letiemble/receigen_dump.sh

## receigen_dump.sh
#!/bin/bash

#
# Copyright (c) 2011-2014 Laurent Etiemble (laurent dot etiemble at gmail dot com)
#
# This script is provided as-is without any warranties. Use it at your own risks.
#

# Get parameter
APP_BUNDLE=$1

# Locate essential files
RECEIPT_FILE="$APP_BUNDLE/Contents/_MASReceipt/receipt"
INFO_PLIST="$APP_BUNDLE/Contents/Info.plist"

# Temporary file to work
TEMP_FILE="/var/tmp/$$.dump"

# A great buddy
PLIST_BUDDY="/usr/libexec/PlistBuddy"

# Check that the parameter is provided
if [ "x$APP_BUNDLE" == "x" ]; then
	echo "Please provide a valid application bundle"
	exit -1
fi

echo "==========================="
echo "===== Receigen Dumper ====="
echo "==========================="
echo ""

# Display computer information
echo "----- BEGIN HARDWARE INFORMATION -----"

UNAME=`uname -a`
MAC_ADDRESS=`ifconfig en0 | grep "ether" | sed -e "s/ether//" | xargs echo`

echo "System Name         : $UNAME"
echo "Primary MAC Address : $MAC_ADDRESS"

echo "----- END HARDWARE INFORMATION -----"
echo ""


# Display app bundle information
echo "----- BEGIN APPLICATION INFORMATION -----"

APP_NAME=`basename "$APP_BUNDLE"`
APP_IDENTIFIER=`$PLIST_BUDDY -c "Print CFBundleIdentifier" "$INFO_PLIST"`
APP_VERSION=`$PLIST_BUDDY -c "Print CFBundleShortVersionString" "$INFO_PLIST"`

echo "Application Bundle     : $APP_BUNDLE"
echo "Application Name       : $APP_NAME"
echo "Application Identifier : $APP_IDENTIFIER"
echo "Application Version    : $APP_VERSION"

echo ""
echo "Signature check"
echo "---------------"
codesign --verify --verbose=4 "$APP_BUNDLE"
echo ""
echo "Signature information"
echo "---------------------"
codesign --display --verbose=4 "$APP_BUNDLE"
echo ""
echo "Signed files"
echo "------------"
codesign --display --file-list - "$APP_BUNDLE"
echo ""
echo "Designated requirements"
echo "-----------------------"
codesign --display -r - "$APP_BUNDLE"
echo ""
echo "Entitlements"
echo "------------"
codesign --display --entitlements - "$APP_BUNDLE"
echo ""

echo "----- END APPLICATION INFORMATION -----"
echo ""


# Display receipt certificates
echo "----- BEGIN RECEIPT INFORMATION -----"

openssl asn1parse -inform DER -in "$RECEIPT_FILE" | egrep -A 2 "pkcs7-data" | grep "HEX DUMP" | awk -F":" '{ print $4 }' | xxd -r -p - > "$TEMP_FILE.1"

LINE=`openssl asn1parse -inform DER -in "$TEMP_FILE.1" | egrep -A 1 "SEQUENCE" | egrep "INTEGER.+:02"`
openssl asn1parse -inform DER -in "$TEMP_FILE.1" | egrep -A 2 "$LINE" | grep "HEX DUMP" | awk -F":" '{ print $4 }' | xxd -r -p - > "$TEMP_FILE.2"
RECEIPT_IDENTIFIER=`openssl asn1parse -inform DER -in "$TEMP_FILE.2" | awk -F":" '{ print $4; }'`

LINE=`openssl asn1parse -inform DER -in "$TEMP_FILE.1" | egrep -A 1 "SEQUENCE" | egrep "INTEGER.+:03"`
openssl asn1parse -inform DER -in "$TEMP_FILE.1" | egrep -A 2 "$LINE" | grep "HEX DUMP" | awk -F":" '{ print $4 }' | xxd -r -p - > "$TEMP_FILE.3"
RECEIPT_VERSION=`openssl asn1parse -inform DER -in "$TEMP_FILE.3" | awk -F":" '{ print $4; }'`

LINE=`openssl asn1parse -inform DER -in "$TEMP_FILE.1" | egrep -A 1 "SEQUENCE" | egrep "INTEGER.+:04"`
openssl asn1parse -inform DER -in "$TEMP_FILE.1" | egrep -A 2 "$LINE" | grep "HEX DUMP" | awk -F":" '{ print $4 }' > "$TEMP_FILE.4"
RECEIPT_OPAQUE=`cat "$TEMP_FILE.4"`

LINE=`openssl asn1parse -inform DER -in "$TEMP_FILE.1" | egrep -A 1 "SEQUENCE" | egrep "INTEGER.+:05"`
openssl asn1parse -inform DER -in "$TEMP_FILE.1" | egrep -A 2 "$LINE" | grep "HEX DUMP" | awk -F":" '{ print $4 }' > "$TEMP_FILE.5"
RECEIPT_SHA1=`cat "$TEMP_FILE.5"`

echo "Receipt identifier : $RECEIPT_IDENTIFIER"
echo "Receipt version    : $RECEIPT_VERSION"
echo "Receipt opaque     : $RECEIPT_OPAQUE"
echo "Receipt SHA-1      : $RECEIPT_SHA1"
echo ""

openssl pkcs7 -inform DER -in "$RECEIPT_FILE" -noout -print_certs

rm -f "TEMP_FILE.1"
rm -f "TEMP_FILE.2"
rm -f "TEMP_FILE.3"
rm -f "TEMP_FILE.4"
rm -f "TEMP_FILE.5"

echo "----- END RECEIPT INFORMATION -----"
	#!/bin/bash

	#
	# Copyright (c) 2011-2014 Laurent Etiemble (laurent dot etiemble at gmail dot com)
	#
	# This script is provided as-is without any warranties. Use it at your own risks.
	#

