letiemble · October 6, 2015 09:38
diff --git a/receigen_dump.sh b/receigen_dump.sh
 #!/bin/bash

 #
 # Copyright (c) 2011-2014 Laurent Etiemble (laurent dot etiemble at gmail dot com)
 #
 # This script is provided as-is without any warranties. Use it at your own risks.
 #

 # Get parameter
 APP_BUNDLE=$1

 # Locate essential files
 RECEIPT_FILE="$APP_BUNDLE/Contents/_MASReceipt/receipt"
 INFO_PLIST="$APP_BUNDLE/Contents/Info.plist"

 # Temporary file to work
 TEMP_FILE="/var/tmp/$$.dump"

 # A great buddy
 PLIST_BUDDY="/usr/libexec/PlistBuddy"

 # Check that the parameter is provided
 if [ "x$APP_BUNDLE" == "x" ]; then
 	echo "Please provide a valid application bundle"
 	exit -1
 fi

 echo "==========================="
 echo "===== Receigen Dumper ====="
 echo "==========================="
 echo ""

 # Display computer information
 echo "----- BEGIN HARDWARE INFORMATION -----"

 UNAME=`uname -a`
 MAC_ADDRESS=`ifconfig en0 | grep "ether" | sed -e "s/ether//" | xargs echo`

 echo "System Name         : $UNAME"
 echo "Primary MAC Address : $MAC_ADDRESS"

 echo "----- END HARDWARE INFORMATION -----"
 echo ""


 # Display app bundle information
 echo "----- BEGIN APPLICATION INFORMATION -----"

 APP_NAME=`basename "$APP_BUNDLE"`
 APP_IDENTIFIER=`$PLIST_BUDDY -c "Print CFBundleIdentifier" "$INFO_PLIST"`
 APP_VERSION=`$PLIST_BUDDY -c "Print CFBundleShortVersionString" "$INFO_PLIST"`

 echo "Application Bundle     : $APP_BUNDLE"
 echo "Application Name       : $APP_NAME"
 echo "Application Identifier : $APP_IDENTIFIER"
 echo "Application Version    : $APP_VERSION"

 echo ""
 echo "Signature check"
 echo "---------------"
 codesign --verify --verbose=4 "$APP_BUNDLE"
 echo ""
 echo "Signature information"
 echo "---------------------"
 codesign --display --verbose=4 "$APP_BUNDLE"
 echo ""
 echo "Signed files"
 echo "------------"
 codesign --display --file-list - "$APP_BUNDLE"
 echo ""
 echo "Designated requirements"
 echo "-----------------------"
 codesign --display -r - "$APP_BUNDLE"
 echo ""
 echo "Entitlements"
 echo "------------"
 codesign --display --entitlements - "$APP_BUNDLE"
 echo ""

 echo "----- END APPLICATION INFORMATION -----"
 echo ""


 # Display receipt certificates
 echo "----- BEGIN RECEIPT INFORMATION -----"

 openssl asn1parse -inform DER -in "$RECEIPT_FILE" | egrep -A 2 "pkcs7-data" | grep "HEX DUMP" | awk -F":" '{ print $4 }' | xxd -r -p - > "$TEMP_FILE.1"

 LINE=`openssl asn1parse -inform DER -in "$TEMP_FILE.1" | egrep -A 1 "SEQUENCE" | egrep "INTEGER.+:02"`
 openssl asn1parse -inform DER -in "$TEMP_FILE.1" | egrep -A 2 "$LINE" | grep "HEX DUMP" | awk -F":" '{ print $4 }' | xxd -r -p - > "$TEMP_FILE.2"
 RECEIPT_IDENTIFIER=`openssl asn1parse -inform DER -in "$TEMP_FILE.2" | awk -F":" '{ print $4; }'`

