Fix Swiftlint warnings

Rename allSteps to default, add a full initializer as well

.gitattributes

@@ -0,0 +1,2 @@
+Hekate/Hekate/OpenSSL/include-ios/* linguist-vendored
+Hekate/Hekate/OpenSSL/include-macos/* linguist-vendored

Hekate/Hekate Demo iOS/Base.lproj/Main.storyboard

@@ -1,10 +1,11 @@
 <?xml version="1.0" encoding="UTF-8"?>
-<document type="com.apple.InterfaceBuilder3.CocoaTouch.Storyboard.XIB" version="3.0" toolsVersion="13189.4" targetRuntime="iOS.CocoaTouch" propertyAccessControl="none" useAutolayout="YES" useTraitCollections="YES" useSafeAreas="YES" colorMatched="YES" initialViewController="BYZ-38-t0r">
+<document type="com.apple.InterfaceBuilder3.CocoaTouch.Storyboard.XIB" version="3.0" toolsVersion="13529" targetRuntime="iOS.CocoaTouch" propertyAccessControl="none" useAutolayout="YES" useTraitCollections="YES" useSafeAreas="YES" colorMatched="YES" initialViewController="BYZ-38-t0r">
     <device id="retina4_7" orientation="portrait">
         <adaptation id="fullscreen"/>
     </device>
     <dependencies>
-        <plugIn identifier="com.apple.InterfaceBuilder.IBCocoaTouchPlugin" version="13165.3"/>
+        <deployment identifier="iOS"/>
+        <plugIn identifier="com.apple.InterfaceBuilder.IBCocoaTouchPlugin" version="13527"/>
         <capability name="Safe area layout guides" minToolsVersion="9.0"/>
         <capability name="documents saved in the Xcode 8 format" minToolsVersion="8.0"/>
     </dependencies>
@@ -16,59 +17,10 @@
                     <view key="view" contentMode="scaleToFill" id="8bC-Xf-vdC">
                         <rect key="frame" x="0.0" y="0.0" width="375" height="667"/>
                         <autoresizingMask key="autoresizingMask" widthSizable="YES" heightSizable="YES"/>
-                        <subviews>
-                            <stackView opaque="NO" contentMode="scaleToFill" axis="vertical" translatesAutoresizingMaskIntoConstraints="NO" id="ycc-vI-8g6">
-                                <rect key="frame" x="20" y="40" width="335" height="607"/>
-                                <subviews>
-                                    <label opaque="NO" userInteractionEnabled="NO" contentMode="left" horizontalHuggingPriority="251" verticalHuggingPriority="750" verticalCompressionResistancePriority="800" text="Hekate" textAlignment="natural" lineBreakMode="tailTruncation" baselineAdjustment="alignBaselines" adjustsFontSizeToFit="NO" translatesAutoresizingMaskIntoConstraints="NO" id="QDJ-Q7-MuR">
-                                        <rect key="frame" x="0.0" y="0.0" width="335" height="20.5"/>
-                                        <fontDescription key="fontDescription" type="system" pointSize="17"/>
-                                        <nil key="textColor"/>
-                                        <nil key="highlightedColor"/>
-                                    </label>
-                                    <textView clipsSubviews="YES" multipleTouchEnabled="YES" contentMode="scaleToFill" textAlignment="natural" translatesAutoresizingMaskIntoConstraints="NO" id="I7S-AU-qti">
-                                        <rect key="frame" x="0.0" y="20.5" width="335" height="456.5"/>
-                                        <color key="backgroundColor" white="1" alpha="1" colorSpace="calibratedWhite"/>
-                                        <string key="text">Lorem ipsum dolor sit er elit lamet, consectetaur cillium adipisicing pecu, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum. Nam liber te conscient to factor tum poen legum odioque civiuda.</string>
-                                        <fontDescription key="fontDescription" type="system" pointSize="14"/>
-                                        <textInputTraits key="textInputTraits" autocapitalizationType="sentences"/>
-                                    </textView>
-                                    <textView clipsSubviews="YES" multipleTouchEnabled="YES" contentMode="scaleToFill" verticalHuggingPriority="255" verticalCompressionResistancePriority="748" text="(no data)" textAlignment="natural" translatesAutoresizingMaskIntoConstraints="NO" id="GRW-kL-w14">
-                                        <rect key="frame" x="0.0" y="477" width="335" height="100"/>
-                                        <color key="backgroundColor" white="1" alpha="1" colorSpace="calibratedWhite"/>
-                                        <constraints>
-                                            <constraint firstAttribute="height" constant="100" id="rkj-Uz-pFJ"/>
-                                        </constraints>
-                                        <fontDescription key="fontDescription" type="system" pointSize="14"/>
-                                        <textInputTraits key="textInputTraits" autocapitalizationType="sentences"/>
-                                    </textView>
-                                    <button opaque="NO" contentMode="scaleToFill" verticalHuggingPriority="750" verticalCompressionResistancePriority="850" contentHorizontalAlignment="center" contentVerticalAlignment="center" buttonType="roundedRect" lineBreakMode="middleTruncation" translatesAutoresizingMaskIntoConstraints="NO" id="8wd-R7-o0b">
-                                        <rect key="frame" x="0.0" y="577" width="335" height="30"/>
-                                        <constraints>
-                                            <constraint firstAttribute="height" constant="30" id="xPJ-u9-TvY"/>
-                                        </constraints>
-                                        <state key="normal" title="Refresh Receipt from Store"/>
-                                        <connections>
-                                            <action selector="refreshReceiptFromStoreTapped" destination="BYZ-38-t0r" eventType="touchUpInside" id="i9X-hc-Dww"/>
-                                        </connections>
-                                    </button>
-                                </subviews>
-                            </stackView>
-                        </subviews>
                         <color key="backgroundColor" red="1" green="1" blue="1" alpha="1" colorSpace="custom" customColorSpace="sRGB"/>
-                        <constraints>
-                            <constraint firstItem="MPn-6g-0qv" firstAttribute="bottom" secondItem="ycc-vI-8g6" secondAttribute="bottom" constant="20" id="J1k-CU-xyi"/>
-                            <constraint firstItem="MPn-6g-0qv" firstAttribute="trailing" secondItem="ycc-vI-8g6" secondAttribute="trailing" constant="20" id="KiK-CX-iz8"/>
-                            <constraint firstItem="ycc-vI-8g6" firstAttribute="leading" secondItem="MPn-6g-0qv" secondAttribute="leading" constant="20" id="ZbF-Cm-dp2"/>
-                            <constraint firstItem="ycc-vI-8g6" firstAttribute="top" secondItem="MPn-6g-0qv" secondAttribute="top" constant="20" id="r2h-em-aKZ"/>
-                        </constraints>
                         <edgeInsets key="layoutMargins" top="20" left="20" bottom="20" right="20"/>
                         <viewLayoutGuide key="safeArea" id="MPn-6g-0qv"/>
                     </view>
-                    <connections>
-                        <outlet property="receiptDataTextView" destination="GRW-kL-w14" id="zMl-tu-gie"/>
-                        <outlet property="textView" destination="I7S-AU-qti" id="PPF-3A-8xS"/>
-                    </connections>
                 </viewController>
                 <placeholder placeholderIdentifier="IBFirstResponder" id="dkx-z0-nzr" sceneMemberID="firstResponder"/>
             </objects>