	# Get parameter
	APP_BUNDLE=$1

	# Locate essential files
	RECEIPT_FILE="$APP_BUNDLE/Contents/_MASReceipt/receipt"
	INFO_PLIST="$APP_BUNDLE/Contents/Info.plist"

	# Temporary file to work
	TEMP_FILE="/var/tmp/$$.dump"

	# A great buddy
	PLIST_BUDDY="/usr/libexec/PlistBuddy"

	# Check that the parameter is provided
	if [ "x$APP_BUNDLE" == "x" ]; then
	echo "Please provide a valid application bundle"
	exit -1
	fi

	echo "==========================="
	echo "===== Receigen Dumper ====="
	echo "==========================="
	echo ""

	# Display computer information
	echo "----- BEGIN HARDWARE INFORMATION -----"

	UNAME=`uname -a`
	MAC_ADDRESS=`ifconfig en0 \| grep "ether" \| sed -e "s/ether//" \| xargs echo`

	echo "System Name : $UNAME"
	echo "Primary MAC Address : $MAC_ADDRESS"

	echo "----- END HARDWARE INFORMATION -----"
	echo ""


	# Display app bundle information
	echo "----- BEGIN APPLICATION INFORMATION -----"

	APP_NAME=`basename "$APP_BUNDLE"`
	APP_IDENTIFIER=`$PLIST_BUDDY -c "Print CFBundleIdentifier" "$INFO_PLIST"`
	APP_VERSION=`$PLIST_BUDDY -c "Print CFBundleShortVersionString" "$INFO_PLIST"`

	echo "Application Bundle : $APP_BUNDLE"
	echo "Application Name : $APP_NAME"
	echo "Application Identifier : $APP_IDENTIFIER"
	echo "Application Version : $APP_VERSION"

	echo ""
	echo "Signature check"
	echo "---------------"
	codesign --verify --verbose=4 "$APP_BUNDLE"
	echo ""
	echo "Signature information"
	echo "---------------------"
	codesign --display --verbose=4 "$APP_BUNDLE"
	echo ""
	echo "Signed files"
	echo "------------"
	codesign --display --file-list - "$APP_BUNDLE"
	echo ""
	echo "Designated requirements"
	echo "-----------------------"
	codesign --display -r - "$APP_BUNDLE"
	echo ""
	echo "Entitlements"
	echo "------------"
	codesign --display --entitlements - "$APP_BUNDLE"
	echo ""

	echo "----- END APPLICATION INFORMATION -----"
	echo ""


	# Display receipt certificates
	echo "----- BEGIN RECEIPT INFORMATION -----"

	openssl asn1parse -inform DER -in "$RECEIPT_FILE" \| egrep -A 2 "pkcs7-data" \| grep "HEX DUMP" \| awk -F":" '{ print $4 }' \| xxd -r -p - > "$TEMP_FILE.1"

	LINE=`openssl asn1parse -inform DER -in "$TEMP_FILE.1" \| egrep -A 1 "SEQUENCE" \| egrep "INTEGER.+:02"`
	openssl asn1parse -inform DER -in "$TEMP_FILE.1" \| egrep -A 2 "$LINE" \| grep "HEX DUMP" \| awk -F":" '{ print $4 }' \| xxd -r -p - > "$TEMP_FILE.2"
	RECEIPT_IDENTIFIER=`openssl asn1parse -inform DER -in "$TEMP_FILE.2" \| awk -F":" '{ print $4; }'`

	LINE=`openssl asn1parse -inform DER -in "$TEMP_FILE.1" \| egrep -A 1 "SEQUENCE" \| egrep "INTEGER.+:03"`
	openssl asn1parse -inform DER -in "$TEMP_FILE.1" \| egrep -A 2 "$LINE" \| grep "HEX DUMP" \| awk -F":" '{ print $4 }' \| xxd -r -p - > "$TEMP_FILE.3"
	RECEIPT_VERSION=`openssl asn1parse -inform DER -in "$TEMP_FILE.3" \| awk -F":" '{ print $4; }'`

	LINE=`openssl asn1parse -inform DER -in "$TEMP_FILE.1" \| egrep -A 1 "SEQUENCE" \| egrep "INTEGER.+:04"`
	openssl asn1parse -inform DER -in "$TEMP_FILE.1" \| egrep -A 2 "$LINE" \| grep "HEX DUMP" \| awk -F":" '{ print $4 }' > "$TEMP_FILE.4"
	RECEIPT_OPAQUE=`cat "$TEMP_FILE.4"`

	LINE=`openssl asn1parse -inform DER -in "$TEMP_FILE.1" \| egrep -A 1 "SEQUENCE" \| egrep "INTEGER.+:05"`
	openssl asn1parse -inform DER -in "$TEMP_FILE.1" \| egrep -A 2 "$LINE" \| grep "HEX DUMP" \| awk -F":" '{ print $4 }' > "$TEMP_FILE.5"
	RECEIPT_SHA1=`cat "$TEMP_FILE.5"`

	echo "Receipt identifier : $RECEIPT_IDENTIFIER"
	echo "Receipt version : $RECEIPT_VERSION"
	echo "Receipt opaque : $RECEIPT_OPAQUE"
	echo "Receipt SHA-1 : $RECEIPT_SHA1"
	echo ""

	openssl pkcs7 -inform DER -in "$RECEIPT_FILE" -noout -print_certs

	rm -f "TEMP_FILE.1"
	rm -f "TEMP_FILE.2"
	rm -f "TEMP_FILE.3"
	rm -f "TEMP_FILE.4"
	rm -f "TEMP_FILE.5"

	echo "----- END RECEIPT INFORMATION -----"