Sample code for 30+ languages & platforms
Delphi DLL

Sign Manifest File to Generate a Passbook .pkpass file

See more Digital Signatures Examples

Demonstrates how to create a Passbook .pkpass archive by creating a signature of a manifest file and then zipping to a .pkpass archive.

Note: Chilkat also has the capability to do everything in-memory (no files would be involved). If this is of interest, please send email to support@chilkatsoft.com

Chilkat Delphi DLL Downloads

Delphi DLL
uses
    Winapi.Windows, Winapi.Messages, System.SysUtils, System.Variants, System.Classes, Vcl.Graphics,
    Vcl.Controls, Vcl.Forms, Vcl.Dialogs, Vcl.StdCtrls, Zip, StringBuilder, JsonObject, XmlCertVault, Cert, Crypt2;

...

procedure TForm1.Button1Click(Sender: TObject);
var
success: Boolean;
manifest: HCkJsonObject;
crypt: HCkCrypt2;
zip: HCkZip;
fileHash: PWideChar;
filePath: PWideChar;
sbJson: HCkStringBuilder;
manifestPath: PWideChar;
certVault: HCkXmlCertVault;
appleWwdrCert: HCkCert;
pfxPath: PWideChar;
pfxPassword: PWideChar;
cert: HCkCert;
jsonSignedAttrs: HCkJsonObject;
sigPath: PWideChar;

begin
success := False;

// This requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.

// ---------------------------------------------------------------------------------------------
// Note: Chilkat also has the capability to do everything in-memory (no files would be involved).  
// See this example:  Sign Manifest File to Generate a Passbook .pkpass in Memory
// ---------------------------------------------------------------------------------------------

// First create the manifest.json

manifest := CkJsonObject_Create();
crypt := CkCrypt2_Create();

zip := CkZip_Create();
CkZip_NewZip(zip,'qa_data/p7s/pass-wallet/example.pkpass');
// Set the AppendFromDir property to prevent that relative paths from being stored in the .pkpass archive.
CkZip_putAppendFromDir(zip,'qa_data/p7s/pass-wallet/');

CkCrypt2_putHashAlgorithm(crypt,'sha1');
// Return hashes as lowercase hex.
CkCrypt2_putEncodingMode(crypt,'hexlower');

filePath := 'qa_data/p7s/pass-wallet/icon.png';
fileHash := CkCrypt2__hashFileENC(crypt,filePath);
CkZip_AddFile(zip,'icon.png',False);
CkJsonObject_UpdateString(manifest,'"icon.png"',fileHash);

filePath := 'qa_data/p7s/pass-wallet/icon@2x.png';
fileHash := CkCrypt2__hashFileENC(crypt,filePath);
CkZip_AddFile(zip,'icon@2x.png',False);
CkJsonObject_UpdateString(manifest,'"icon@2x.png"',fileHash);

filePath := 'qa_data/p7s/pass-wallet/logo.png';
fileHash := CkCrypt2__hashFileENC(crypt,filePath);
CkZip_AddFile(zip,'logo.png',False);
CkJsonObject_UpdateString(manifest,'"logo.png"',fileHash);

filePath := 'qa_data/p7s/pass-wallet/logo@2x.png';
fileHash := CkCrypt2__hashFileENC(crypt,filePath);
CkZip_AddFile(zip,'logo@2x.png',False);
CkJsonObject_UpdateString(manifest,'"logo@2x.png"',fileHash);

filePath := 'qa_data/p7s/pass-wallet/pass.json';
fileHash := CkCrypt2__hashFileENC(crypt,filePath);
CkZip_AddFile(zip,'pass.json',False);
CkJsonObject_UpdateString(manifest,'"pass.json"',fileHash);

sbJson := CkStringBuilder_Create();
CkJsonObject_EmitSb(manifest,sbJson);
manifestPath := 'qa_data/p7s/pass-wallet/manifest.json';
CkStringBuilder_WriteFile(sbJson,manifestPath,'utf-8',False);
CkZip_AddFile(zip,'manifest.json',False);

// Make sure we have the Apple WWDR intermediate certificate available for 
// the cert chain in the signature.
certVault := CkXmlCertVault_Create();
appleWwdrCert := CkCert_Create();
success := CkCert_LoadByCommonName(appleWwdrCert,'Apple Worldwide Developer Relations Certification Authority');
if (success <> True) then
  begin
    Memo1.Lines.Add('The Apple WWDR intermediate certificate is not installed.');
    Memo1.Lines.Add('It is available at https://developer.apple.com/certificationauthority/AppleWWDRCA.cer');
    Memo1.Lines.Add('You may alternatively load the .cer like this...');
    success := CkCert_LoadFromFile(appleWwdrCert,'qa_data/certs/AppleWWDRCA.cer');
    if (success = False) then
      begin
        Memo1.Lines.Add(CkCert__lastErrorText(appleWwdrCert));
        Exit;
      end;

  end;
CkXmlCertVault_AddCert(certVault,appleWwdrCert);
CkCrypt2_UseCertVault(crypt,certVault);

// Use a digital certificate and private key from a PFX file (.pfx or .p12).
pfxPath := 'qa_data/pfx/cert_test123.pfx';
pfxPassword := 'test123';

cert := CkCert_Create();
success := CkCert_LoadPfxFile(cert,pfxPath,pfxPassword);
if (success = False) then
  begin
    Memo1.Lines.Add(CkCert__lastErrorText(cert));
    Exit;
  end;

// Provide the signing cert (with associated private key).
success := CkCrypt2_SetSigningCert(crypt,cert);
if (success = False) then
  begin
    Memo1.Lines.Add(CkCrypt2__lastErrorText(crypt));
    Exit;
  end;

// Specify the signed attributes to be included.
// (These attributes appear to not be necessary, but we're including
// them just in case they become necessary in the future.)
jsonSignedAttrs := CkJsonObject_Create();
CkJsonObject_UpdateInt(jsonSignedAttrs,'contentType',1);
CkJsonObject_UpdateInt(jsonSignedAttrs,'signingTime',1);
CkCrypt2_putSigningAttributes(crypt,CkJsonObject__emit(jsonSignedAttrs));

// Sign the manifest JSON file to produce a file named "signature".
sigPath := 'qa_data/p7s/pass-wallet/signature';

// Create the "signature" file.
success := CkCrypt2_CreateP7S(crypt,manifestPath,sigPath);
if (success = False) then
  begin
    Memo1.Lines.Add(CkCrypt2__lastErrorText(crypt));
    Exit;
  end;

CkZip_AddFile(zip,'signature',False);

// ---------------------------------------------------------------------------------------------
// Note: Chilkat also has the capability to do everything in-memory (no files would be involved).  
// If this is of interest, please send email to support@chilkatsoft.com
// ---------------------------------------------------------------------------------------------

// Create the .pkipass archive (which is a .zip archive containing the required files).
success := CkZip_WriteZipAndClose(zip);
if (success = False) then
  begin
    Memo1.Lines.Add(CkZip__lastErrorText(zip));
    Exit;
  end;

Memo1.Lines.Add('Success.');

CkJsonObject_Dispose(manifest);
CkCrypt2_Dispose(crypt);
CkZip_Dispose(zip);
CkStringBuilder_Dispose(sbJson);
CkXmlCertVault_Dispose(certVault);
CkCert_Dispose(appleWwdrCert);
CkCert_Dispose(cert);
CkJsonObject_Dispose(jsonSignedAttrs);

end;