(Objective-C) Sign Manifest File to Generate a Passbook .pkpass file

Demonstrates how to create a Passbook .pkpass archive by creating a signature of a manifest file and then zipping to a .pkpass archive.

Note: Chilkat also has the capability to do everything in-memory (no files would be involved). If this is of interest, please send email to support@chilkatsoft.com

Note: This example requires Chilkat v9.5.0.75.

Chilkat Objective-C Library Downloads MAC OS X (Cocoa) Libs iOS Libs

#import <CkoJsonObject.h>
#import <CkoCrypt2.h>
#import <CkoZip.h>
#import <NSString.h>
#import <CkoStringBuilder.h>
#import <CkoXmlCertVault.h>
#import <CkoCert.h>

// Note: Requires Chilkat v9.5.0.75 or greater.

// This requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.

// ---------------------------------------------------------------------------------------------
// Note: Chilkat also has the capability to do everything in-memory (no files would be involved).  
// See this example:  Sign Manifest File to Generate a Passbook .pkpass in Memory
// ---------------------------------------------------------------------------------------------

// First create the manifest.json
BOOL success;
CkoJsonObject *manifest = [[CkoJsonObject alloc] init];
CkoCrypt2 *crypt = [[CkoCrypt2 alloc] init];

CkoZip *zip = [[CkoZip alloc] init];
[zip NewZip: @"qa_data/p7s/pass-wallet/example.pkpass"];
// Set the AppendFromDir property to prevent that relative paths from being stored in the .pkpass archive.
zip.AppendFromDir = @"qa_data/p7s/pass-wallet/";

crypt.HashAlgorithm = @"sha1";
// Return hashes as lowercase hex.
crypt.EncodingMode = @"hexlower";

NSString *fileHash = 0;
NSString *filePath = 0;
filePath = @"qa_data/p7s/pass-wallet/icon.png";
fileHash = [crypt HashFileENC: filePath];
[zip AppendOneFileOrDir: @"icon.png" saveExtraPath: NO];
[manifest UpdateString: @"\"icon.png\"" value: fileHash];

filePath = @"qa_data/p7s/pass-wallet/icon@2x.png";
fileHash = [crypt HashFileENC: filePath];
[zip AppendOneFileOrDir: @"icon@2x.png" saveExtraPath: NO];
[manifest UpdateString: @"\"icon@2x.png\"" value: fileHash];

filePath = @"qa_data/p7s/pass-wallet/logo.png";
fileHash = [crypt HashFileENC: filePath];
[zip AppendOneFileOrDir: @"logo.png" saveExtraPath: NO];
[manifest UpdateString: @"\"logo.png\"" value: fileHash];

filePath = @"qa_data/p7s/pass-wallet/logo@2x.png";
fileHash = [crypt HashFileENC: filePath];
[zip AppendOneFileOrDir: @"logo@2x.png" saveExtraPath: NO];
[manifest UpdateString: @"\"logo@2x.png\"" value: fileHash];

filePath = @"qa_data/p7s/pass-wallet/pass.json";
fileHash = [crypt HashFileENC: filePath];
[zip AppendOneFileOrDir: @"pass.json" saveExtraPath: NO];
[manifest UpdateString: @"\"pass.json\"" value: fileHash];

CkoStringBuilder *sbJson = [[CkoStringBuilder alloc] init];
[manifest EmitSb: sbJson];
NSString *manifestPath = @"qa_data/p7s/pass-wallet/manifest.json";
[sbJson WriteFile: manifestPath charset: @"utf-8" emitBom: NO];
[zip AppendOneFileOrDir: @"manifest.json" saveExtraPath: NO];

// Make sure we have the Apple WWDR intermediate certificate available for 
// the cert chain in the signature.
CkoXmlCertVault *certVault = [[CkoXmlCertVault alloc] init];
CkoCert *appleWwdrCert = [[CkoCert alloc] init];
success = [appleWwdrCert LoadByCommonName: @"Apple Worldwide Developer Relations Certification Authority"];
if (success != YES) {
    NSLog(@"%@",@"The Apple WWDR intermediate certificate is not installed.");
    NSLog(@"%@",@"It is available at https://developer.apple.com/certificationauthority/AppleWWDRCA.cer");
    NSLog(@"%@",@"You may alternatively load the .cer like this...");
    success = [appleWwdrCert LoadFromFile: @"qa_data/certs/AppleWWDRCA.cer"];
    if (success != YES) {
        NSLog(@"%@",appleWwdrCert.LastErrorText);
        return;
    }

}

[certVault AddCert: appleWwdrCert];
[crypt UseCertVault: certVault];

// Use a digital certificate and private key from a PFX file (.pfx or .p12).
NSString *pfxPath = @"qa_data/pfx/cert_test123.pfx";
NSString *pfxPassword = @"test123";

CkoCert *cert = [[CkoCert alloc] init];
success = [cert LoadPfxFile: pfxPath password: pfxPassword];
if (success != YES) {
    NSLog(@"%@",cert.LastErrorText);
    return;
}

// Provide the signing cert (with associated private key).
success = [crypt SetSigningCert: cert];
if (success != YES) {
    NSLog(@"%@",crypt.LastErrorText);
    return;
}

// Specify the signed attributes to be included.
// (These attributes appear to not be necessary, but we're including
// them just in case they become necessary in the future.)
CkoJsonObject *jsonSignedAttrs = [[CkoJsonObject alloc] init];
[jsonSignedAttrs UpdateInt: @"contentType" value: [NSNumber numberWithInt: 1]];
[jsonSignedAttrs UpdateInt: @"signingTime" value: [NSNumber numberWithInt: 1]];
crypt.SigningAttributes = [jsonSignedAttrs Emit];

// Sign the manifest JSON file to produce a file named "signature".
NSString *sigPath = @"qa_data/p7s/pass-wallet/signature";

// Create the "signature" file.
success = [crypt CreateP7S: manifestPath p7sPath: sigPath];
if (success == NO) {
    NSLog(@"%@",crypt.LastErrorText);
    return;
}

[zip AppendOneFileOrDir: @"signature" saveExtraPath: NO];

// ---------------------------------------------------------------------------------------------
// Note: Chilkat also has the capability to do everything in-memory (no files would be involved).  
// If this is of interest, please send email to support@chilkatsoft.com
// ---------------------------------------------------------------------------------------------

// Create the .pkipass archive (which is a .zip archive containing the required files).
success = [zip WriteZipAndClose];
if (success != YES) {
    NSLog(@"%@",zip.LastErrorText);
    return;
}

NSLog(@"%@",@"Success.");