 LINE=`openssl asn1parse -inform DER -in "$TEMP_FILE.1" | egrep -A 1 "SEQUENCE" | egrep "INTEGER.+:03"`
 openssl asn1parse -inform DER -in "$TEMP_FILE.1" | egrep -A 2 "$LINE" | grep "HEX DUMP" | awk -F":" '{ print $4 }' | xxd -r -p - > "$TEMP_FILE.3"
 RECEIPT_VERSION=`openssl asn1parse -inform DER -in "$TEMP_FILE.3" | awk -F":" '{ print $4; }'`

 LINE=`openssl asn1parse -inform DER -in "$TEMP_FILE.1" | egrep -A 1 "SEQUENCE" | egrep "INTEGER.+:04"`
 openssl asn1parse -inform DER -in "$TEMP_FILE.1" | egrep -A 2 "$LINE" | grep "HEX DUMP" | awk -F":" '{ print $4 }' > "$TEMP_FILE.4"
 RECEIPT_OPAQUE=`cat "$TEMP_FILE.4"`

 LINE=`openssl asn1parse -inform DER -in "$TEMP_FILE.1" | egrep -A 1 "SEQUENCE" | egrep "INTEGER.+:05"`
 openssl asn1parse -inform DER -in "$TEMP_FILE.1" | egrep -A 2 "$LINE" | grep "HEX DUMP" | awk -F":" '{ print $4 }' > "$TEMP_FILE.5"
 RECEIPT_SHA1=`cat "$TEMP_FILE.5"`

 echo "Receipt identifier : $RECEIPT_IDENTIFIER"
 echo "Receipt version    : $RECEIPT_VERSION"
 echo "Receipt opaque     : $RECEIPT_OPAQUE"
 echo "Receipt SHA-1      : $RECEIPT_SHA1"
 echo ""

 openssl pkcs7 -inform DER -in "$RECEIPT_FILE" -noout -print_certs

 rm -f "TEMP_FILE.1"
 rm -f "TEMP_FILE.2"
 rm -f "TEMP_FILE.3"
 rm -f "TEMP_FILE.4"
 rm -f "TEMP_FILE.5"

 echo "----- END RECEIPT INFORMATION -----"
	#!/bin/bash

	#
	# Copyright (c) 2011-2014 Laurent Etiemble (laurent dot etiemble at gmail dot com)
	#
	# This script is provided as-is without any warranties. Use it at your own risks.
	#

	# Get parameter
	APP_BUNDLE=$1

	# Locate essential files
	RECEIPT_FILE="$APP_BUNDLE/Contents/_MASReceipt/receipt"
	INFO_PLIST="$APP_BUNDLE/Contents/Info.plist"

	# Temporary file to work
	TEMP_FILE="/var/tmp/$$.dump"

	# A great buddy
	PLIST_BUDDY="/usr/libexec/PlistBuddy"

	# Check that the parameter is provided
	if [ "x$APP_BUNDLE" == "x" ]; then
	echo "Please provide a valid application bundle"
	exit -1
	fi

	echo "==========================="
	echo "===== Receigen Dumper ====="
	echo "==========================="
	echo ""

	# Display computer information
	echo "----- BEGIN HARDWARE INFORMATION -----"

	UNAME=`uname -a`
	MAC_ADDRESS=`ifconfig en0 \| grep "ether" \| sed -e "s/ether//" \| xargs echo`

	echo "System Name : $UNAME"
	echo "Primary MAC Address : $MAC_ADDRESS"

	echo "----- END HARDWARE INFORMATION -----"
	echo ""


