), computedSHA1Hash = NULL;
  60. CFRelease(receiptBundleIDData), receiptBundleIDData = NULL;
  61. CFRelease(guid), guid = NULL;
  62. CFRelease(receiptDictionary), receiptDictionary = NULL;
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!