Tighten Pro
Your rating: Now say why...

(2) 3.25

Mac App Store receipt validation and code generator.   Commercial ($299.99)
Add to my Watch List
Email me when discounted
Tighten Pro is a code generator & verifier for Mac App Store receipt validation, codesigning & security.

Getting your Mac OS X App ready for the App Store is simple. Until you start thinking about verifying the store receipt, checking the certificate chain used to sign your application and checking the integrity of the application bundle. Implementing all of the WWDR recommendations for the App Store could take up to a month (that's the voice of experience speaking), even for experienced developers!

Tighten Pro changes all that. With a built-in code generator that
What's New
Version 1.0.11:
  • Secure, inline In-App purchase validation.
  • Sandbox security assessment and entitlements.
  • Gatekeeper/Developer ID certificate support & code generation.
  • MASReceipt inspector shows all receipt data including In-App purchases.
  • New receipt validation code with signing and trust certificate chain verification.
  • Generated code now clean of all deprecated function calls.
Version 1.0.11:
  • Secure, inline In-App purchase validation.
  • Sandbox security assessment and entitlements.
  • Gatekeeper/Developer ID certificate support & code generation.
  • MASReceipt inspector shows all receipt data including In-App purchases.
  • New receipt validation code with signing and trust certificate chain verification.
  • Generated code now more...
Requirements
Intel, OS X 10.6.8 or later



MacUpdate - Tighten Pro



    Be the first to recommend a similar software title.
Tighten Pro User Discussion (Write a Review)
ver. 1.x:
(2)
Your rating: Now say why...
Overall:
(2)

sort: smiles | time
burypromote

+71

Irradiated-Software reviewed on 17 Dec 2012
I'm a bit embarrassed by my first reply, I just didn't do my background reading before attempting to dive in.

Apple's own Code Signing Guide is required reading before getting started:
http://bit.ly/YazXao

Once you get your footing, the app is much easier to use. Still, this is a very complex area and I would like to see more comprehensive documentation in the app. There is a short manual and a nice tutorial, but a lot of knowledge is assumed.
[Version 1.0.6]


burypromote

+119
@timi commented on 12 Apr 2012
$300 and you're going to have THAT for an icon?
Honestly if you're going to charge exorbitant amounts for something you should actually pay an artist for an icon to be proud of.
[Version 1.0.6]

2 Replies

burypromote

+71
Irradiated-Software replied on 15 Dec 2012
Given the audience of this tool, developers, I'm not sure the icon matters much.

More important is whether the tool is easy to use, produces good results, saves me time, and the developer is responsive to support requests.

So far, things aren't going so well…
1) Emails to the developer are bouncing and there is no other form of contact via the website.
2) I'm not sure of the difference between the three versions of Tighten (Free, Regular, Pro).
3) The app description uses terminology like "security requirements" which I'm not familiar with. These are probably common terms within the sphere of software security, but as a developer who is looking for help in a difficult area like this, I need a stronger list of benefits and reasons why I need this app, not a list of features like "Read PKCS#7 format", which means little to nothing to me.
burypromote

+71
Irradiated-Software replied on 15 Dec 2012
I have since been able to contact the developer and let him know his emails were bouncing. So far, the developer is very helpful and responsive.
There are currently no troubleshooting comments. If you are experiencing a problem with this app, please post a comment.


+8

Roes rated on 21 Nov 2012

[Version 1.0.6]


Downloads:733
Version Downloads:86
Type:Development : Libraries
License:Commercial
Date:15 Nov 2012
Platform:Intel 64 / Intel 32 / OS X
Price: $299.99
Overall (Version 1.x):
Features:
Ease of Use:
Value:
Stability:
Displaying 1-2 of 2
Displaying 1-1 of 1
-
-
-
Please login or create a new
MacUpdate Member account
to use this feature
Watch Lists are available to
MacUpdate Desktop Members
Upgrade Now
Install with MacUpdate Desktop.
Save time moving files & cleaning
up space wasting archives.
Tighten Pro is a code generator & verifier for Mac App Store receipt validation, codesigning & security.

Getting your Mac OS X App ready for the App Store is simple. Until you start thinking about verifying the store receipt, checking the certificate chain used to sign your application and checking the integrity of the application bundle. Implementing all of the WWDR recommendations for the App Store could take up to a month (that's the voice of experience speaking), even for experienced developers!

Tighten Pro changes all that. With a built-in code generator that reads directly from your codesign-ed app bundle, you can add a complete, robust App Store implementation to your own application in under 30 minutes. And since the code generator creates customized security code, your app will be more secure than if you simply reused sample code from the internet.

Tighten Pro was used to add App Store code to both Reducticon and FaceBoof! in under an hour. Compare that to the author's first attempt at store receipt validation by modifying sample code from the internet, which took over a day and only addressed a subset of the recommended validation checks.

This Pro version of Tighten includes a code generator that creates robust implementations of App Store receipt validation code, complete with customized security checks based on your Mac Developer identity, your app Bundle ID and the WWDR certificate chain.

Saves up to 30 days of work per-implementation and generates code unique to your app. Use it over and over again for all your little Apps. Reduce piracy, increase developer productivity, have plenty of time to watch this week's episode of Caprica or V.

Tighten's receipt validation implements all the recommended checks for Mac App Store receipts, including:
  • App Store receipt validation with code signature checks.
  • Testing SHA1 fingerprints of application signing certificate chain.
  • Custom security requirements based on your developer certificate/identity.
  • Checks integrity of application bundle.
Tighten includes both:

1. Inspection - load any application bundle (including Apps you already have in the store) and inspect the code signing attributes (certificate chain, designated requirements and secure Info.plist values), symbols, strings and app store receipt values.

2. Code Generation - create customized, obfuscated codesign checking for your own Cocoa (or Carbon) apps. Obfuscation and code generation means the code will be unique to your application.

At a Glance:
  • Inspect application code signature.
  • Calculates SHA1 fingerprints of application signing certificate chain.
  • Generates code for codesign requirement checks.
  • Inspect App Store Receipts and verify values against your own receipt-checking code.
  • Creates 32/64-bit inline ANSI C (GCC) code for inclusion in .h .c, .m, .cpp and .mm files.
  • Quickly review public symbols and strings without opening console.


- -