(Swift) Sign Manifest File to Generate a Passbook .pkpass file

Demonstrates how to create a Passbook .pkpass archive by creating a signature of a manifest file and then zipping to a .pkpass archive.

Note: Chilkat also has the capability to do everything in-memory (no files would be involved). If this is of interest, please send email to support@chilkatsoft.com

Note: This example requires Chilkat v9.5.0.75.

Chilkat Downloads for the Swift Programming Language MAC OS X (Cocoa) Objective-C/Swift Libs iOS Objective-C/Swift Libs

func chilkatTest() {
    // Note: Requires Chilkat v9.5.0.75 or greater.

    // This requires the Chilkat API to have been previously unlocked.
    // See Global Unlock Sample for sample code.

    // ---------------------------------------------------------------------------------------------
    // Note: Chilkat also has the capability to do everything in-memory (no files would be involved).  
    // See this example:  Sign Manifest File to Generate a Passbook .pkpass in Memory
    // ---------------------------------------------------------------------------------------------

    // First create the manifest.json
    var success: Bool
    let manifest = CkoJsonObject()!
    let crypt = CkoCrypt2()!

    let zip = CkoZip()!
    zip.newZip("qa_data/p7s/pass-wallet/example.pkpass")
    // Set the AppendFromDir property to prevent that relative paths from being stored in the .pkpass archive.
    zip.appendFromDir = "qa_data/p7s/pass-wallet/"

    crypt.hashAlgorithm = "sha1"
    // Return hashes as lowercase hex.
    crypt.encodingMode = "hexlower"

    var fileHash: String?
    var filePath: String?
    filePath = "qa_data/p7s/pass-wallet/icon.png"
    fileHash = crypt.hashFileENC(filePath)
    zip.appendOneFileOrDir("icon.png", saveExtraPath: false)
    manifest.update("\"icon.png\"", value: fileHash)

    filePath = "qa_data/p7s/pass-wallet/icon@2x.png"
    fileHash = crypt.hashFileENC(filePath)
    zip.appendOneFileOrDir("icon@2x.png", saveExtraPath: false)
    manifest.update("\"icon@2x.png\"", value: fileHash)

    filePath = "qa_data/p7s/pass-wallet/logo.png"
    fileHash = crypt.hashFileENC(filePath)
    zip.appendOneFileOrDir("logo.png", saveExtraPath: false)
    manifest.update("\"logo.png\"", value: fileHash)

    filePath = "qa_data/p7s/pass-wallet/logo@2x.png"
    fileHash = crypt.hashFileENC(filePath)
    zip.appendOneFileOrDir("logo@2x.png", saveExtraPath: false)
    manifest.update("\"logo@2x.png\"", value: fileHash)

    filePath = "qa_data/p7s/pass-wallet/pass.json"
    fileHash = crypt.hashFileENC(filePath)
    zip.appendOneFileOrDir("pass.json", saveExtraPath: false)
    manifest.update("\"pass.json\"", value: fileHash)

    let sbJson = CkoStringBuilder()!
    manifest.emitSb(sbJson)
    var manifestPath: String? = "qa_data/p7s/pass-wallet/manifest.json"
    sbJson.writeFile(manifestPath, charset: "utf-8", emitBom: false)
    zip.appendOneFileOrDir("manifest.json", saveExtraPath: false)

    // Make sure we have the Apple WWDR intermediate certificate available for 
    // the cert chain in the signature.
    let certVault = CkoXmlCertVault()!
    let appleWwdrCert = CkoCert()!
    success = appleWwdrCert.load(byCommonName: "Apple Worldwide Developer Relations Certification Authority")
    if success != true {
        print("The Apple WWDR intermediate certificate is not installed.")
        print("It is available at https://developer.apple.com/certificationauthority/AppleWWDRCA.cer")
        print("You may alternatively load the .cer like this...")
        success = appleWwdrCert.load(fromFile: "qa_data/certs/AppleWWDRCA.cer")
        if success != true {
            print("\(appleWwdrCert.lastErrorText!)")
            return
        }

    }

    certVault.add(appleWwdrCert)
    crypt.use(certVault)

    // Use a digital certificate and private key from a PFX file (.pfx or .p12).
    var pfxPath: String? = "qa_data/pfx/cert_test123.pfx"
    var pfxPassword: String? = "test123"

    let cert = CkoCert()!
    success = cert.loadPfxFile(pfxPath, password: pfxPassword)
    if success != true {
        print("\(cert.lastErrorText!)")
        return
    }

    // Provide the signing cert (with associated private key).
    success = crypt.setSigning(cert)
    if success != true {
        print("\(crypt.lastErrorText!)")
        return
    }

    // Specify the signed attributes to be included.
    // (These attributes appear to not be necessary, but we're including
    // them just in case they become necessary in the future.)
    let jsonSignedAttrs = CkoJsonObject()!
    jsonSignedAttrs.updateInt("contentType", value: 1)
    jsonSignedAttrs.updateInt("signingTime", value: 1)
    crypt.signingAttributes = jsonSignedAttrs.emit()

    // Sign the manifest JSON file to produce a file named "signature".
    var sigPath: String? = "qa_data/p7s/pass-wallet/signature"

    // Create the "signature" file.
    success = crypt.createP7S(manifestPath, p7sPath: sigPath)
    if success == false {
        print("\(crypt.lastErrorText!)")
        return
    }

    zip.appendOneFileOrDir("signature", saveExtraPath: false)

    // ---------------------------------------------------------------------------------------------
    // Note: Chilkat also has the capability to do everything in-memory (no files would be involved).  
    // If this is of interest, please send email to support@chilkatsoft.com
    // ---------------------------------------------------------------------------------------------

    // Create the .pkipass archive (which is a .zip archive containing the required files).
    success = zip.writeAndClose()
    if success != true {
        print("\(zip.lastErrorText!)")
        return
    }

    print("Success.")

}