Sample code for 30+ languages & platforms
PHP Extension

Sign Manifest File to Generate a Passbook .pkpass file

See more Digital Signatures Examples

Demonstrates how to create a Passbook .pkpass archive by creating a signature of a manifest file and then zipping to a .pkpass archive.

Note: Chilkat also has the capability to do everything in-memory (no files would be involved). If this is of interest, please send email to support@chilkatsoft.com

Chilkat PHP Extension Downloads

PHP Extension
<?php

include("chilkat.php");

$success = false;

// This requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.

// ---------------------------------------------------------------------------------------------
// Note: Chilkat also has the capability to do everything in-memory (no files would be involved).  
// See this example:  Sign Manifest File to Generate a Passbook .pkpass in Memory
// ---------------------------------------------------------------------------------------------

// First create the manifest.json

$manifest = new CkJsonObject();
$crypt = new CkCrypt2();

$zip = new CkZip();
$zip->NewZip('qa_data/p7s/pass-wallet/example.pkpass');
// Set the AppendFromDir property to prevent that relative paths from being stored in the .pkpass archive.
$zip->put_AppendFromDir('qa_data/p7s/pass-wallet/');

$crypt->put_HashAlgorithm('sha1');
// Return hashes as lowercase hex.
$crypt->put_EncodingMode('hexlower');

$filePath = 'qa_data/p7s/pass-wallet/icon.png';
$fileHash = $crypt->hashFileENC($filePath);
$zip->AddFile('icon.png',false);
$manifest->UpdateString('\'icon.png\'',$fileHash);

$filePath = 'qa_data/p7s/pass-wallet/icon@2x.png';
$fileHash = $crypt->hashFileENC($filePath);
$zip->AddFile('icon@2x.png',false);
$manifest->UpdateString('\'icon@2x.png\'',$fileHash);

$filePath = 'qa_data/p7s/pass-wallet/logo.png';
$fileHash = $crypt->hashFileENC($filePath);
$zip->AddFile('logo.png',false);
$manifest->UpdateString('\'logo.png\'',$fileHash);

$filePath = 'qa_data/p7s/pass-wallet/logo@2x.png';
$fileHash = $crypt->hashFileENC($filePath);
$zip->AddFile('logo@2x.png',false);
$manifest->UpdateString('\'logo@2x.png\'',$fileHash);

$filePath = 'qa_data/p7s/pass-wallet/pass.json';
$fileHash = $crypt->hashFileENC($filePath);
$zip->AddFile('pass.json',false);
$manifest->UpdateString('\'pass.json\'',$fileHash);

$sbJson = new CkStringBuilder();
$manifest->EmitSb($sbJson);
$manifestPath = 'qa_data/p7s/pass-wallet/manifest.json';
$sbJson->WriteFile($manifestPath,'utf-8',false);
$zip->AddFile('manifest.json',false);

// Make sure we have the Apple WWDR intermediate certificate available for 
// the cert chain in the signature.
$certVault = new CkXmlCertVault();
$appleWwdrCert = new CkCert();
$success = $appleWwdrCert->LoadByCommonName('Apple Worldwide Developer Relations Certification Authority');
if ($success != true) {
    print 'The Apple WWDR intermediate certificate is not installed.' . "\n";
    print 'It is available at https://developer.apple.com/certificationauthority/AppleWWDRCA.cer' . "\n";
    print 'You may alternatively load the .cer like this...' . "\n";
    $success = $appleWwdrCert->LoadFromFile('qa_data/certs/AppleWWDRCA.cer');
    if ($success == false) {
        print $appleWwdrCert->lastErrorText() . "\n";
        exit;
    }

}

$certVault->AddCert($appleWwdrCert);
$crypt->UseCertVault($certVault);

// Use a digital certificate and private key from a PFX file (.pfx or .p12).
$pfxPath = 'qa_data/pfx/cert_test123.pfx';
$pfxPassword = 'test123';

$cert = new CkCert();
$success = $cert->LoadPfxFile($pfxPath,$pfxPassword);
if ($success == false) {
    print $cert->lastErrorText() . "\n";
    exit;
}

// Provide the signing cert (with associated private key).
$success = $crypt->SetSigningCert($cert);
if ($success == false) {
    print $crypt->lastErrorText() . "\n";
    exit;
}

// Specify the signed attributes to be included.
// (These attributes appear to not be necessary, but we're including
// them just in case they become necessary in the future.)
$jsonSignedAttrs = new CkJsonObject();
$jsonSignedAttrs->UpdateInt('contentType',1);
$jsonSignedAttrs->UpdateInt('signingTime',1);
$crypt->put_SigningAttributes($jsonSignedAttrs->emit());

// Sign the manifest JSON file to produce a file named "signature".
$sigPath = 'qa_data/p7s/pass-wallet/signature';

// Create the "signature" file.
$success = $crypt->CreateP7S($manifestPath,$sigPath);
if ($success == false) {
    print $crypt->lastErrorText() . "\n";
    exit;
}

$zip->AddFile('signature',false);

// ---------------------------------------------------------------------------------------------
// Note: Chilkat also has the capability to do everything in-memory (no files would be involved).  
// If this is of interest, please send email to support@chilkatsoft.com
// ---------------------------------------------------------------------------------------------

// Create the .pkipass archive (which is a .zip archive containing the required files).
$success = $zip->WriteZipAndClose();
if ($success == false) {
    print $zip->lastErrorText() . "\n";
    exit;
}

print 'Success.' . "\n";

?>