Hekate/Hekate Demo iOS/HekateDemoViewModel.swift

@@ -1,48 +0,0 @@
-//
-//  HekateDemoViewModel.swift
-//  Hekate Demo iOS
-//
-//  Created by Hannes Oud on 08.09.17.
-//  Copyright © 2017 IdeasOnCanvas GmbH. All rights reserved.
-//
-
-import Foundation
-import Hekate
-
-struct HekateDemoViewModel {
-
-    var hasReceipt: Bool { return self.lastReceiptData != nil }
-    var lastReceiptData: Data?
-    var lastValidationResult: LocalReceiptValidator.Result?
-    var receiptIsValid: Bool {
-        guard let result = self.lastValidationResult else { return false }
-
-        switch result {
-        case .success:
-            return true
-        default:
-            return false
-        }
-    }
-    var descriptionText: String {
-        guard let result = self.lastValidationResult else { return "(No result)" }
-
-        switch result {
-        case .success(let receipt):
-            return "Valid\n" + receipt.description
-        case .error(let error):
-            return "Invalid: \(error)"
-        }
-    }
-    var receiptDataBase64Text: String {
-        guard let data = self.lastReceiptData else { return "(no data)" }
-
-        return data.base64EncodedString(options: [.lineLength64Characters])
-    }
-
-    mutating func update() {
-        self.lastReceiptData = LocalReceiptValidator.Parameters.ReceiptOrigin.installedInMainBundle.loadData()
-        self.lastValidationResult = LocalReceiptValidator().validateReceipt()
-    }
-
-}

Hekate/Hekate Demo iOS/StoreKitHelper.swift

@@ -1,65 +0,0 @@
-//
-//  StoreKitHelper.swift
-//  Hekate Demo iOS
-//
-//  Created by Hannes Oud on 08.09.17.
-//  Copyright © 2017 IdeasOnCanvas GmbH. All rights reserved.
-//
-
-import Foundation
-import StoreKit
-
-@objc
-final class StoreKitHelper: NSObject {
-
-    @objc static let shared = StoreKitHelper()
-    @objc var refreshCompletedAction: ((NSError?) -> Void)?
-
-    private lazy var delegateHolder: DelegateHolder = {
-        let delegateHolder = DelegateHolder()
-        delegateHolder.refreshCompletedAction = { [weak self] error in
-            self?.refreshCompletedAction?(error)
-        }
-        return delegateHolder
-    }()
-
-    public func refresh() {
-        let request = SKReceiptRefreshRequest(receiptProperties: nil)
-        request.delegate = self.delegateHolder
-        request.start()
-    }
-
-    public func logReceipt() {
-        print("Local Device ID (GUID):\n" + (UIDevice.current.identifierForVendor?.uuidString ?? "nil"))
-        guard let data = self.receiptData else {
-            print("No receipt")
-            return
-        }
-        let base64 = data.base64EncodedString()
-        print("ReceiptData:\n" + base64)
-    }
-
-    public var receiptData: Data? {
-        guard let url = Bundle.main.appStoreReceiptURL else { return nil }
-
-        return try? Data(contentsOf: url)
-    }
-}
-
-/// Encapsules SKRequestDelegate so it is not exposed if not necessary
-private final class DelegateHolder: NSObject, SKRequestDelegate {
-
-    var refreshCompletedAction: ((NSError?) -> Void)?
-
-    func requestDidFinish(_ request: SKRequest) {
-        DispatchQueue.main.async {
-            self.refreshCompletedAction?(nil)
-        }
-    }
-
-    func request(_ request: SKRequest, didFailWithError error: Error) {
-        DispatchQueue.main.async {
-            self.refreshCompletedAction?(error as NSError)
-        }
-    }
-}

Hekate/Hekate Demo iOS/ViewController.swift

@@ -6,39 +6,6 @@
 //  Copyright © 2017 IdeasOnCanvas GmbH. All rights reserved.
 //
 
-import Hekate
-import StoreKit
 import UIKit
 
-class ViewController: UIViewController {
-
-    private var storeKitHelper = StoreKitHelper()
-    private var viewModel = HekateDemoViewModel() {
-        didSet {
-            self.updateViewFromViewModel()
-        }
-    }
-    @IBOutlet private weak var textView: UITextView!
-    @IBOutlet private weak var receiptDataTextView: UITextView!
-
-    override func viewDidLoad() {
-        super.viewDidLoad()
-        self.storeKitHelper.refreshCompletedAction = { [weak self] _ in
-            self?.updateViewModel()
-        }
-        updateViewModel()
-    }
-
-    private func updateViewFromViewModel() {
-        textView.text = self.viewModel.descriptionText
-        receiptDataTextView.text = self.viewModel.receiptDataBase64Text
-    }
-
-    private func updateViewModel() {
-        viewModel.update()
-    }
-
-    @IBAction func refreshReceiptFromStoreTapped() {
-        storeKitHelper.refresh()
-    }
-}
+class ViewController: UIViewController {}

Hekate/Hekate Tests Shared/LocalReceiptPropertyValidationTests.swift

@@ -0,0 +1,129 @@
+//
+//  LocalReceiptPropertyValidationTests.swift
+//  Hekate iOS
+//
+//  Created by Hannes Oud on 14.09.17.
+//  Copyright © 2017 IdeasOnCanvas GmbH. All rights reserved.
+//
+
+import Hekate
+import XCTest
+
+class LocalReceiptPropertyValidationTests: XCTestCase {
+
+    private let receiptValidator = LocalReceiptValidator()
+
+    func testCorrectMainBundlePropertiesiOS() {
+        let receipt = Receipt(bundleIdentifier: Bundle.main.bundleIdentifier,
+                              bundleIdData: nil,
+                              appVersion: Bundle.main.infoDictionary?[String(kCFBundleVersionKey)] as? String,
+                              opaqueValue: nil,
+                              sha1Hash: nil,
+                              originalAppVersion: nil,
+                              receiptCreationDate: nil,
+                              expirationDate: nil,
+                              inAppPurchaseReceipts: [])
+        do {
+            try receiptValidator.validateProperties(receipt: receipt, validations: [
+                .bundleIdMatchingMainBundle,
+                .appVersionMatchingMainBundleIOS
+            ])
+        } catch {
+            XCTFail("validation failed unexpectedly")
+        }
+    }
+
+    func testCorrectMainBundlePropertiesMacOS() {
+        let receipt = Receipt(bundleIdentifier: Bundle.main.bundleIdentifier,
+                              bundleIdData: nil,
+                              appVersion: Bundle.main.infoDictionary?[String("CFBundleShortVersionString")] as? String,
+                              opaqueValue: nil,
+                              sha1Hash: nil,
+                              originalAppVersion: nil,
+                              receiptCreationDate: nil,
+                              expirationDate: nil,
+                              inAppPurchaseReceipts: [])
+        do {
+            try receiptValidator.validateProperties(receipt: receipt, validations: [
+                .bundleIdMatchingMainBundle,
+                .appVersionMatchingMainBundleMacOS
+                ])
+        } catch {
+            XCTFail("validation failed unexpectedly")
+        }
+    }
+
+    func testSpecificHardcodedPropertyMatches() {
+        let receipt = Receipt(bundleIdentifier: "bundleIdentifier",
+                              bundleIdData: nil,
+                              appVersion: "appVersion",
+                              opaqueValue: nil,
+                              sha1Hash: nil,
+                              originalAppVersion: "originalAppVersion",
+                              receiptCreationDate: nil,
+                              expirationDate: nil,
+                              inAppPurchaseReceipts: [])
+        do {
+            try receiptValidator.validateProperties(receipt: receipt, validations: [
+                .string(\Receipt.bundleIdentifier, expected: "bundleIdentifier"),
+                .string(\Receipt.appVersion, expected: "appVersion"),
+                .string(\Receipt.originalAppVersion, expected: "originalAppVersion")
+                ])
+        } catch {
+            XCTFail("validation failed unexpectedly")
+        }
+    }
+
+    func testMindNodeProMacReceiptPropertyMismatches() {
+        guard let data = assertTestAsset(filename: "hannes_mac_mindnode_pro_receipt") else { return }
+
+        @discardableResult
+        func assertPropertyMismatch(line: UInt = #line, configuration: (inout LocalReceiptValidator.Parameters) -> Void) -> Bool {
+            let result = receiptValidator.validateReceipt {
+                $0.receiptOrigin = .data(data)
+                $0.shouldValidateHash = false // the original device identifier is unknown
+                $0.propertyValidations = [ .string(\.appVersion, expected: "mismatching property"),
+                                           .string(\.originalAppVersion, expected: "1.10.6")]
+            }
+            guard let error = result.error else {
+                XCTFail("Unexpectedly succeeded validating, but expected a property mismatch)", file: #file, line: line)
+                return false
+            }
+            guard error == LocalReceiptValidator.Error.propertyValueMismatch else {
+                XCTFail("Expected a property mismatch, but found an \(error)", file: #file, line: line)
+                return false
+            }
+
+            return true
+        }
+
+        assertPropertyMismatch {
+            $0.propertyValidations = [.string(\.appVersion, expected: "mismatching property"),
+                                      .string(\.originalAppVersion, expected: "1.10.6")]
+        }
+        assertPropertyMismatch {
+            $0.propertyValidations = [.string(\.appVersion, expected: "1.11.5"),
+                                      .string(\.originalAppVersion, expected: "mismatching property")]
+        }
+        assertPropertyMismatch {
+            $0.propertyValidations = [.string(\.bundleIdentifier, expected: "mismatching property")]
+        }
+        assertPropertyMismatch {
+            $0.propertyValidations = [.string(\.bundleIdentifier, expected: "mismatching property"),
+                                      .string(\.appVersion, expected: "mismatching property") ]
+        }
+        assertPropertyMismatch {
+            $0.propertyValidations = [.string(\.bundleIdentifier, expected: "mismatching property"),
+                                      .string(\.appVersion, expected: "mismatching property") ]
+        }
+        assertPropertyMismatch {
+            $0.propertyValidations = [.bundleIdMatchingMainBundle]
+        }
+        assertPropertyMismatch {
+            $0.propertyValidations = [.appVersionMatchingMainBundleIOS]
+        }
+        assertPropertyMismatch {
+            $0.propertyValidations = [.appVersionMatchingMainBundleMacOS]
+        }
+    }
+}

