Sample code for 30+ languages & platforms
Unicode C

Sign Manifest File to Generate a Passbook .pkpass in Memory

Demonstrates how to create a Passbook .pkpass archive by creating a signature of a manifest file and then zipping to a .pkpass archive in memory

Chilkat Unicode C Downloads

Unicode C
#include <C_CkJsonObjectW.h>
#include <C_CkCrypt2W.h>
#include <C_CkZipW.h>
#include <C_CkBinDataW.h>
#include <C_CkXmlCertVaultW.h>
#include <C_CkCertW.h>

void ChilkatSample(void)
    {
    BOOL success;
    HCkJsonObjectW manifest;
    HCkCrypt2W crypt;
    HCkZipW zip;
    const wchar_t *digestStr;
    HCkBinDataW pngData;
    const wchar_t *passJson;
    HCkXmlCertVaultW certVault;
    HCkCertW appleWwdrCert;
    HCkBinDataW bdPfx;
    const wchar_t *pfxPassword;
    HCkCertW cert;
    HCkJsonObjectW jsonSignedAttrs;
    const wchar_t *sig;
    HCkBinDataW bdSig;
    HCkBinDataW bdZip;

    success = FALSE;

    // This requires the Chilkat API to have been previously unlocked.
    // See Global Unlock Sample for sample code.

    // ---------------------------------------------------------------------------------------------
    // This example is the same as Sign Manifest File to Generate a Passbook .pkpass file
    // except everything happens in memory (no input files, no output files)
    // ---------------------------------------------------------------------------------------------

    // First create the manifest.json

    manifest = CkJsonObjectW_Create();
    crypt = CkCrypt2W_Create();

    zip = CkZipW_Create();
    CkZipW_NewZip(zip,L"notUsedAndNeverCreated.zip");

    CkCrypt2W_putHashAlgorithm(crypt,L"sha1");
    // Return hashes as lowercase hex.
    CkCrypt2W_putEncodingMode(crypt,L"hexlower");

    pngData = CkBinDataW_Create();
    // Assume we load the pngData with bytes for "icon.png" from somewhere, such as a byte array in memory.
    CkZipW_AddBd(zip,L"icon.png",pngData);
    digestStr = CkCrypt2W_hashBdENC(crypt,pngData);
    CkJsonObjectW_UpdateString(manifest,L"\"icon.png\"",digestStr);

    CkBinDataW_Clear(pngData);
    // Assume we load the pngData with bytes for "icon@2x.png" from somewhere...
    CkZipW_AddBd(zip,L"icon@2x.png",pngData);
    digestStr = CkCrypt2W_hashBdENC(crypt,pngData);
    CkJsonObjectW_UpdateString(manifest,L"\"icon@2x.png\"",digestStr);

    CkBinDataW_Clear(pngData);
    // Assume we load the pngData with bytes for "logo.png" from somewhere...
    CkZipW_AddBd(zip,L"logo.png",pngData);
    digestStr = CkCrypt2W_hashBdENC(crypt,pngData);
    CkJsonObjectW_UpdateString(manifest,L"\"logo.png\"",digestStr);

    CkBinDataW_Clear(pngData);
    // Assume we load the pngData with bytes for "logo@2x.png" from somewhere...
    CkZipW_AddBd(zip,L"logo@2x.png",pngData);
    digestStr = CkCrypt2W_hashBdENC(crypt,pngData);
    CkJsonObjectW_UpdateString(manifest,L"\"logo@2x.png\"",digestStr);

    passJson = L"{ .... }";    //  Contains the contents of pass.json
    CkZipW_AddString(zip,L"pass.json",passJson,L"utf-8");
    digestStr = CkCrypt2W_hashStringENC(crypt,passJson);
    CkJsonObjectW_UpdateString(manifest,L"\"pass.json\"",digestStr);

    CkZipW_AddString(zip,L"manifest.json",CkJsonObjectW_emit(manifest),L"utf-8");

    // Make sure we have the Apple WWDR intermediate certificate available for 
    // the cert chain in the signature.
    certVault = CkXmlCertVaultW_Create();
    appleWwdrCert = CkCertW_Create();
    success = CkCertW_LoadByCommonName(appleWwdrCert,L"Apple Worldwide Developer Relations Certification Authority");
    if (success != TRUE) {
        wprintf(L"The Apple WWDR intermediate certificate is not installed.\n");
        wprintf(L"It is available at https://developer.apple.com/certificationauthority/AppleWWDRCA.cer\n");
        wprintf(L"You may alternatively load the .cer like this...\n");
        success = CkCertW_LoadFromFile(appleWwdrCert,L"qa_data/certs/AppleWWDRCA.cer");
        if (success == FALSE) {
            wprintf(L"%s\n",CkCertW_lastErrorText(appleWwdrCert));
            CkJsonObjectW_Dispose(manifest);
            CkCrypt2W_Dispose(crypt);
            CkZipW_Dispose(zip);
            CkBinDataW_Dispose(pngData);
            CkXmlCertVaultW_Dispose(certVault);
            CkCertW_Dispose(appleWwdrCert);
            return;
        }

