(PHP ActiveX) Sign Manifest File to Generate a Passbook .pkpass file

Demonstrates how to create a Passbook .pkpass archive by creating a signature of a manifest file and then zipping to a .pkpass archive.

Note: Chilkat also has the capability to do everything in-memory (no files would be involved). If this is of interest, please send email to support@chilkatsoft.com

Note: This example requires Chilkat v9.5.0.75.

Chilkat ActiveX Downloads ActiveX for 32-bit and 64-bit Windows Note: The php_com_dotnet.dll may need to be enabled inside of php.ini.

<?php

// Note: Requires Chilkat v9.5.0.75 or greater.

// This requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.

// ---------------------------------------------------------------------------------------------
// Note: Chilkat also has the capability to do everything in-memory (no files would be involved).  
// See this example:  Sign Manifest File to Generate a Passbook .pkpass in Memory
// ---------------------------------------------------------------------------------------------

// First create the manifest.json

// For versions of Chilkat < 10.0.0, use new COM('Chilkat_9_5_0.Chilkat.JsonObject')
$manifest = new COM("Chilkat.JsonObject");
// For versions of Chilkat < 10.0.0, use new COM('Chilkat_9_5_0.Chilkat.Crypt2')
$crypt = new COM("Chilkat.Crypt2");

// For versions of Chilkat < 10.0.0, use new COM('Chilkat_9_5_0.Chilkat.Zip')
$zip = new COM("Chilkat.Zip");
$zip->NewZip('qa_data/p7s/pass-wallet/example.pkpass');
// Set the AppendFromDir property to prevent that relative paths from being stored in the .pkpass archive.
$zip->AppendFromDir = 'qa_data/p7s/pass-wallet/';

$crypt->HashAlgorithm = 'sha1';
// Return hashes as lowercase hex.
$crypt->EncodingMode = 'hexlower';

$filePath = 'qa_data/p7s/pass-wallet/icon.png';
$fileHash = $crypt->hashFileENC($filePath);
$zip->AppendOneFileOrDir('icon.png',0);
$manifest->UpdateString('\'icon.png\'',$fileHash);

$filePath = 'qa_data/p7s/pass-wallet/icon@2x.png';
$fileHash = $crypt->hashFileENC($filePath);
$zip->AppendOneFileOrDir('icon@2x.png',0);
$manifest->UpdateString('\'icon@2x.png\'',$fileHash);

$filePath = 'qa_data/p7s/pass-wallet/logo.png';
$fileHash = $crypt->hashFileENC($filePath);
$zip->AppendOneFileOrDir('logo.png',0);
$manifest->UpdateString('\'logo.png\'',$fileHash);

$filePath = 'qa_data/p7s/pass-wallet/logo@2x.png';
$fileHash = $crypt->hashFileENC($filePath);
$zip->AppendOneFileOrDir('logo@2x.png',0);
$manifest->UpdateString('\'logo@2x.png\'',$fileHash);

$filePath = 'qa_data/p7s/pass-wallet/pass.json';
$fileHash = $crypt->hashFileENC($filePath);
$zip->AppendOneFileOrDir('pass.json',0);
$manifest->UpdateString('\'pass.json\'',$fileHash);

// For versions of Chilkat < 10.0.0, use new COM('Chilkat_9_5_0.Chilkat.StringBuilder')
$sbJson = new COM("Chilkat.StringBuilder");
$manifest->EmitSb($sbJson);
$manifestPath = 'qa_data/p7s/pass-wallet/manifest.json';
$sbJson->WriteFile($manifestPath,'utf-8',0);
$zip->AppendOneFileOrDir('manifest.json',0);

// Make sure we have the Apple WWDR intermediate certificate available for 
// the cert chain in the signature.
// For versions of Chilkat < 10.0.0, use new COM('Chilkat_9_5_0.Chilkat.XmlCertVault')
$certVault = new COM("Chilkat.XmlCertVault");
// For versions of Chilkat < 10.0.0, use new COM('Chilkat_9_5_0.Chilkat.Cert')
$appleWwdrCert = new COM("Chilkat.Cert");
$success = $appleWwdrCert->LoadByCommonName('Apple Worldwide Developer Relations Certification Authority');
if ($success != 1) {
    print 'The Apple WWDR intermediate certificate is not installed.' . "\n";
    print 'It is available at https://developer.apple.com/certificationauthority/AppleWWDRCA.cer' . "\n";
    print 'You may alternatively load the .cer like this...' . "\n";
    $success = $appleWwdrCert->LoadFromFile('qa_data/certs/AppleWWDRCA.cer');
    if ($success != 1) {
        print $appleWwdrCert->LastErrorText . "\n";
        exit;
    }

}

$certVault->AddCert($appleWwdrCert);
$crypt->UseCertVault($certVault);

// Use a digital certificate and private key from a PFX file (.pfx or .p12).
$pfxPath = 'qa_data/pfx/cert_test123.pfx';
$pfxPassword = 'test123';

// For versions of Chilkat < 10.0.0, use new COM('Chilkat_9_5_0.Chilkat.Cert')
$cert = new COM("Chilkat.Cert");
$success = $cert->LoadPfxFile($pfxPath,$pfxPassword);
if ($success != 1) {
    print $cert->LastErrorText . "\n";
    exit;
}

// Provide the signing cert (with associated private key).
$success = $crypt->SetSigningCert($cert);
if ($success != 1) {
    print $crypt->LastErrorText . "\n";
    exit;
}

// Specify the signed attributes to be included.
// (These attributes appear to not be necessary, but we're including
// them just in case they become necessary in the future.)
// For versions of Chilkat < 10.0.0, use new COM('Chilkat_9_5_0.Chilkat.JsonObject')
$jsonSignedAttrs = new COM("Chilkat.JsonObject");
$jsonSignedAttrs->UpdateInt('contentType',1);
$jsonSignedAttrs->UpdateInt('signingTime',1);
$crypt->SigningAttributes = $jsonSignedAttrs->emit();

// Sign the manifest JSON file to produce a file named "signature".
$sigPath = 'qa_data/p7s/pass-wallet/signature';

// Create the "signature" file.
$success = $crypt->CreateP7S($manifestPath,$sigPath);
if ($success == 0) {
    print $crypt->LastErrorText . "\n";
    exit;
}

$zip->AppendOneFileOrDir('signature',0);

// ---------------------------------------------------------------------------------------------
// Note: Chilkat also has the capability to do everything in-memory (no files would be involved).  
// If this is of interest, please send email to support@chilkatsoft.com
// ---------------------------------------------------------------------------------------------

// Create the .pkipass archive (which is a .zip archive containing the required files).
$success = $zip->WriteZipAndClose();
if ($success != 1) {
    print $zip->LastErrorText . "\n";
    exit;
}

print 'Success.' . "\n";

?>