Sample code for 30+ languages & platforms
Pascal (Lazarus/Delphi)

Sign Manifest File to Generate a Passbook .pkpass file

See more Digital Signatures Examples

Demonstrates how to create a Passbook .pkpass archive by creating a signature of a manifest file and then zipping to a .pkpass archive.

Note: Chilkat also has the capability to do everything in-memory (no files would be involved). If this is of interest, please send email to support@chilkatsoft.com

Chilkat Pascal (Lazarus/Delphi) Downloads

Pascal (Lazarus/Delphi)
program ChilkatDemo;

// Demonstrates using the Chilkat Pascal wrapper via the C bridge DLL.
// Builds as a console application under Lazarus (FPC) or Delphi.

{$IFDEF FPC}
  {$MODE DELPHI}
{$ENDIF}
{$APPTYPE CONSOLE}

uses
  {$IFDEF UNIX}
  cthreads,
  {$ENDIF}
  SysUtils,
  CkDllLoader,
  Chilkat.Zip,
  Chilkat.StringBuilder,
  Chilkat.JsonObject,
  Chilkat.XmlCertVault,
  Chilkat.Cert,
  Chilkat.Crypt2;

// ---------------------------------------------------------------------------

procedure RunDemo;
var
  success: Boolean;
  manifest: TJsonObject;
  crypt: TCrypt2;
  zip: TZip;
  fileHash: string;
  filePath: string;
  sbJson: TStringBuilder;
  manifestPath: string;
  certVault: TXmlCertVault;
  appleWwdrCert: TCert;
  pfxPath: string;
  pfxPassword: string;
  cert: TCert;
  jsonSignedAttrs: TJsonObject;
  sigPath: string;

begin
  success := False;

  //  This requires the Chilkat API to have been previously unlocked.
  //  See Global Unlock Sample for sample code.

  //  ---------------------------------------------------------------------------------------------
  //  Note: Chilkat also has the capability to do everything in-memory (no files would be involved).  
  //  See this example:  Sign Manifest File to Generate a Passbook .pkpass in Memory
  //  ---------------------------------------------------------------------------------------------

  //  First create the manifest.json

  manifest := TJsonObject.Create;
  crypt := TCrypt2.Create;

  zip := TZip.Create;
  zip.NewZip('qa_data/p7s/pass-wallet/example.pkpass');
  //  Set the AppendFromDir property to prevent that relative paths from being stored in the .pkpass archive.
  zip.AppendFromDir := 'qa_data/p7s/pass-wallet/';

  crypt.HashAlgorithm := 'sha1';
  //  Return hashes as lowercase hex.
  crypt.EncodingMode := 'hexlower';

  filePath := 'qa_data/p7s/pass-wallet/icon.png';
  fileHash := crypt.HashFileENC(filePath);
  zip.AddFile('icon.png',False);
  manifest.UpdateString('"icon.png"',fileHash);

  filePath := 'qa_data/p7s/pass-wallet/icon@2x.png';
  fileHash := crypt.HashFileENC(filePath);
  zip.AddFile('icon@2x.png',False);
  manifest.UpdateString('"icon@2x.png"',fileHash);

  filePath := 'qa_data/p7s/pass-wallet/logo.png';
  fileHash := crypt.HashFileENC(filePath);
  zip.AddFile('logo.png',False);
  manifest.UpdateString('"logo.png"',fileHash);

  filePath := 'qa_data/p7s/pass-wallet/logo@2x.png';
  fileHash := crypt.HashFileENC(filePath);
  zip.AddFile('logo@2x.png',False);
  manifest.UpdateString('"logo@2x.png"',fileHash);

  filePath := 'qa_data/p7s/pass-wallet/pass.json';
  fileHash := crypt.HashFileENC(filePath);
  zip.AddFile('pass.json',False);
  manifest.UpdateString('"pass.json"',fileHash);

  sbJson := TStringBuilder.Create;
  manifest.EmitSb(sbJson);
  manifestPath := 'qa_data/p7s/pass-wallet/manifest.json';
  sbJson.WriteFile(manifestPath,'utf-8',False);
  zip.AddFile('manifest.json',False);

  //  Make sure we have the Apple WWDR intermediate certificate available for 
  //  the cert chain in the signature.
  certVault := TXmlCertVault.Create;
  appleWwdrCert := TCert.Create;
  success := appleWwdrCert.LoadByCommonName('Apple Worldwide Developer Relations Certification Authority');
  if (success <> True) then
    begin
      WriteLn('The Apple WWDR intermediate certificate is not installed.');
      WriteLn('It is available at https://developer.apple.com/certificationauthority/AppleWWDRCA.cer');
      WriteLn('You may alternatively load the .cer like this...');
      success := appleWwdrCert.LoadFromFile('qa_data/certs/AppleWWDRCA.cer');
      if (success = False) then
        begin
          WriteLn(appleWwdrCert.LastErrorText);
          Exit;
        end;

    end;
  certVault.AddCert(appleWwdrCert);
  crypt.UseCertVault(certVault);

  //  Use a digital certificate and private key from a PFX file (.pfx or .p12).
  pfxPath := 'qa_data/pfx/cert_test123.pfx';
  pfxPassword := 'test123';

  cert := TCert.Create;
  success := cert.LoadPfxFile(pfxPath,pfxPassword);
  if (success = False) then
    begin
      WriteLn(cert.LastErrorText);
      Exit;
    end;

  //  Provide the signing cert (with associated private key).
  success := crypt.SetSigningCert(cert);
  if (success = False) then
    begin
      WriteLn(crypt.LastErrorText);
      Exit;
    end;

  //  Specify the signed attributes to be included.
  //  (These attributes appear to not be necessary, but we're including
  //  them just in case they become necessary in the future.)
  jsonSignedAttrs := TJsonObject.Create;
  jsonSignedAttrs.UpdateInt('contentType',1);
  jsonSignedAttrs.UpdateInt('signingTime',1);
  crypt.SigningAttributes := jsonSignedAttrs.Emit();

  //  Sign the manifest JSON file to produce a file named "signature".
  sigPath := 'qa_data/p7s/pass-wallet/signature';

  //  Create the "signature" file.
  success := crypt.CreateP7S(manifestPath,sigPath);
  if (success = False) then
    begin
      WriteLn(crypt.LastErrorText);
      Exit;
    end;

  zip.AddFile('signature',False);

  //  ---------------------------------------------------------------------------------------------
  //  Note: Chilkat also has the capability to do everything in-memory (no files would be involved).  
  //  If this is of interest, please send email to support@chilkatsoft.com
  //  ---------------------------------------------------------------------------------------------

  //  Create the .pkipass archive (which is a .zip archive containing the required files).
  success := zip.WriteZipAndClose();
  if (success = False) then
    begin
      WriteLn(zip.LastErrorText);
      Exit;
    end;

  WriteLn('Success.');


  manifest.Free;
  crypt.Free;
  zip.Free;
  sbJson.Free;
  certVault.Free;
  appleWwdrCert.Free;
  cert.Free;
  jsonSignedAttrs.Free;

end;

// ---------------------------------------------------------------------------

begin

  try
    RunDemo;
  except
    on E: Exception do
      WriteLn('Unhandled exception: ', E.ClassName, ': ', E.Message);
  end;

  WriteLn;
  {$IFDEF MSWINDOWS}
  WriteLn('Press Enter to exit...');
  ReadLn;
  {$ENDIF}
end.