Hekate/Hekate Tests Shared/LocalReceiptValidationInAppPurchaseTests.swift

@@ -34,6 +34,7 @@ class LocalReceiptValidationInAppPurchaseTests: XCTestCase {
             $0.receiptOrigin = .data(data)
             $0.shouldValidateHash = false
             $0.shouldValidateSignatureAuthenticity = false
+            $0.propertyValidations = []
         }
         guard let receipt = result.receipt else {
             XCTFail("Unexpectedly failed parsing a receipt \(result.error!)")

Hekate/Hekate Tests Shared/LocalReceiptValidationTests.swift

@@ -46,6 +46,34 @@ class LocalReceiptValidationTests: XCTestCase {
         }
     }
 
+    func testMindNodeProMacReceiptPropertyValidation() {
+        guard let data = assertTestAsset(filename: "hannes_mac_mindnode_pro_receipt") else { return }
+
+        let expected = Receipt(
+            bundleIdentifier: "com.mindnode.MindNodePro",
+            bundleIdData: Data(base64Encoded: "DBhjb20ubWluZG5vZGUuTWluZE5vZGVQcm8=")!,
+            appVersion: "1.11.5",
+            opaqueValue: Data(base64Encoded: "/cPmDfuyFyluvodJXQRvig=="),
+            sha1Hash: Data(base64Encoded: "MDBF4hAt6Y+7IlAydxroa/SQeY4="),
+            originalAppVersion: "1.10.6",
+            receiptCreationDate: Date.demoDate(string: "2016-02-12T10:57:42Z"),
+            expirationDate: nil,
+            inAppPurchaseReceipts: []
+        )
+        let result = receiptValidator.validateReceipt {
+            $0.receiptOrigin = .data(data)
+            $0.shouldValidateHash = false // the original device identifier is unknown
+            $0.propertyValidations = [ .string(\.appVersion, expected: "1.11.5"),
+                                       .string(\.originalAppVersion, expected: "1.10.6")]
+        }
+        guard let receipt = result.receipt else {
+            XCTFail("Unexpectedly failed parsing a receipt \(result.error!)")
+            return
+        }
+
+        XCTAssertEqual(receipt, expected)
+    }
+
     func testMindNodeProMacReceiptParsing() {
         guard let data = assertTestAsset(filename: "hannes_mac_mindnode_pro_receipt") else { return }
 
@@ -63,6 +91,8 @@ class LocalReceiptValidationTests: XCTestCase {
         let result = receiptValidator.validateReceipt {
             $0.receiptOrigin = .data(data)
             $0.shouldValidateHash = false // the original device identifier is unknown
+            $0.propertyValidations = [ .string(\.appVersion, expected: "1.11.5"),
+                                       .string(\.originalAppVersion, expected: "1.10.6")]
         }
         guard let receipt = result.receipt else {
             XCTFail("Unexpectedly failed parsing a receipt \(result.error!)")
@@ -246,7 +276,7 @@ class LocalReceiptValidationTests: XCTestCase {
     func testiOSParsingPerformance() {
         guard let data = assertB64TestAsset(filename: "mindnode_ios_michaelsandbox_receipt1.b64") else { return }
 
-        let parameters = LocalReceiptValidator.Parameters.allSteps.with {
+        let parameters = LocalReceiptValidator.Parameters.default.with {
             $0.receiptOrigin = .data(data)
             $0.deviceIdentifier = LocalReceiptValidator.Parameters.DeviceIdentifier(uuid: UUID(uuidString: "3B76A7BD-8F5B-46A4-BCB1-CCE8DBD1B3CD")!)
         }
@@ -255,3 +285,13 @@ class LocalReceiptValidationTests: XCTestCase {
         }
     }
 }
+
+// MARK: - LocalReceiptValidator + Convenience
+
+extension LocalReceiptValidator {
+
+    /// Validates a local receipt and returns the result using the parameters `LocalReceiptValidator.Parameters.default`, which can be further configured in the passed block.
+    func validateReceipt(configuration: (inout Parameters) -> Void) -> Result {
+        return validateReceipt(parameters: Parameters.default.with(block: configuration))
+    }
+}

