Sample code for 30+ languages & platforms
DataFlex

Validate a .pkpass Archive

See more Digital Signatures Examples

Opens a .pkpass archive (which is just a .zip renamed to .pkpass) and validates the contents. The hashes in the manifest are compared with the computed hash values for each individual file. If all computed hash values match, then the signature is verified.

Chilkat DataFlex Downloads

DataFlex
Use ChilkatAx-win32.pkg

Procedure Test
    Boolean iSuccess
    Handle hoCrypt
    Handle hoZip
    Variant vEnt
    Handle hoEnt
    Variant vBdManifest
    Handle hoBdManifest
    Handle hoJson
    Boolean iSomeHashesFailed
    String sFilename
    Handle hoSbHashHex
    Variant vBdFileData
    Handle hoBdFileData
    Integer iNumMembers
    Integer i
    String sComputedHashHex
    Variant vBdSignature
    Handle hoBdSignature
    Boolean iVerified
    String sTemp1
    Boolean bTemp1

    Move False To iSuccess

    // This example assumes the Chilkat API to have been previously unlocked.
    // See Global Unlock Sample for sample code.

    Get Create (RefClass(cComChilkatCrypt2)) To hoCrypt
    If (Not(IsComObjectCreated(hoCrypt))) Begin
        Send CreateComObject of hoCrypt
    End
    Get Create (RefClass(cComChilkatZip)) To hoZip
    If (Not(IsComObjectCreated(hoZip))) Begin
        Send CreateComObject of hoZip
    End

    Get ComOpenZip Of hoZip "qa_data/pkpass/invalid.pkpass" To iSuccess
    If (iSuccess = False) Begin
        Get ComLastErrorText Of hoZip To sTemp1
        Showln sTemp1
        Procedure_Return
    End

    // Get the contents of the manifest.json file, which contains something like this:

    // {
    //   "icon.png" : "0296b01347b3173e98438a003b0e88986340b2d8",
    //   "logo.png" : "25de09e2d3b01ce1fe00c2ca9a90a2be1aaa05cf",
    //   "icon@2x.png" : "5afd9585b08c65fdf105a90c8bd643407cba2787",
    //   "pass.json" : "145ea5a5db784fff485126c77ecf7a1fc2a88ee7",
    //   "strip@2x.png" : "468fa7bc93e6b55342b56fda09bdce7c829d7d46",
    //   "strip.png" : "736d01f84cb73d06e8a9932e43076d68f19461ff"
    // }

    Get Create (RefClass(cComChilkatZipEntry)) To hoEnt
    If (Not(IsComObjectCreated(hoEnt))) Begin
        Send CreateComObject of hoEnt
    End
    Get pvComObject of hoEnt to vEnt
    Get ComEntryOf Of hoZip "manifest.json" vEnt To iSuccess
    If (iSuccess = False) Begin
        Get ComLastErrorText Of hoZip To sTemp1
        Showln sTemp1
        Procedure_Return
    End

    // Get the exact content of the manifest.json for later signature verification.
    Get Create (RefClass(cComChilkatBinData)) To hoBdManifest
    If (Not(IsComObjectCreated(hoBdManifest))) Begin
        Send CreateComObject of hoBdManifest
    End
    Get pvComObject of hoBdManifest to vBdManifest
    Get ComUnzipToBd Of hoEnt vBdManifest To iSuccess

    Get Create (RefClass(cComChilkatJsonObject)) To hoJson
    If (Not(IsComObjectCreated(hoJson))) Begin
        Send CreateComObject of hoJson
    End
    Set ComEmitCompact Of hoJson To False
    Get ComUnzipToString Of hoEnt 0 "utf-8" To sTemp1
    Get ComLoad Of hoJson sTemp1 To iSuccess
    Get ComEmit Of hoJson To sTemp1
    Showln sTemp1

    // For each file in the JSON, get the filename and hex hash value.
    Set ComEncodingMode Of hoCrypt To "hexlower"
    Set ComHashAlgorithm Of hoCrypt To "sha1"

    Move False To iSomeHashesFailed

    Get Create (RefClass(cComChilkatStringBuilder)) To hoSbHashHex
    If (Not(IsComObjectCreated(hoSbHashHex))) Begin
        Send CreateComObject of hoSbHashHex
    End
    Get Create (RefClass(cComChilkatBinData)) To hoBdFileData
    If (Not(IsComObjectCreated(hoBdFileData))) Begin
        Send CreateComObject of hoBdFileData
    End
    Get ComSize Of hoJson To iNumMembers
    Move 0 To i
    While (i < iNumMembers)
        Get ComNameAt Of hoJson i To sFilename
        Send ComClear To hoSbHashHex
        Get ComStringAt Of hoJson i To sTemp1
        Get ComAppend Of hoSbHashHex sTemp1 To iSuccess

        Get pvComObject of hoEnt to vEnt
        Get ComEntryOf Of hoZip sFilename vEnt To iSuccess
        If (iSuccess = False) Begin
            Get ComLastErrorText Of hoZip To sTemp1
            Showln sTemp1
            Procedure_Return
        End

        // Get the data for this file.
        Get ComClear Of hoBdFileData To iSuccess
        Get pvComObject of hoBdFileData to vBdFileData
        Get ComUnzipToBd Of hoEnt vBdFileData To iSuccess

        Get pvComObject of hoBdFileData to vBdFileData
        Get ComHashBdENC Of hoCrypt vBdFileData To sComputedHashHex
        Get ComContentsEqual Of hoSbHashHex sComputedHashHex False To bTemp1
        If (bTemp1 = False) Begin
            Showln "Computed hash does not match stored hash for " sFilename
            Showln "  computed: " sComputedHashHex
            Get ComGetAsString Of hoSbHashHex To sTemp1
            Showln "  stored:   " sTemp1
            Move True To iSomeHashesFailed
        End
        Else Begin
            Showln "hash verified for " sFilename "(" sComputedHashHex ")"
        End

        Move (i + 1) To i
    Loop

    If (iSomeHashesFailed = True) Begin
        Showln "Some hashes failed."
        Procedure_Return
    End

    // Let's verify the signature..
    // First get the signature.
    Get pvComObject of hoEnt to vEnt
    Get ComEntryOf Of hoZip "signature" vEnt To iSuccess
    If (iSuccess = False) Begin
        Get ComLastErrorText Of hoZip To sTemp1
        Showln sTemp1
        Procedure_Return
    End

    Get Create (RefClass(cComChilkatBinData)) To hoBdSignature
    If (Not(IsComObjectCreated(hoBdSignature))) Begin
        Send CreateComObject of hoBdSignature
    End
    Get pvComObject of hoBdSignature to vBdSignature
    Get ComUnzipToBd Of hoEnt vBdSignature To iSuccess

    // Show the contents of the signature in base64 encoding.
    Showln "Signature:"
    Get ComGetEncoded Of hoBdSignature "base64_mime" To sTemp1
    Showln sTemp1
    Showln "----"

    // Verify the signature against the manifest.json
    Set ComEncodingMode Of hoCrypt To "base64"
    Get pvComObject of hoBdManifest to vBdManifest
    Get ComGetEncoded Of hoBdSignature "base64" To sTemp1
    Get ComVerifyBdENC Of hoCrypt vBdManifest sTemp1 To iVerified
    If (iVerified = False) Begin
        Get ComLastErrorText Of hoCrypt To sTemp1
        Showln sTemp1
    End

    Showln "signature verified = " iVerified


End_Procedure