(Unicode C++) Sign Manifest File to Generate a Passbook .pkpass in Memory

Demonstrates how to create a Passbook .pkpass archive by creating a signature of a manifest file and then zipping to a .pkpass archive in memory

Chilkat C/C++ Library Downloads
MS Visual C/C++ Linux/CentOS C/C++ Alpine Linux C/C++ MAC OS X C/C++	armhf/aarch64 C/C++ C++ Builder iOS C/C++ Android C/C++	Solaris C/C++ MinGW C/C++

#include <CkJsonObjectW.h>
#include <CkCrypt2W.h>
#include <CkZipW.h>
#include <CkBinDataW.h>
#include <CkZipEntryW.h>
#include <CkXmlCertVaultW.h>
#include <CkCertW.h>

void ChilkatSample(void)
    {
    // This requires the Chilkat API to have been previously unlocked.
    // See Global Unlock Sample for sample code.

    // ---------------------------------------------------------------------------------------------
    // This example is the same as Sign Manifest File to Generate a Passbook .pkpass file
    // except everything happens in memory (no input files, no output files)
    // ---------------------------------------------------------------------------------------------

    // First create the manifest.json
    bool success;
    CkJsonObjectW manifest;
    CkCrypt2W crypt;

    CkZipW zip;
    zip.NewZip(L"notUsedAndNeverCreated.zip");

    crypt.put_HashAlgorithm(L"sha1");
    // Return hashes as lowercase hex.
    crypt.put_EncodingMode(L"hexlower");

    const wchar_t *digestStr = 0;

    CkBinDataW pngData;
    // Assume we load the pngData with bytes for "icon.png" from somewhere, such as a byte array in memory.
    CkZipEntryW *entry = zip.AppendBd(L"icon.png",pngData);
    delete entry;
    digestStr = crypt.hashBdENC(pngData);
    manifest.UpdateString(L"\"icon.png\"",digestStr);

    pngData.Clear();
    // Assume we load the pngData with bytes for "icon@2x.png" from somewhere...
    entry = zip.AppendBd(L"icon@2x.png",pngData);
    delete entry;
    digestStr = crypt.hashBdENC(pngData);
    manifest.UpdateString(L"\"icon@2x.png\"",digestStr);

    pngData.Clear();
    // Assume we load the pngData with bytes for "logo.png" from somewhere...
    entry = zip.AppendBd(L"logo.png",pngData);
    delete entry;
    digestStr = crypt.hashBdENC(pngData);
    manifest.UpdateString(L"\"logo.png\"",digestStr);

    pngData.Clear();
    // Assume we load the pngData with bytes for "logo@2x.png" from somewhere...
    entry = zip.AppendBd(L"logo@2x.png",pngData);
    delete entry;
    digestStr = crypt.hashBdENC(pngData);
    manifest.UpdateString(L"\"logo@2x.png\"",digestStr);

    const wchar_t *passJson = L"{ .... }";    //  Contains the contents of pass.json
    entry = zip.AppendString(L"pass.json",passJson);
    delete entry;
    digestStr = crypt.hashStringENC(passJson);
    manifest.UpdateString(L"\"pass.json\"",digestStr);

    entry = zip.AppendString(L"manifest.json",manifest.emit());
    delete entry;

    // Make sure we have the Apple WWDR intermediate certificate available for 
    // the cert chain in the signature.
    CkXmlCertVaultW certVault;
    CkCertW appleWwdrCert;
    success = appleWwdrCert.LoadByCommonName(L"Apple Worldwide Developer Relations Certification Authority");
    if (success != true) {
        wprintf(L"The Apple WWDR intermediate certificate is not installed.\n");
        wprintf(L"It is available at https://developer.apple.com/certificationauthority/AppleWWDRCA.cer\n");
        wprintf(L"You may alternatively load the .cer like this...\n");
        success = appleWwdrCert.LoadFromFile(L"qa_data/certs/AppleWWDRCA.cer");
        if (success != true) {
            wprintf(L"%s\n",appleWwdrCert.lastErrorText());
            return;
        }

    }

    certVault.AddCert(appleWwdrCert);
    crypt.UseCertVault(certVault);

    // Use a digital certificate and private key from a PFX
    CkBinDataW bdPfx;
    // Assume we loaded a PFX into bdPfx....
    const wchar_t *pfxPassword = L"test123";

    CkCertW cert;
    success = cert.LoadPfxBd(bdPfx,pfxPassword);
    if (success != true) {
        wprintf(L"%s\n",cert.lastErrorText());
        return;
    }

    // Provide the signing cert (with associated private key).
    success = crypt.SetSigningCert(cert);
    if (success != true) {
        wprintf(L"%s\n",crypt.lastErrorText());
        return;
    }

    // Specify the signed attributes to be included.
    // (These attributes appear to not be necessary, but we're including
    // them just in case they become necessary in the future.)
    CkJsonObjectW jsonSignedAttrs;
    jsonSignedAttrs.UpdateInt(L"contentType",1);
    jsonSignedAttrs.UpdateInt(L"signingTime",1);
    crypt.put_SigningAttributes(jsonSignedAttrs.emit());

    // Sign the manifest JSON to produce a signature
    crypt.put_EncodingMode(L"base64");
    const wchar_t *sig = crypt.signStringENC(manifest.emit());
    CkBinDataW bdSig;
    bdSig.AppendEncoded(sig,L"base64");
    entry = zip.AppendBd(L"signature",bdSig);
    delete entry;

    // ---------------------------------------------------------------------------------------------
    // Note: Chilkat also has the capability to do everything in-memory (no files would be involved).  
    // If this is of interest, please send email to support@chilkatsoft.com
    // ---------------------------------------------------------------------------------------------

    // Create the .pkipass archive (which is a .zip archive containing the required files).
    // the .zip is written to bdZip
    CkBinDataW bdZip;
    success = zip.WriteBd(bdZip);
    if (success != true) {
        wprintf(L"%s\n",zip.lastErrorText());
        return;
    }

    wprintf(L"Success.\n");
    }