Tcl
Tcl
Sign Manifest File to Generate a Passbook .pkpass file
See more Digital Signatures Examples
Demonstrates how to create a Passbook .pkpass archive by creating a signature of a manifest file and then zipping to a .pkpass archive.Note: Chilkat also has the capability to do everything in-memory (no files would be involved). If this is of interest, please send email to support@chilkatsoft.com
Chilkat Tcl Downloads
load ./chilkat.dll
set success 0
# This requires the Chilkat API to have been previously unlocked.
# See Global Unlock Sample for sample code.
# ---------------------------------------------------------------------------------------------
# Note: Chilkat also has the capability to do everything in-memory (no files would be involved).
# See this example: Sign Manifest File to Generate a Passbook .pkpass in Memory
# ---------------------------------------------------------------------------------------------
# First create the manifest.json
set manifest [new_CkJsonObject]
set crypt [new_CkCrypt2]
set zip [new_CkZip]
CkZip_NewZip $zip "qa_data/p7s/pass-wallet/example.pkpass"
# Set the AppendFromDir property to prevent that relative paths from being stored in the .pkpass archive.
CkZip_put_AppendFromDir $zip "qa_data/p7s/pass-wallet/"
CkCrypt2_put_HashAlgorithm $crypt "sha1"
# Return hashes as lowercase hex.
CkCrypt2_put_EncodingMode $crypt "hexlower"
set filePath "qa_data/p7s/pass-wallet/icon.png"
set fileHash [CkCrypt2_hashFileENC $crypt $filePath]
CkZip_AddFile $zip "icon.png" 0
CkJsonObject_UpdateString $manifest "\"icon.png\"" $fileHash
set filePath "qa_data/p7s/pass-wallet/icon@2x.png"
set fileHash [CkCrypt2_hashFileENC $crypt $filePath]
CkZip_AddFile $zip "icon@2x.png" 0
CkJsonObject_UpdateString $manifest "\"icon@2x.png\"" $fileHash
set filePath "qa_data/p7s/pass-wallet/logo.png"
set fileHash [CkCrypt2_hashFileENC $crypt $filePath]
CkZip_AddFile $zip "logo.png" 0
CkJsonObject_UpdateString $manifest "\"logo.png\"" $fileHash
set filePath "qa_data/p7s/pass-wallet/logo@2x.png"
set fileHash [CkCrypt2_hashFileENC $crypt $filePath]
CkZip_AddFile $zip "logo@2x.png" 0
CkJsonObject_UpdateString $manifest "\"logo@2x.png\"" $fileHash
set filePath "qa_data/p7s/pass-wallet/pass.json"
set fileHash [CkCrypt2_hashFileENC $crypt $filePath]
CkZip_AddFile $zip "pass.json" 0
CkJsonObject_UpdateString $manifest "\"pass.json\"" $fileHash
set sbJson [new_CkStringBuilder]
CkJsonObject_EmitSb $manifest $sbJson
set manifestPath "qa_data/p7s/pass-wallet/manifest.json"
CkStringBuilder_WriteFile $sbJson $manifestPath "utf-8" 0
CkZip_AddFile $zip "manifest.json" 0
# Make sure we have the Apple WWDR intermediate certificate available for
# the cert chain in the signature.
set certVault [new_CkXmlCertVault]
set appleWwdrCert [new_CkCert]
set success [CkCert_LoadByCommonName $appleWwdrCert "Apple Worldwide Developer Relations Certification Authority"]
if {$success != 1} then {
puts "The Apple WWDR intermediate certificate is not installed."
puts "It is available at https://developer.apple.com/certificationauthority/AppleWWDRCA.cer"
puts "You may alternatively load the .cer like this..."
set success [CkCert_LoadFromFile $appleWwdrCert "qa_data/certs/AppleWWDRCA.cer"]
if {$success == 0} then {
puts [CkCert_lastErrorText $appleWwdrCert]
delete_CkJsonObject $manifest
delete_CkCrypt2 $crypt
delete_CkZip $zip
delete_CkStringBuilder $sbJson
delete_CkXmlCertVault $certVault
delete_CkCert $appleWwdrCert
exit
}
}
CkXmlCertVault_AddCert $certVault $appleWwdrCert
CkCrypt2_UseCertVault $crypt $certVault
# Use a digital certificate and private key from a PFX file (.pfx or .p12).
set pfxPath "qa_data/pfx/cert_test123.pfx"
set pfxPassword "test123"
set cert [new_CkCert]
set success [CkCert_LoadPfxFile $cert $pfxPath $pfxPassword]
if {$success == 0} then {
puts [CkCert_lastErrorText $cert]
delete_CkJsonObject $manifest
delete_CkCrypt2 $crypt
delete_CkZip $zip
delete_CkStringBuilder $sbJson
delete_CkXmlCertVault $certVault
delete_CkCert $appleWwdrCert
delete_CkCert $cert
exit
}
# Provide the signing cert (with associated private key).
set success [CkCrypt2_SetSigningCert $crypt $cert]
if {$success == 0} then {
puts [CkCrypt2_lastErrorText $crypt]
delete_CkJsonObject $manifest
delete_CkCrypt2 $crypt
delete_CkZip $zip
delete_CkStringBuilder $sbJson
delete_CkXmlCertVault $certVault
delete_CkCert $appleWwdrCert
delete_CkCert $cert
exit
}
# Specify the signed attributes to be included.
# (These attributes appear to not be necessary, but we're including
# them just in case they become necessary in the future.)
set jsonSignedAttrs [new_CkJsonObject]
CkJsonObject_UpdateInt $jsonSignedAttrs "contentType" 1
CkJsonObject_UpdateInt $jsonSignedAttrs "signingTime" 1
CkCrypt2_put_SigningAttributes $crypt [CkJsonObject_emit $jsonSignedAttrs]
# Sign the manifest JSON file to produce a file named "signature".
set sigPath "qa_data/p7s/pass-wallet/signature"
# Create the "signature" file.
set success [CkCrypt2_CreateP7S $crypt $manifestPath $sigPath]
if {$success == 0} then {
puts [CkCrypt2_lastErrorText $crypt]
delete_CkJsonObject $manifest
delete_CkCrypt2 $crypt
delete_CkZip $zip
delete_CkStringBuilder $sbJson
delete_CkXmlCertVault $certVault
delete_CkCert $appleWwdrCert
delete_CkCert $cert
delete_CkJsonObject $jsonSignedAttrs
exit
}
CkZip_AddFile $zip "signature" 0
# ---------------------------------------------------------------------------------------------
# Note: Chilkat also has the capability to do everything in-memory (no files would be involved).
# If this is of interest, please send email to support@chilkatsoft.com
# ---------------------------------------------------------------------------------------------
# Create the .pkipass archive (which is a .zip archive containing the required files).
set success [CkZip_WriteZipAndClose $zip]
if {$success == 0} then {
puts [CkZip_lastErrorText $zip]
delete_CkJsonObject $manifest
delete_CkCrypt2 $crypt
delete_CkZip $zip
delete_CkStringBuilder $sbJson
delete_CkXmlCertVault $certVault
delete_CkCert $appleWwdrCert
delete_CkCert $cert
delete_CkJsonObject $jsonSignedAttrs
exit
}
puts "Success."
delete_CkJsonObject $manifest
delete_CkCrypt2 $crypt
delete_CkZip $zip
delete_CkStringBuilder $sbJson
delete_CkXmlCertVault $certVault
delete_CkCert $appleWwdrCert
delete_CkCert $cert
delete_CkJsonObject $jsonSignedAttrs