Sample code for 30+ languages & platforms
Pascal (Lazarus/Delphi)

Sign Manifest File to Generate a Passbook .pkpass in Memory

Demonstrates how to create a Passbook .pkpass archive by creating a signature of a manifest file and then zipping to a .pkpass archive in memory

Chilkat Pascal (Lazarus/Delphi) Downloads

Pascal (Lazarus/Delphi)
program ChilkatDemo;

// Demonstrates using the Chilkat Pascal wrapper via the C bridge DLL.
// Builds as a console application under Lazarus (FPC) or Delphi.

{$IFDEF FPC}
  {$MODE DELPHI}
{$ENDIF}
{$APPTYPE CONSOLE}

uses
  {$IFDEF UNIX}
  cthreads,
  {$ENDIF}
  SysUtils,
  CkDllLoader,
  Chilkat.Zip,
  Chilkat.XmlCertVault,
  Chilkat.JsonObject,
  Chilkat.Cert,
  Chilkat.Crypt2,
  Chilkat.BinData;

// ---------------------------------------------------------------------------

procedure RunDemo;
var
  success: Boolean;
  manifest: TJsonObject;
  crypt: TCrypt2;
  zip: TZip;
  digestStr: string;
  pngData: TBinData;
  passJson: string;
  certVault: TXmlCertVault;
  appleWwdrCert: TCert;
  bdPfx: TBinData;
  pfxPassword: string;
  cert: TCert;
  jsonSignedAttrs: TJsonObject;
  sig: string;
  bdSig: TBinData;
  bdZip: TBinData;

begin
  success := False;

  //  This requires the Chilkat API to have been previously unlocked.
  //  See Global Unlock Sample for sample code.

  //  ---------------------------------------------------------------------------------------------
  //  This example is the same as Sign Manifest File to Generate a Passbook .pkpass file
  //  except everything happens in memory (no input files, no output files)
  //  ---------------------------------------------------------------------------------------------

  //  First create the manifest.json

  manifest := TJsonObject.Create;
  crypt := TCrypt2.Create;

  zip := TZip.Create;
  zip.NewZip('notUsedAndNeverCreated.zip');

  crypt.HashAlgorithm := 'sha1';
  //  Return hashes as lowercase hex.
  crypt.EncodingMode := 'hexlower';

  pngData := TBinData.Create;
  //  Assume we load the pngData with bytes for "icon.png" from somewhere, such as a byte array in memory.
  zip.AddBd('icon.png',pngData);
  digestStr := crypt.HashBdENC(pngData);
  manifest.UpdateString('"icon.png"',digestStr);

  pngData.Clear();
  //  Assume we load the pngData with bytes for "icon@2x.png" from somewhere...
  zip.AddBd('icon@2x.png',pngData);
  digestStr := crypt.HashBdENC(pngData);
  manifest.UpdateString('"icon@2x.png"',digestStr);

  pngData.Clear();
  //  Assume we load the pngData with bytes for "logo.png" from somewhere...
  zip.AddBd('logo.png',pngData);
  digestStr := crypt.HashBdENC(pngData);
  manifest.UpdateString('"logo.png"',digestStr);

  pngData.Clear();
  //  Assume we load the pngData with bytes for "logo@2x.png" from somewhere...
  zip.AddBd('logo@2x.png',pngData);
  digestStr := crypt.HashBdENC(pngData);
  manifest.UpdateString('"logo@2x.png"',digestStr);

  passJson := '{ .... }';  //  Contains the contents of pass.json
  zip.AddString('pass.json',passJson,'utf-8');
  digestStr := crypt.HashStringENC(passJson);
  manifest.UpdateString('"pass.json"',digestStr);

  zip.AddString('manifest.json',manifest.Emit(),'utf-8');

  //  Make sure we have the Apple WWDR intermediate certificate available for 
  //  the cert chain in the signature.
  certVault := TXmlCertVault.Create;
  appleWwdrCert := TCert.Create;
  success := appleWwdrCert.LoadByCommonName('Apple Worldwide Developer Relations Certification Authority');
  if (success <> True) then
    begin
      WriteLn('The Apple WWDR intermediate certificate is not installed.');
      WriteLn('It is available at https://developer.apple.com/certificationauthority/AppleWWDRCA.cer');
      WriteLn('You may alternatively load the .cer like this...');
      success := appleWwdrCert.LoadFromFile('qa_data/certs/AppleWWDRCA.cer');
      if (success = False) then
        begin
          WriteLn(appleWwdrCert.LastErrorText);
          Exit;
        end;

    end;
  certVault.AddCert(appleWwdrCert);
  crypt.UseCertVault(certVault);

  //  Use a digital certificate and private key from a PFX
  bdPfx := TBinData.Create;
  //  Assume we loaded a PFX into bdPfx....
  pfxPassword := 'test123';

  cert := TCert.Create;
  success := cert.LoadPfxBd(bdPfx,pfxPassword);
  if (success = False) then
    begin
      WriteLn(cert.LastErrorText);
      Exit;
    end;

  //  Provide the signing cert (with associated private key).
  success := crypt.SetSigningCert(cert);
  if (success = False) then
    begin
      WriteLn(crypt.LastErrorText);
      Exit;
    end;

  //  Specify the signed attributes to be included.
  //  (These attributes appear to not be necessary, but we're including
  //  them just in case they become necessary in the future.)
  jsonSignedAttrs := TJsonObject.Create;
  jsonSignedAttrs.UpdateInt('contentType',1);
  jsonSignedAttrs.UpdateInt('signingTime',1);
  crypt.SigningAttributes := jsonSignedAttrs.Emit();

  //  Sign the manifest JSON to produce a signature
  crypt.EncodingMode := 'base64';
  sig := crypt.SignStringENC(manifest.Emit());
  bdSig := TBinData.Create;
  bdSig.AppendEncoded(sig,'base64');
  zip.AddBd('signature',bdSig);

  //  ---------------------------------------------------------------------------------------------
  //  Note: Chilkat also has the capability to do everything in-memory (no files would be involved).  
  //  If this is of interest, please send email to support@chilkatsoft.com
  //  ---------------------------------------------------------------------------------------------

  //  Create the .pkipass archive (which is a .zip archive containing the required files).
  //  the .zip is written to bdZip
  bdZip := TBinData.Create;
  success := zip.WriteBd(bdZip);
  if (success = False) then
    begin
      WriteLn(zip.LastErrorText);
      Exit;
    end;

  WriteLn('Success.');


  manifest.Free;
  crypt.Free;
  zip.Free;
  pngData.Free;
  certVault.Free;
  appleWwdrCert.Free;
  bdPfx.Free;
  cert.Free;
  jsonSignedAttrs.Free;
  bdSig.Free;
  bdZip.Free;

end;

// ---------------------------------------------------------------------------

begin

  try
    RunDemo;
  except
    on E: Exception do
      WriteLn('Unhandled exception: ', E.ClassName, ': ', E.Message);
  end;

  WriteLn;
  {$IFDEF MSWINDOWS}
  WriteLn('Press Enter to exit...');
  ReadLn;
  {$ENDIF}
end.