Hekate/Hekate.xcodeproj/project.pbxproj

@@ -32,7 +32,6 @@
 		D15358B41F62C47400F297D0 /* deprecatedSinglesTypeExpiredAppleCert_receipt.b64 in Resources */ = {isa = PBXBuildFile; fileRef = D15358B11F62C3C400F297D0 /* deprecatedSinglesTypeExpiredAppleCert_receipt.b64 */; };
 		D15358B51F62C47500F297D0 /* deprecatedSinglesTypeExpiredAppleCert_receipt.b64 in Resources */ = {isa = PBXBuildFile; fileRef = D15358B11F62C3C400F297D0 /* deprecatedSinglesTypeExpiredAppleCert_receipt.b64 */; };
 		D15358EF1F62D2C100F297D0 /* Hekate.framework in Embed Frameworks */ = {isa = PBXBuildFile; fileRef = D1D6F4B51F5D684C00E86FE1 /* Hekate.framework */; settings = {ATTRIBUTES = (CodeSignOnCopy, RemoveHeadersOnCopy, ); }; };
-		D15358F11F62D43400F297D0 /* HekateDemoViewModel.swift in Sources */ = {isa = PBXBuildFile; fileRef = D15358F01F62D43400F297D0 /* HekateDemoViewModel.swift */; };
 		D15C59111F697D4D006F66FE /* pkcs7_union_accessors.h in Headers */ = {isa = PBXBuildFile; fileRef = D19095BA1F6004D10095729B /* pkcs7_union_accessors.h */; settings = {ATTRIBUTES = (Private, ); }; };
 		D15C59151F698061006F66FE /* aes.h in Headers */ = {isa = PBXBuildFile; fileRef = D1D431061F69627600F7F39D /* aes.h */; settings = {ATTRIBUTES = (Private, ); }; };
 		D15C59181F6981C4006F66FE /* asn1.h in Headers */ = {isa = PBXBuildFile; fileRef = D1D431071F69627600F7F39D /* asn1.h */; settings = {ATTRIBUTES = (Private, ); }; };
@@ -134,7 +133,8 @@
 		D19095CC1F601E5D0095729B /* not_a_receipt in Resources */ = {isa = PBXBuildFile; fileRef = D1D6F54F1F5D9E8D00E86FE1 /* not_a_receipt */; };
 		D19095CD1F601E960095729B /* LocalReceiptValidationTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = D1D6F5411F5D8A3800E86FE1 /* LocalReceiptValidationTests.swift */; };
 		D19095CE1F601E980095729B /* LocalReceiptValidationTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = D1D6F5411F5D8A3800E86FE1 /* LocalReceiptValidationTests.swift */; };
-		D1A46B821F62E26900A390EC /* StoreKitHelper.swift in Sources */ = {isa = PBXBuildFile; fileRef = D1A46B811F62E26900A390EC /* StoreKitHelper.swift */; };
+		D1AA845C1F6ABB59007F2558 /* LocalReceiptPropertyValidationTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = D1AA845A1F6ABB31007F2558 /* LocalReceiptPropertyValidationTests.swift */; };
+		D1AA845D1F6ABB59007F2558 /* LocalReceiptPropertyValidationTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = D1AA845A1F6ABB31007F2558 /* LocalReceiptPropertyValidationTests.swift */; };
 		D1AB81AA1F696F0200B57E29 /* aes.h in Headers */ = {isa = PBXBuildFile; fileRef = D1D430B61F69627600F7F39D /* aes.h */; settings = {ATTRIBUTES = (Private, ); }; };
 		D1AB81AB1F696F0200B57E29 /* asn1.h in Headers */ = {isa = PBXBuildFile; fileRef = D1D430B71F69627600F7F39D /* asn1.h */; settings = {ATTRIBUTES = (Private, ); }; };
 		D1AB81AC1F696F0200B57E29 /* asn1_mac.h in Headers */ = {isa = PBXBuildFile; fileRef = D1D430B81F69627600F7F39D /* asn1_mac.h */; settings = {ATTRIBUTES = (Private, ); }; };
@@ -286,7 +286,6 @@
 		D150A0ED1F669A880026ED04 /* LocalReceiptValidationInAppPurchaseTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = LocalReceiptValidationInAppPurchaseTests.swift; sourceTree = "<group>"; };
 		D15358A51F62BEC100F297D0 /* grandUnifiedExpiredAppleCert_receipt.b64 */ = {isa = PBXFileReference; lastKnownFileType = text; path = grandUnifiedExpiredAppleCert_receipt.b64; sourceTree = "<group>"; };
 		D15358B11F62C3C400F297D0 /* deprecatedSinglesTypeExpiredAppleCert_receipt.b64 */ = {isa = PBXFileReference; lastKnownFileType = text; path = deprecatedSinglesTypeExpiredAppleCert_receipt.b64; sourceTree = "<group>"; };
-		D15358F01F62D43400F297D0 /* HekateDemoViewModel.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = HekateDemoViewModel.swift; sourceTree = "<group>"; };
 		D15C59141F698005006F66FE /* Hekate.modulemap */ = {isa = PBXFileReference; lastKnownFileType = "sourcecode.module-map"; path = Hekate.modulemap; sourceTree = "<group>"; };
 		D19095811F6000A40095729B /* Hekate Demo macOS.app */ = {isa = PBXFileReference; explicitFileType = wrapper.application; includeInIndex = 0; path = "Hekate Demo macOS.app"; sourceTree = BUILT_PRODUCTS_DIR; };
 		D19095831F6000A40095729B /* AppDelegate.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = AppDelegate.swift; sourceTree = "<group>"; };
@@ -304,7 +303,7 @@
 		D19095BF1F60158B0095729B /* DeviceIdentifier+installedDeviceIdentifier_macOS.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "DeviceIdentifier+installedDeviceIdentifier_macOS.swift"; sourceTree = "<group>"; };
 		D19095C11F6019E70095729B /* DeviceIdentifier+installedDeviceIdentifier_iOS.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "DeviceIdentifier+installedDeviceIdentifier_iOS.swift"; sourceTree = "<group>"; };
 		D19095C41F601DEA0095729B /* AppleIncRootCertificate.cer */ = {isa = PBXFileReference; lastKnownFileType = file; path = AppleIncRootCertificate.cer; sourceTree = "<group>"; };
-		D1A46B811F62E26900A390EC /* StoreKitHelper.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = StoreKitHelper.swift; sourceTree = "<group>"; };
+		D1AA845A1F6ABB31007F2558 /* LocalReceiptPropertyValidationTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = LocalReceiptPropertyValidationTests.swift; sourceTree = "<group>"; };
 		D1D430B21F69627600F7F39D /* libcrypto.a */ = {isa = PBXFileReference; lastKnownFileType = archive.ar; path = libcrypto.a; sourceTree = "<group>"; };
 		D1D430B31F69627600F7F39D /* libssl.a */ = {isa = PBXFileReference; lastKnownFileType = archive.ar; path = libssl.a; sourceTree = "<group>"; };
 		D1D430B61F69627600F7F39D /* aes.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = aes.h; sourceTree = "<group>"; };
@@ -634,6 +633,7 @@
 			isa = PBXGroup;
 			children = (
 				D1D6F5411F5D8A3800E86FE1 /* LocalReceiptValidationTests.swift */,
+				D1AA845A1F6ABB31007F2558 /* LocalReceiptPropertyValidationTests.swift */,
 				D150A0ED1F669A880026ED04 /* LocalReceiptValidationInAppPurchaseTests.swift */,
 				D1D6F5481F5D9B1100E86FE1 /* Tools */,
 				D1D6F5431F5D8DBC00E86FE1 /* Test Assets */,
@@ -871,8 +871,6 @@
 			children = (
 				D1D6F4E61F5D691400E86FE1 /* AppDelegate.swift */,
 				D1D6F4E81F5D691400E86FE1 /* ViewController.swift */,
-				D1A46B811F62E26900A390EC /* StoreKitHelper.swift */,
-				D15358F01F62D43400F297D0 /* HekateDemoViewModel.swift */,
 				D1D6F4EA1F5D691400E86FE1 /* Main.storyboard */,
 				D1D6F4ED1F5D691400E86FE1 /* Assets.xcassets */,
 				D1D6F4EF1F5D691400E86FE1 /* LaunchScreen.storyboard */,
@@ -1413,6 +1411,7 @@
 			files = (
 				D190959F1F6000DE0095729B /* TestAssetLoading.swift in Sources */,
 				D19095CD1F601E960095729B /* LocalReceiptValidationTests.swift in Sources */,
+				D1AA845D1F6ABB59007F2558 /* LocalReceiptPropertyValidationTests.swift in Sources */,
 				D150A0EF1F669A880026ED04 /* LocalReceiptValidationInAppPurchaseTests.swift in Sources */,
 				D150A0F01F67E0990026ED04 /* Date+Convenience.swift in Sources */,
 			);
@@ -1424,6 +1423,7 @@
 			files = (
 				D19095C71F601E580095729B /* TestAssetLoading.swift in Sources */,
 				D19095CE1F601E980095729B /* LocalReceiptValidationTests.swift in Sources */,
+				D1AA845C1F6ABB59007F2558 /* LocalReceiptPropertyValidationTests.swift in Sources */,
 				D150A0EE1F669A880026ED04 /* LocalReceiptValidationInAppPurchaseTests.swift in Sources */,
 				D150A0F11F67E0990026ED04 /* Date+Convenience.swift in Sources */,
 			);
@@ -1465,10 +1465,8 @@
 			isa = PBXSourcesBuildPhase;
 			buildActionMask = 2147483647;
 			files = (
-				D1A46B821F62E26900A390EC /* StoreKitHelper.swift in Sources */,
 				D1D6F4E91F5D691400E86FE1 /* ViewController.swift in Sources */,
 				D1D6F4E71F5D691400E86FE1 /* AppDelegate.swift in Sources */,
-				D15358F11F62D43400F297D0 /* HekateDemoViewModel.swift in Sources */,
 			);
 			runOnlyForDeploymentPostprocessing = 0;
 		};