	# Display app bundle information
	echo "----- BEGIN APPLICATION INFORMATION -----"

	APP_NAME=`basename "$APP_BUNDLE"`
	APP_IDENTIFIER=`$PLIST_BUDDY -c "Print CFBundleIdentifier" "$INFO_PLIST"`
	APP_VERSION=`$PLIST_BUDDY -c "Print CFBundleShortVersionString" "$INFO_PLIST"`

	echo "Application Bundle : $APP_BUNDLE"
	echo "Application Name : $APP_NAME"
	echo "Application Identifier : $APP_IDENTIFIER"
	echo "Application Version : $APP_VERSION"

	echo ""
	echo "Signature check"
	echo "---------------"
	codesign --verify --verbose=4 "$APP_BUNDLE"
	echo ""
	echo "Signature information"
	echo "---------------------"
	codesign --display --verbose=4 "$APP_BUNDLE"
	echo ""
	echo "Signed files"
	echo "------------"
	codesign --display --file-list - "$APP_BUNDLE"
	echo ""
	echo "Designated requirements"
	echo "-----------------------"
	codesign --display -r - "$APP_BUNDLE"
	echo ""
	echo "Entitlements"
	echo "------------"
	codesign --display --entitlements - "$APP_BUNDLE"
	echo ""

	echo "----- END APPLICATION INFORMATION -----"
	echo ""


	# Display receipt certificates
	echo "----- BEGIN RECEIPT INFORMATION -----"

	openssl asn1parse -inform DER -in "$RECEIPT_FILE" \| egrep -A 2 "pkcs7-data" \| grep "HEX DUMP" \| awk -F":" '{ print $4 }' \| xxd -r -p - > "$TEMP_FILE.1"

	LINE=`openssl asn1parse -inform DER -in "$TEMP_FILE.1" \| egrep -A 1 "SEQUENCE" \| egrep "INTEGER.+:02"`
	openssl asn1parse -inform DER -in "$TEMP_FILE.1" \| egrep -A 2 "$LINE" \| grep "HEX DUMP" \| awk -F":" '{ print $4 }' \| xxd -r -p - > "$TEMP_FILE.2"
	RECEIPT_IDENTIFIER=`openssl asn1parse -inform DER -in "$TEMP_FILE.2" \| awk -F":" '{ print $4; }'`

	LINE=`openssl asn1parse -inform DER -in "$TEMP_FILE.1" \| egrep -A 1 "SEQUENCE" \| egrep "INTEGER.+:03"`
	openssl asn1parse -inform DER -in "$TEMP_FILE.1" \| egrep -A 2 "$LINE" \| grep "HEX DUMP" \| awk -F":" '{ print $4 }' \| xxd -r -p - > "$TEMP_FILE.3"
	RECEIPT_VERSION=`openssl asn1parse -inform DER -in "$TEMP_FILE.3" \| awk -F":" '{ print $4; }'`

	LINE=`openssl asn1parse -inform DER -in "$TEMP_FILE.1" \| egrep -A 1 "SEQUENCE" \| egrep "INTEGER.+:04"`
	openssl asn1parse -inform DER -in "$TEMP_FILE.1" \| egrep -A 2 "$LINE" \| grep "HEX DUMP" \| awk -F":" '{ print $4 }' > "$TEMP_FILE.4"
	RECEIPT_OPAQUE=`cat "$TEMP_FILE.4"`

	LINE=`openssl asn1parse -inform DER -in "$TEMP_FILE.1" \| egrep -A 1 "SEQUENCE" \| egrep "INTEGER.+:05"`
	openssl asn1parse -inform DER -in "$TEMP_FILE.1" \| egrep -A 2 "$LINE" \| grep "HEX DUMP" \| awk -F":" '{ print $4 }' > "$TEMP_FILE.5"
	RECEIPT_SHA1=`cat "$TEMP_FILE.5"`

	echo "Receipt identifier : $RECEIPT_IDENTIFIER"
	echo "Receipt version : $RECEIPT_VERSION"
	echo "Receipt opaque : $RECEIPT_OPAQUE"
	echo "Receipt SHA-1 : $RECEIPT_SHA1"
	echo ""

	openssl pkcs7 -inform DER -in "$RECEIPT_FILE" -noout -print_certs

	rm -f "TEMP_FILE.1"
	rm -f "TEMP_FILE.2"
	rm -f "TEMP_FILE.3"
	rm -f "TEMP_FILE.4"
	rm -f "TEMP_FILE.5"

	echo "----- END RECEIPT INFORMATION -----"