3

In iOS 7, apps can read what is called the "Grand unified receipt" (WWDC 2013, presentation 308), which was previously only available on Mac OS X. It contains all the information about the user's purchase of the app, in-app purchases, and so on, and it is encrypted so that users cannot create fake ones. Apple has a tutorial on how to implement it, but it's not entirely clear where to get some of the data for.

In the tutorial, there is sample code:

/* The PKCS #7 container (the receipt) and the output of the verification. */
BIO *b_p7;
PKCS7 *p7;

/* The Apple root certificate, as raw data and in its OpenSSL representation. */
BIO *b_x509;
X509 *Apple;

/* The root certificate for chain-of-trust verification. */
X509_STORE *store = X509_STORE_new();

How is it possible we load these up on iOS? There is a Github project called "ValidateStoreReceipt" which has some sample code, but it's tailored for OS X. OSX has access to OpenSSL, while on iOS it's preferred to use the Security.h module. What's the best way to implement the "grand unified receipt"?

Jason
  • 14,517
  • 25
  • 92
  • 153

1 Answers1

1

OpenSSL is no longer supplied by Apple. In both iOS and OSX download the source and build OpenSSL.

Apple stated that the problem with them supplying OpenSSL was incompatibility between versions such that new versions were incompatible with older versions and this sometimes broke apps.

zaph
  • 111,848
  • 21
  • 189
  • 228