Hekate/Hekate/LocalReceiptValidator+Parameters.swift

@@ -11,15 +11,37 @@ import Foundation
 public extension LocalReceiptValidator {
 
     /// Describes how to validate a receipt, and how/where to obtain the dependencies (receipt, deviceIdentifier, apple root certificate)
-    /// Use .allSteps to initialize the standard parameters.
+    /// Use .default to initialize the standard parameters. By default, no `propertyValidations` are active.
     public struct Parameters {
 
+        // MARK: - Properties
+
         public var receiptOrigin: ReceiptOrigin = .installedInMainBundle
         public var shouldValidateSignaturePresence: Bool = true
         public var shouldValidateSignatureAuthenticity: Bool = true
         public var shouldValidateHash: Bool = true
         public var deviceIdentifier: DeviceIdentifier = .currentDevice
-        public let rootCertificateOrigin: RootCertificateOrigin = .cerFileBundledWithHekate
+        public var rootCertificateOrigin: RootCertificateOrigin = .cerFileBundledWithHekate
+        public var propertyValidations: [PropertyValidation] = []
+
+        // MARK: - Lifecycle
+
+        /// Or use .default to initialize a sensible defaults
+        public init(receiptOrigin: ReceiptOrigin, shouldValidateSignaturePresence: Bool, shouldValidateSignatureAuthenticity: Bool, shouldValidateHash: Bool, deviceIdentifier: DeviceIdentifier, rootCertificateOrigin: RootCertificateOrigin, propertyValidations: [PropertyValidation]) {
+            self.receiptOrigin = receiptOrigin
+            self.shouldValidateSignaturePresence = shouldValidateSignaturePresence
+            self.shouldValidateSignatureAuthenticity = shouldValidateSignatureAuthenticity
+            self.shouldValidateHash = shouldValidateHash
+            self.deviceIdentifier = deviceIdentifier
+            self.rootCertificateOrigin = rootCertificateOrigin
+        }
+
+        /// Either use `.default` to get a default preset, or specify everything via the complete init(…) with all parameters.
+        private init() {}
+
+        public static var `default`: Parameters {
+            return Parameters()
+        }
 
         /// Configure an instance with a block
         public func with(block: (inout Parameters) -> Void) -> Parameters {
@@ -27,24 +49,17 @@ public extension LocalReceiptValidator {
             block(&copy)
             return copy
         }
-
-        /// Use .allSteps to initialize
-        private init() {}
-
-        public static var allSteps: Parameters {
-            return Parameters()
-        }
     }
 }
 
 // MARK: - ReceiptOrigin
 
-/// Used for obtaining the receipt data to parse or validate.
-///
-/// - installedInMainBundle: Loads it from Bundle.main.appStoreReceiptURL.
-/// - data: Loads specific data.
 extension LocalReceiptValidator.Parameters {
 
+    /// Used for obtaining the receipt data to parse or validate.
+    ///
+    /// - installedInMainBundle: Loads it from Bundle.main.appStoreReceiptURL.
+    /// - data: Loads specific data.
     public enum ReceiptOrigin {
 
         case installedInMainBundle
@@ -66,12 +81,12 @@ extension LocalReceiptValidator.Parameters {
 
 // MARK: - DeviceIdentifier
 
-/// Used for calculating/validating the SHA1-Hash part of a receipt.
-///
-/// - currentDevice: Obtains it from the system location: MAC Adress on macOS, deviceIdentifierForVendor on iOS
-/// - data: Specific Data to use
 public extension LocalReceiptValidator.Parameters {
 
+    /// Used for calculating/validating the SHA1-Hash part of a receipt.
+    ///
+    /// - currentDevice: Obtains it from the system location: MAC Adress on macOS, deviceIdentifierForVendor on iOS
+    /// - data: Specific Data to use
     public enum DeviceIdentifier {
 
         case currentDevice
@@ -103,12 +118,12 @@ public extension LocalReceiptValidator.Parameters {
 
 // MARK: - RootCertificateOrigin
 
-/// Instructs how to find the Apple root certificate for receipt validation.
-///
-/// - cerFileBundledWithHekate: Uses the "AppleIncRootCertificate.cer" bundled with Hekate
-/// - data: Specific Data to use
 extension LocalReceiptValidator.Parameters {
 
+    /// Instructs how to find the Apple root certificate for receipt validation.
+    ///
+    /// - cerFileBundledWithHekate: Uses the "AppleIncRootCertificate.cer" bundled with Hekate
+    /// - data: Specific Data to use
     public enum RootCertificateOrigin {
         case cerFileBundledWithHekate
         case data(Data)
@@ -127,6 +142,70 @@ extension LocalReceiptValidator.Parameters {
     private class BundleToken {}
 }
 
+// MARK: - PropertyValidation
+
+extension LocalReceiptValidator.Parameters {
+
+    /// Compares a String property of a receipt with an info dictionary entry or a provided value.
+    ///
+    /// Apple recommends comparing against hard coded values. Note the platform dependence of `Receipt.appVersion`.
+    ///
+    /// See convieniences `bundleIdMatchingMainBundle`, `appVersionMatchingMainBundleIOS`, and `appVersionMatchingMainBundleMacOS`.
+    ///
+    /// - string: Compare a property with a hardcoded string (as recommended by apple)
+    public enum PropertyValidation {
+
+        case string(KeyPath<Receipt, String?>, expected: String?)
+
+        /// Compares the receipts bundle id with the main bundle's info plist CFBundleIdentifier.
+        public static var bundleIdMatchingMainBundle: PropertyValidation {
+            return compareWithMainBundle(receiptProperty: \Receipt.bundleIdentifier, infoDictionaryKey: String(kCFBundleIdentifierKey))
+        }
+
+        /// Compares the receipts appVersion with the main bundle's info plist CFBundleVersionString, as adequate for iOS
+        public static var appVersionMatchingMainBundleIOS: PropertyValidation {
+            return compareWithMainBundle(receiptProperty: \Receipt.appVersion, infoDictionaryKey: String(kCFBundleVersionKey))
+        }
+
+        /// Compares the receipts appVersion with the main bundle's info plist CFBundleShortVersionString, as adequate for macOS
+        public static var appVersionMatchingMainBundleMacOS: PropertyValidation {
+            return compareWithMainBundle(receiptProperty: \Receipt.appVersion, infoDictionaryKey: "CFBundleShortVersionString")
+        }
+
+        private static func compareWithMainBundle(receiptProperty: KeyPath<Receipt, String?>, infoDictionaryKey: String) -> PropertyValidation {
+            let expected = Bundle.main.infoDictionary?[infoDictionaryKey] as? String
+            return .string(receiptProperty, expected: expected)
+        }
+
+        // MARK: Validation Execution
+
+        /// Validates a receipts property. May throw Error.couldNotGetExpectedPropertyValue or Error.propertyValueMismatch.
+        public func validateProperty(of receipt: Receipt) throws {
+            let expected = self.getExpectedValue()
+
+            if self.propertyValue(of: receipt) != expected {
+                throw LocalReceiptValidator.Error.propertyValueMismatch
+            }
+        }
+
+        // MARK: Value and Expected Value
+
+        private func propertyValue(of receipt: Receipt) -> String? {
+            switch self {
+            case .string(let keyPath, _):
+                return receipt[keyPath: keyPath]
+            }
+        }
+
+        private func getExpectedValue() -> String? {
+            switch self {
+            case .string(_, let expected):
+                return expected
+            }
+        }
+    }
+}
+
 // MARK: - UUID + data
 
 extension UUID {

Hekate/Hekate/LocalReceiptValidator.swift

@@ -8,7 +8,6 @@
 
 import Foundation
 import Hekate.OpenSSL
-import StoreKit
 
 /// Apple guide: https://developer.apple.com/library/content/releasenotes/General/ValidateAppStoreReceipt/Introduction.html
 ///
@@ -24,16 +23,15 @@ public struct LocalReceiptValidator {
 