    }

    CkXmlCertVaultW_AddCert(certVault,appleWwdrCert);
    CkCrypt2W_UseCertVault(crypt,certVault);

    // Use a digital certificate and private key from a PFX
    bdPfx = CkBinDataW_Create();
    // Assume we loaded a PFX into bdPfx....
    pfxPassword = L"test123";

    cert = CkCertW_Create();
    success = CkCertW_LoadPfxBd(cert,bdPfx,pfxPassword);
    if (success == FALSE) {
        wprintf(L"%s\n",CkCertW_lastErrorText(cert));
        CkJsonObjectW_Dispose(manifest);
        CkCrypt2W_Dispose(crypt);
        CkZipW_Dispose(zip);
        CkBinDataW_Dispose(pngData);
        CkXmlCertVaultW_Dispose(certVault);
        CkCertW_Dispose(appleWwdrCert);
        CkBinDataW_Dispose(bdPfx);
        CkCertW_Dispose(cert);
        return;
    }

    // Provide the signing cert (with associated private key).
    success = CkCrypt2W_SetSigningCert(crypt,cert);
    if (success == FALSE) {
        wprintf(L"%s\n",CkCrypt2W_lastErrorText(crypt));
        CkJsonObjectW_Dispose(manifest);
        CkCrypt2W_Dispose(crypt);
        CkZipW_Dispose(zip);
        CkBinDataW_Dispose(pngData);
        CkXmlCertVaultW_Dispose(certVault);
        CkCertW_Dispose(appleWwdrCert);
        CkBinDataW_Dispose(bdPfx);
        CkCertW_Dispose(cert);
        return;
    }

    // Specify the signed attributes to be included.
    // (These attributes appear to not be necessary, but we're including
    // them just in case they become necessary in the future.)
    jsonSignedAttrs = CkJsonObjectW_Create();
    CkJsonObjectW_UpdateInt(jsonSignedAttrs,L"contentType",1);
    CkJsonObjectW_UpdateInt(jsonSignedAttrs,L"signingTime",1);
    CkCrypt2W_putSigningAttributes(crypt,CkJsonObjectW_emit(jsonSignedAttrs));

    // Sign the manifest JSON to produce a signature
    CkCrypt2W_putEncodingMode(crypt,L"base64");
    sig = CkCrypt2W_signStringENC(crypt,CkJsonObjectW_emit(manifest));
    bdSig = CkBinDataW_Create();
    CkBinDataW_AppendEncoded(bdSig,sig,L"base64");
    CkZipW_AddBd(zip,L"signature",bdSig);

    // ---------------------------------------------------------------------------------------------
    // Note: Chilkat also has the capability to do everything in-memory (no files would be involved).  
    // If this is of interest, please send email to support@chilkatsoft.com
    // ---------------------------------------------------------------------------------------------

    // Create the .pkipass archive (which is a .zip archive containing the required files).
    // the .zip is written to bdZip
    bdZip = CkBinDataW_Create();
    success = CkZipW_WriteBd(zip,bdZip);
    if (success == FALSE) {
        wprintf(L"%s\n",CkZipW_lastErrorText(zip));
        CkJsonObjectW_Dispose(manifest);
        CkCrypt2W_Dispose(crypt);
        CkZipW_Dispose(zip);
        CkBinDataW_Dispose(pngData);
        CkXmlCertVaultW_Dispose(certVault);
        CkCertW_Dispose(appleWwdrCert);
        CkBinDataW_Dispose(bdPfx);
        CkCertW_Dispose(cert);
        CkJsonObjectW_Dispose(jsonSignedAttrs);
        CkBinDataW_Dispose(bdSig);
        CkBinDataW_Dispose(bdZip);
        return;
    }

    wprintf(L"Success.\n");


    CkJsonObjectW_Dispose(manifest);
    CkCrypt2W_Dispose(crypt);
    CkZipW_Dispose(zip);
    CkBinDataW_Dispose(pngData);
    CkXmlCertVaultW_Dispose(certVault);
    CkCertW_Dispose(appleWwdrCert);
    CkBinDataW_Dispose(bdPfx);
    CkCertW_Dispose(cert);
    CkJsonObjectW_Dispose(jsonSignedAttrs);
    CkBinDataW_Dispose(bdSig);
    CkBinDataW_Dispose(bdZip);

    }