Sample code for 30+ languages & platforms
Unicode C++

Sign Manifest File to Generate a Passbook .pkpass file

See more Digital Signatures Examples

Demonstrates how to create a Passbook .pkpass archive by creating a signature of a manifest file and then zipping to a .pkpass archive.

Note: Chilkat also has the capability to do everything in-memory (no files would be involved). If this is of interest, please send email to support@chilkatsoft.com

Chilkat Unicode C++ Downloads

Unicode C++
#include <CkJsonObjectW.h>
#include <CkCrypt2W.h>
#include <CkZipW.h>
#include <CkStringBuilderW.h>
#include <CkXmlCertVaultW.h>
#include <CkCertW.h>

void ChilkatSample(void)
    {
    bool success = false;

    // This requires the Chilkat API to have been previously unlocked.
    // See Global Unlock Sample for sample code.

    // ---------------------------------------------------------------------------------------------
    // Note: Chilkat also has the capability to do everything in-memory (no files would be involved).  
    // See this example:  Sign Manifest File to Generate a Passbook .pkpass in Memory
    // ---------------------------------------------------------------------------------------------

    // First create the manifest.json

    CkJsonObjectW manifest;
    CkCrypt2W crypt;

    CkZipW zip;
    zip.NewZip(L"qa_data/p7s/pass-wallet/example.pkpass");
    // Set the AppendFromDir property to prevent that relative paths from being stored in the .pkpass archive.
    zip.put_AppendFromDir(L"qa_data/p7s/pass-wallet/");

    crypt.put_HashAlgorithm(L"sha1");
    // Return hashes as lowercase hex.
    crypt.put_EncodingMode(L"hexlower");

    const wchar_t *fileHash = 0;
    const wchar_t *filePath = 0;
    filePath = L"qa_data/p7s/pass-wallet/icon.png";
    fileHash = crypt.hashFileENC(filePath);
    zip.AddFile(L"icon.png",false);
    manifest.UpdateString(L"\"icon.png\"",fileHash);

    filePath = L"qa_data/p7s/pass-wallet/icon@2x.png";
    fileHash = crypt.hashFileENC(filePath);
    zip.AddFile(L"icon@2x.png",false);
    manifest.UpdateString(L"\"icon@2x.png\"",fileHash);

    filePath = L"qa_data/p7s/pass-wallet/logo.png";
    fileHash = crypt.hashFileENC(filePath);
    zip.AddFile(L"logo.png",false);
    manifest.UpdateString(L"\"logo.png\"",fileHash);

    filePath = L"qa_data/p7s/pass-wallet/logo@2x.png";
    fileHash = crypt.hashFileENC(filePath);
    zip.AddFile(L"logo@2x.png",false);
    manifest.UpdateString(L"\"logo@2x.png\"",fileHash);

    filePath = L"qa_data/p7s/pass-wallet/pass.json";
    fileHash = crypt.hashFileENC(filePath);
    zip.AddFile(L"pass.json",false);
    manifest.UpdateString(L"\"pass.json\"",fileHash);

    CkStringBuilderW sbJson;
    manifest.EmitSb(sbJson);
    const wchar_t *manifestPath = L"qa_data/p7s/pass-wallet/manifest.json";
    sbJson.WriteFile(manifestPath,L"utf-8",false);
    zip.AddFile(L"manifest.json",false);

    // Make sure we have the Apple WWDR intermediate certificate available for 
    // the cert chain in the signature.
    CkXmlCertVaultW certVault;
    CkCertW appleWwdrCert;
    success = appleWwdrCert.LoadByCommonName(L"Apple Worldwide Developer Relations Certification Authority");
    if (success != true) {
        wprintf(L"The Apple WWDR intermediate certificate is not installed.\n");
        wprintf(L"It is available at https://developer.apple.com/certificationauthority/AppleWWDRCA.cer\n");
        wprintf(L"You may alternatively load the .cer like this...\n");
        success = appleWwdrCert.LoadFromFile(L"qa_data/certs/AppleWWDRCA.cer");
        if (success == false) {
            wprintf(L"%s\n",appleWwdrCert.lastErrorText());
            return;
        }

    }

    certVault.AddCert(appleWwdrCert);
    crypt.UseCertVault(certVault);

    // Use a digital certificate and private key from a PFX file (.pfx or .p12).
    const wchar_t *pfxPath = L"qa_data/pfx/cert_test123.pfx";
    const wchar_t *pfxPassword = L"test123";

    CkCertW cert;
    success = cert.LoadPfxFile(pfxPath,pfxPassword);
    if (success == false) {
        wprintf(L"%s\n",cert.lastErrorText());
        return;
    }

    // Provide the signing cert (with associated private key).
    success = crypt.SetSigningCert(cert);
    if (success == false) {
        wprintf(L"%s\n",crypt.lastErrorText());
        return;
    }

    // Specify the signed attributes to be included.
    // (These attributes appear to not be necessary, but we're including
    // them just in case they become necessary in the future.)
    CkJsonObjectW jsonSignedAttrs;
    jsonSignedAttrs.UpdateInt(L"contentType",1);
    jsonSignedAttrs.UpdateInt(L"signingTime",1);
    crypt.put_SigningAttributes(jsonSignedAttrs.emit());

    // Sign the manifest JSON file to produce a file named "signature".
    const wchar_t *sigPath = L"qa_data/p7s/pass-wallet/signature";

    // Create the "signature" file.
    success = crypt.CreateP7S(manifestPath,sigPath);
    if (success == false) {
        wprintf(L"%s\n",crypt.lastErrorText());
        return;
    }

    zip.AddFile(L"signature",false);

    // ---------------------------------------------------------------------------------------------
    // Note: Chilkat also has the capability to do everything in-memory (no files would be involved).  
    // If this is of interest, please send email to support@chilkatsoft.com
    // ---------------------------------------------------------------------------------------------

    // Create the .pkipass archive (which is a .zip archive containing the required files).
    success = zip.WriteZipAndClose();
    if (success == false) {
        wprintf(L"%s\n",zip.lastErrorText());
        return;
    }

    wprintf(L"Success.\n");
    }