     // MARK: - Local Receipt Validation
 
-    /// Validates a local receipt and returns the result using the parameters `LocalReceiptValidator.Parameters.allSteps`, which can be further configured in the passed block.
-    public func validateReceipt(configuration: (inout Parameters) -> Void) -> Result {
-        return validateReceipt(parameters: Parameters.allSteps.with(block: configuration))
-    }
-
     /// Validates a local receipt and returns the result using the passed parameters.
-    public func validateReceipt(parameters: Parameters = Parameters.allSteps) -> Result {
+    public func validateReceipt(parameters: Parameters = Parameters.default) -> Result {
+        var data: Data?
+        var deviceIdData: Data?
         do {
+            deviceIdData = parameters.deviceIdentifier.getData()
             guard let receiptData = parameters.receiptOrigin.loadData() else { throw Error.couldNotFindReceipt }
 
+            data = receiptData
             let receiptContainer = try self.extractPKCS7Container(data: receiptData)
 
             if parameters.shouldValidateSignaturePresence {
@@ -44,17 +42,26 @@ public struct LocalReceiptValidator {
 
                 try self.checkSignatureAuthenticity(pkcs7: receiptContainer, appleRootCertificateData: appleRootCertificateData)
             }
-            let parsedReceipt = try parseReceipt(pkcs7: receiptContainer)
+
+            let receipt = try self.parseReceipt(pkcs7: receiptContainer)
+
+            try self.validateProperties(receipt: receipt, validations: parameters.propertyValidations)
 
             if parameters.shouldValidateHash {
-                guard let deviceIdentifierData = parameters.deviceIdentifier.getData() else { throw Error.deviceIdentifierNotDeterminable }
+                guard let deviceIdentifierData = deviceIdData else { throw Error.deviceIdentifierNotDeterminable }
 
-                try self.validateHash(receipt: parsedReceipt, deviceIdentifierData: deviceIdentifierData)
+                try self.validateHash(receipt: receipt, deviceIdentifierData: deviceIdentifierData)
             }
-            return .success(parsedReceipt)
+            return .success(receipt, receiptData: receiptData, deviceIdentifier: deviceIdData)
         } catch {
             assert(error is LocalReceiptValidator.Error)
-            return .error(error as? LocalReceiptValidator.Error ?? .unknown)
+            return .error(error as? LocalReceiptValidator.Error ?? .unknown, receiptData: data, deviceIdentifier: deviceIdData)
+        }
+    }
+
+    public func validateProperties(receipt: Receipt, validations: [Parameters.PropertyValidation]) throws {
+        for validation in validations {
+            try validation.validateProperty(of: receipt)
         }
     }
 
@@ -86,7 +93,7 @@ public struct LocalReceiptValidator {
 private extension LocalReceiptValidator {
 
     func validateHash(receipt: Receipt, deviceIdentifierData: Data) throws {
-        // Make sure that the ParsedReceipt instances has non-nil values needed for hash comparison
+        // Make sure that the Receipt instances has non-nil values needed for hash comparison
         guard let receiptOpaqueValueData = receipt.opaqueValue else { throw Error.incorrectHash }
         guard let receiptBundleIdData = receipt.bundleIdData else { throw Error.incorrectHash }
         guard let receiptHashData = receipt.sha1Hash else { throw Error.incorrectHash }
@@ -185,65 +192,64 @@ private extension LocalReceiptValidator {
         guard let contents = pkcs7.pkcs7.pointee.d.sign.pointee.contents, let octets = contents.pointee.d.data else { throw Error.malformedReceipt }
         guard let initialPointer = UnsafePointer(octets.pointee.data) else { throw Error.malformedReceipt }
         let length = Int(octets.pointee.length)
-        var parsedReceipt = Receipt()
+        var receipt = Receipt()
 
         try self.parseASN1Set(pointer: initialPointer, length: length) { attributeType, value in
             guard let attribute = KnownReceiptAttribute(rawValue: attributeType) else { return }
 
             switch attribute {
             case .bundleIdentifier:
-                parsedReceipt.bundleIdData = value.dataValue
-                parsedReceipt.bundleIdentifier = value.unwrappedStringValue
+                receipt.bundleIdData = value.dataValue
+                receipt.bundleIdentifier = value.unwrappedStringValue
             case .appVersion:
-                parsedReceipt.appVersion = value.unwrappedStringValue
+                receipt.appVersion = value.unwrappedStringValue
             case .opaqueValue:
-                parsedReceipt.opaqueValue = value.dataValue
+                receipt.opaqueValue = value.dataValue
             case .sha1Hash:
-                parsedReceipt.sha1Hash = value.dataValue
+                receipt.sha1Hash = value.dataValue
             case .inAppPurchaseReceipts:
                 guard let pointer = value.valuePointer else { break }
 
                 let iapReceipt = try parseInAppPurchaseReceipt(pointer: pointer, length: value.length)
-                parsedReceipt.inAppPurchaseReceipts.append(iapReceipt)
+                receipt.inAppPurchaseReceipts.append(iapReceipt)
             case .receiptCreationDate:
-                parsedReceipt.receiptCreationDate = value.unwrappedDateValue
+                receipt.receiptCreationDate = value.unwrappedDateValue
             case .originalAppVersion:
-                parsedReceipt.originalAppVersion = value.unwrappedStringValue
+                receipt.originalAppVersion = value.unwrappedStringValue
             case .expirationDate:
-                parsedReceipt.expirationDate = value.unwrappedDateValue
-                break
+                receipt.expirationDate = value.unwrappedDateValue
             }
         }
-        return parsedReceipt
+        return receipt
     }
 
     private func parseInAppPurchaseReceipt(pointer: UnsafePointer<UInt8>, length: Int) throws -> InAppPurchaseReceipt {
-        var parsedInAppPurchaseReceipt = InAppPurchaseReceipt()
+        var inAppPurchaseReceipt = InAppPurchaseReceipt()
         try self.parseASN1Set(pointer: pointer, length: length) { attributeType, value in
             guard let attribute = KnownInAppPurchaseAttribute(rawValue: attributeType) else { return }
 
             switch attribute {
             case .quantity:
-                parsedInAppPurchaseReceipt.quantity = value.intValue
+                inAppPurchaseReceipt.quantity = value.intValue
             case .productIdentifier:
-                parsedInAppPurchaseReceipt.productIdentifier = value.unwrappedStringValue
+                inAppPurchaseReceipt.productIdentifier = value.unwrappedStringValue
             case .transactionIdentifier:
-                parsedInAppPurchaseReceipt.transactionIdentifier = value.unwrappedStringValue
+                inAppPurchaseReceipt.transactionIdentifier = value.unwrappedStringValue
             case .originalTransactionIdentifier:
-                parsedInAppPurchaseReceipt.originalTransactionIdentifier = value.unwrappedStringValue
+                inAppPurchaseReceipt.originalTransactionIdentifier = value.unwrappedStringValue
             case .purchaseDate:
-                parsedInAppPurchaseReceipt.purchaseDate = value.unwrappedDateValue
+                inAppPurchaseReceipt.purchaseDate = value.unwrappedDateValue
             case .originalPurchaseDate:
-                parsedInAppPurchaseReceipt.originalPurchaseDate = value.unwrappedDateValue
+                inAppPurchaseReceipt.originalPurchaseDate = value.unwrappedDateValue
             case .subscriptionExpirationDate:
-                parsedInAppPurchaseReceipt.subscriptionExpirationDate = value.unwrappedDateValue
+                inAppPurchaseReceipt.subscriptionExpirationDate = value.unwrappedDateValue
             case .cancellationDate:
-                parsedInAppPurchaseReceipt.cancellationDate = value.unwrappedDateValue
+                inAppPurchaseReceipt.cancellationDate = value.unwrappedDateValue
             case .webOrderLineItemId:
-                parsedInAppPurchaseReceipt.webOrderLineItemId = value.intValue
+                inAppPurchaseReceipt.webOrderLineItemId = value.intValue
             }
         }
-        return parsedInAppPurchaseReceipt
+        return inAppPurchaseReceipt
     }
 
     private func parseASN1Set(pointer initialPointer: UnsafePointer<UInt8>, length: Int, valueAttributeAction: (_ attributeType: Int32, _ value: ASN1Object) throws -> Void) throws {
@@ -276,7 +282,7 @@ private extension LocalReceiptValidator {
 
 private extension LocalReceiptValidator {
 
-    /// See ParsedReceipt.swift for details and a link to Apple reference
+    /// See Receipt.swift for details and a link to Apple reference
     enum KnownReceiptAttribute: Int32 {
         case bundleIdentifier = 2
         case appVersion = 3
@@ -295,7 +301,7 @@ private extension LocalReceiptValidator {
         // - and of unknown type 14(L=3), 25(L=3), 11(L=4), 13(L=4), 1(L=6), 9(L=6), 16(L=6), 15(L=8), 7(L=66), 6(L=69 variable)
     }
 
-    /// See ParsedReceipt.swift for details and a link to Apple reference
+    /// See Receipt.swift for details and a link to Apple reference
     enum KnownInAppPurchaseAttribute: Int32 {
         case quantity = 1701
         case productIdentifier = 1702
@@ -315,12 +321,12 @@ extension LocalReceiptValidator {
 
     public enum Result {
 
-        case success(Receipt)
-        case error(LocalReceiptValidator.Error)
+        case success(Receipt, receiptData: Data, deviceIdentifier: Data?)
+        case error(LocalReceiptValidator.Error, receiptData: Data?, deviceIdentifier: Data?)
 
         public var receipt: Receipt? {
             switch self {
-            case .success(let receipt):
+            case .success(let receipt, _, _):
                 return receipt
             case .error:
                 return nil
@@ -331,10 +337,30 @@ extension LocalReceiptValidator {
             switch self {
             case .success:
                 return nil
-            case .error(let error):
+            case .error(let error, _, _):
                 return error
             }
         }
+
+        /// The receipt data if it could be loaded
+        public var receiptData: Data? {
+            switch self {
+            case .success(_, let data, _):
+                return data
+            case .error(_, let data, _):
+                return data
+            }
+        }
+
+        /// The device identifier if it could be determined
+        public var deviceIdentifier: Data? {
+            switch self {
+            case .success(_, _, let data):
+                return data
+            case .error(_, _, let data):
+                return data
+            }
+        }
     }
 }
 
@@ -353,6 +379,8 @@ extension LocalReceiptValidator {
         case incorrectHash
         case deviceIdentifierNotDeterminable
         case malformedAppleRootCertificate
+        case couldNotGetExpectedPropertyValue
+        case propertyValueMismatch
         case unknown
     }
 }

Hekate/Hekate/Receipt.swift

@@ -20,7 +20,7 @@ public struct Receipt {
     /// The app’s bundle identifier as bytes, used, with other data, to compute the SHA-1 hash during validation.
     public internal(set) var bundleIdData: Data?
 
-    /// The app’s version number.
+    /// The app’s version number. **This is platform dependent!**
     /// This corresponds to the value of `CFBundleVersion` (in iOS) or `CFBundleShortVersionString` (in macOS) in the Info.plist.
     /// ASN.1 Field Type 3.
     public internal(set) var appVersion: String?
@@ -76,7 +76,7 @@ extension Receipt: AutoEquatable {}
 
 // MARK: - CustomStringConvertible
 
-extension Receipt: CustomStringConvertible {
+extension Receipt: CustomStringConvertible, CustomDebugStringConvertible {
 
     public var description: String {
         let formatter = StringFormatter()
@@ -91,11 +91,15 @@ extension Receipt: CustomStringConvertible {
             ("expirationDate", formatter.format(self.expirationDate)),
             ("inAppPurchaseReceipts", formatter.format(self.inAppPurchaseReceipts))
         ]
-        return "ParsedReceipt(\n" + formatter.format(props) + "\n)"
+        return "Receipt(\n" + formatter.format(props) + "\n)"
+    }
+
+    public var debugDescription: String {
+        return description
     }
 }
 
-// MARK: - ParsedInAppPurchaseReceipt
+// MARK: - InAppPurchaseReceipt
 
 /// An In-App-Purchase Receipt as Parsed from a receipt file.
 ///
@@ -169,7 +173,7 @@ public struct InAppPurchaseReceipt {
     /// This value is a unique ID that identifies purchase events across devices, including subscription renewal purchase events.
     public internal(set) var webOrderLineItemId: Int?
 
-    /// For documentation see ParsedInAppPurchaseReceipt itself.
+    /// For documentation see InAppPurchaseReceipt itself.
     public init(quantity: Int?, productIdentifier: String?, transactionIdentifier: String?, originalTransactionIdentifier: String?, purchaseDate: Date?, originalPurchaseDate: Date?, subscriptionExpirationDate: Date?, cancellationDate: Date?, webOrderLineItemId: Int?) {
         self.quantity = quantity
         self.productIdentifier = productIdentifier
@@ -191,7 +195,7 @@ extension InAppPurchaseReceipt: AutoEquatable {}
 
 // MARK: - CustomStringConvertible
 
-extension InAppPurchaseReceipt: CustomStringConvertible {
+extension InAppPurchaseReceipt: CustomStringConvertible, CustomDebugStringConvertible {
 
     public var description: String {
         let formatter = StringFormatter()
@@ -206,7 +210,11 @@ extension InAppPurchaseReceipt: CustomStringConvertible {
             ("cancellationDate", formatter.format(self.cancellationDate)),
             ("webOrderLineItemId", formatter.format(self.webOrderLineItemId))
         ]
-        return "ParsedInAppPurchaseReceipt(\n" + formatter.format(props) + "\n)"
+        return "InAppPurchaseReceipt(\n" + formatter.format(props) + "\n)"
+    }
+
+    public var debugDescription: String {
+        return description
     }
 }
 

Hekate/Sourcery/Generated/AutoEquatable.generated.swift

@@ -1,7 +1,6 @@
-// Generated using Sourcery 0.8.0 — https://github.com/krzysztofzablocki/Sourcery
+// Generated using Sourcery 0.9.0 — https://github.com/krzysztofzablocki/Sourcery
 // DO NOT EDIT
 
-// swiftlint:disable file_length
 private func compareOptionals<T>(lhs: T?, rhs: T?, compare: (_ lhs: T, _ rhs: T) -> Bool) -> Bool {
     switch (lhs, rhs) {
     case let (lValue?, rValue?):
@@ -23,7 +22,7 @@ private func compareArrays<T>(lhs: [T], rhs: [T], compare: (_ lhs: T, _ rhs: T)
 }
 
 // MARK: - AutoEquatable for classes, protocols, structs
-// MARK: - ParsedInAppPurchaseReceipt AutoEquatable
+// MARK: - InAppPurchaseReceipt AutoEquatable
 extension InAppPurchaseReceipt: Equatable {}
 public func == (lhs: InAppPurchaseReceipt, rhs: InAppPurchaseReceipt) -> Bool {
     guard compareOptionals(lhs: lhs.quantity, rhs: rhs.quantity, compare: ==) else { return false }
@@ -37,7 +36,7 @@ public func == (lhs: InAppPurchaseReceipt, rhs: InAppPurchaseReceipt) -> Bool {
     guard compareOptionals(lhs: lhs.webOrderLineItemId, rhs: rhs.webOrderLineItemId, compare: ==) else { return false }
     return true
 }
-// MARK: - ParsedReceipt AutoEquatable
+// MARK: - Receipt AutoEquatable
 extension Receipt: Equatable {}
 public func == (lhs: Receipt, rhs: Receipt) -> Bool {
     guard compareOptionals(lhs: lhs.bundleIdentifier, rhs: rhs.bundleIdentifier, compare: ==) else { return false }

README.md

@@ -1,28 +1,129 @@
 # Hekate
 
-An iOS and macOS project intended for dealing with App Store receipts.
+An iOS and macOS project intended for dealing with App Store receipts, offering basic local retrieval, validation and parsing of receipt files.
+
 [Hekate](https://en.wikipedia.org/wiki/Hecate) is the goddess of magic, crossroads, ghosts, and necromancy.
 
+## Integration
+
+Use carthage `github "IdeasOnCanvas/Hekate"`.
+
+## Usage
+
+### Just parsing a receipt
+
+```swift
+let receiptValidator = LocalReceiptValidator()
+
+let installedReceipt = receiptValidator.parseReceipt(origin: .installedInMainBundle)
+
+let customReceipt = receiptValidator.parseReceipt(origin: .data(dataFromSomewhere))
+```
+
+### Validating a receipt's signature and hash
+
+```swift
+// Full validation of signature and hash based on installed receipt
+let result = receiptValidator.validateReceipt()
+
+switch result {
+    case .success(let receipt):
+    print("receipt validated and parsed: \(receipt)")    
+    case .error(let validationError):
+    print("not valid? \(validationError)")
+}
+```
+
+### Customize validation dependencies or steps
+
+Take `LocalReceiptValidator.Parameters.default` and customize it, then pass it to `validateReceipt(parameters:)`, like so:
+
+```swift
+// Customizing validation parameters with configuration block, base on .default
+let parameters = LocalReceiptValidator.Parameters.default.with {
+    $0.receiptOrigin = .data(myData)
+    $0.shouldValidateSignaturePresence = false // skip signature presence validation
+    $0.shouldValidateSignatureAuthenticity = false // skip signature authenticity validation
+    $0.shouldValidateHash = false // skip hash validation
+    $0.deviceIdentifier = .data(myCustomDeviceIdentifierData)
+    $0.rootCertificateOrigin = .data(myAppleRootCertData)
+
+    // validate some string properties, this can also be done 
+    // independently with validateProperties(receipt:, validations:)
+    // There are also shorthands for comparing with main bundle's 
+    // info.plist, e.g. bundleIdMatchingMainBundle and friends.
+    // Note that appVersion meaning is platform specific.
+    $0.propertyValidations = [
+        .string(\.bundleIdentifier, expected: "my.bundle.identifier"),
+        .string(\.appVersion, expected: "123"),
+        .string(\.originalAppVersion, expected: "1")
+    ]
+}
+
+let result = LocalReceiptValidator().validate(parameters: parameters)
+
+switch result {
+    case .success(let receipt):
+    print("receipt validated and parsed: \(receipt)")
+    case .error(let validationError):
+    print("not valid? \(validationError)")
+}
+```
+
+## Note
+
+This framework currently doesn't 
+
+- deal with StoreKit at all.
+- the demo targets are pretty useless
+
+The receipt file might not exist at all. See resources.
+
+## How it Works
+
+### Hekate Uses OpenSSL
+
+OpenSSL is used for pkcs7 container parsing and signature validation, and then for parsing the ASN1 payload of the pkcs7, which contains the receipts attributes.
+
+## Other Options
+
+#### Alternatives to PKCS7 of OpenSSL
+
+- `Security.framework` - `CMSDecoder` for PKCS7 interaction only available on macOS
+- `BoringSSL` instead of OpenSSL, Pod, only available on iOS (?)
+
+#### Alternatives to ASN1 of OpenSSL
+
+- [decoding-asn1-der-sequences-in-swift](http://nspasteboard.com/2016/10/23/decoding-asn1-der-sequences-in-swift/) implemented [here](https://gist.github.com/Jugale/2daaec0715d4f6d7347534d42bfa7110)
+- [Asn1Parser.swift](https://github.com/TakeScoop/SwiftyRSA/blob/03250be7319d8c54159234e5258ead395ea4de4c/SwiftyRSA/Asn1Parser.swift)
+
+#### Validation Server to Server
+An app can send its receipt file to a backend from where Apples receipt API can be called. See Resources.
+
+Advantages doing it locally:
+
+- Works Offline
+- Validation mechanisms can be adjusted
+- Can be parsed without validation
+
 ## Resources
 
 - [Apple guide](https://developer.apple.com/library/content/releasenotes/General/ValidateAppStoreReceipt/Introduction.html)
 - [objc.io guide](https://www.objc.io/issues/17-security/receipt-validation/)
-- [Andrew Bancroft complete guide](https://www.andrewcbancroft.com/2017/08/01/local-receipt-validation-swift-start-finish/), or directly [ReceiptValidator.swift](https://github.com/andrewcbancroft/SwiftyLocalReceiptValidator/blob/master/ReceiptValidator.swift)
+- [Andrew Bancroft complete guide](https://www.andrewcbancroft.com/2017/08/01/local-receipt-validation-swift-start-finish/), or directly [ReceiptValidator.swift](https://github.com/andrewcbancroft/SwiftyLocalReceiptValidator/blob/master/ReceiptValidator.swift). This is what the Hekate implementation is loosely based on.
 - [OpenSSL-Universal Pod](https://github.com/krzyzanowskim/OpenSSL)
 - WWDC 2013 - 308 Using Receipts to Protect Your Digital Sales
 - WWDC 2014 - 305 Preventing Unauthorized Purchases with Receipts
 - WWDC 2016 - 702 Using Store Kit for In-App Purchases with Swift 3
-- WWDC 2017 - 304 What's New in Storekit
+- **WWDC 2017 - 304 What's New in Storekit**
 - **WWDC 2017 - 305 Advanced StoreKit**: Receipt checking and it's internals
+- [nsomar about Module Maps 1](http://nsomar.com/project-and-private-headers-in-a-swift-and-objective-c-framework/)
+- [nsomar about Module Maps 2](http://nsomar.com/modular-framework-creating-and-using-them/)
 
-## Other Options
-
-#### Alternatives to PKCS7 of OpenSSL
-- `Security.framework` - `CMSDecoder` for PKCS7 interaction only available on macOS
-- `BoringSSL` instead of OpenSSL, Pod, only available on iOS
-
-#### Alternatives to ASN1 of OpenSSL
-- [decoding-asn1-der-sequences-in-swift](http://nspasteboard.com/2016/10/23/decoding-asn1-der-sequences-in-swift/) implemented [here](https://gist.github.com/Jugale/2daaec0715d4f6d7347534d42bfa7110)
-- [Asn1Parser.swift](https://github.com/TakeScoop/SwiftyRSA/blob/03250be7319d8c54159234e5258ead395ea4de4c/SwiftyRSA/Asn1Parser.swift)
-
+## Updating OpenSSL
 
+1. build or find prebuilt static libraries for iOS and macOS. They can for example be obtained from the [OpenSSL-Universal Pod](https://github.com/krzyzanowskim/OpenSSL).
+2. Replace the openssl related `.a` and `.h` files in the project
+3. When copying from the pod, make sure the .h files use direct includes like `#include "asn1.h"` instead of `#include "<OpenSSL/ans1.h>"` (use regex batch replace)
+4. Make sure the openssl related headers are in the *private* headers of the framework Hekate iOS and Hekate macOS targets respectively
+5. Make sure the openssl related headers are listed in the [Hekate.modulemap](Hekate/Hekate/Supporting%20Files/Hekate.modulemap) file