|
Chilkat • HOME • .NET Core C# • Android™ • AutoIt • C • C# • C++ • Chilkat2-Python • CkPython • Classic ASP • DataFlex • Delphi ActiveX • Delphi DLL • Go • Java • Lianja • Mono C# • Node.js • Objective-C • PHP ActiveX • PHP Extension • Perl • PowerBuilder • PowerShell • PureBasic • Ruby • SQL Server • Swift 2 • Swift 3,4,5... • Tcl • Unicode C • Unicode C++ • VB.NET • VBScript • Visual Basic 6.0 • Visual FoxPro • Xojo Plugin
(PowerBuilder) Validate a .pkpass ArchiveOpens a .pkpass archive (which is just a .zip renamed to .pkpass) and validates the contents. The hashes in the manifest are compared with the computed hash values for each individual file. If all computed hash values match, then the signature is verified.
integer li_rc oleobject loo_Crypt oleobject loo_Zip integer li_Success oleobject loo_Ent oleobject loo_BdManifest oleobject loo_Json integer li_SomeHashesFailed string ls_Filename oleobject loo_SbHashHex oleobject loo_BdFileData integer li_NumMembers integer i string ls_ComputedHashHex oleobject loo_BdSignature integer li_Verified // This example assumes the Chilkat API to have been previously unlocked. // See Global Unlock Sample for sample code. loo_Crypt = create oleobject li_rc = loo_Crypt.ConnectToNewObject("Chilkat_9_5_0.Crypt2") if li_rc < 0 then destroy loo_Crypt MessageBox("Error","Connecting to COM object failed") return end if loo_Zip = create oleobject li_rc = loo_Zip.ConnectToNewObject("Chilkat_9_5_0.Zip") li_Success = loo_Zip.OpenZip("qa_data/pkpass/invalid.pkpass") if li_Success = 0 then Write-Debug loo_Zip.LastErrorText destroy loo_Crypt destroy loo_Zip return end if // Get the contents of the manifest.json file, which contains something like this: // { // "icon.png" : "0296b01347b3173e98438a003b0e88986340b2d8", // "logo.png" : "25de09e2d3b01ce1fe00c2ca9a90a2be1aaa05cf", // "icon@2x.png" : "5afd9585b08c65fdf105a90c8bd643407cba2787", // "pass.json" : "145ea5a5db784fff485126c77ecf7a1fc2a88ee7", // "strip@2x.png" : "468fa7bc93e6b55342b56fda09bdce7c829d7d46", // "strip.png" : "736d01f84cb73d06e8a9932e43076d68f19461ff" // } loo_Ent = loo_Zip.GetEntryByName("manifest.json") if loo_Zip.LastMethodSuccess = 0 then Write-Debug "manifest.json entry not found." destroy loo_Crypt destroy loo_Zip return end if // Get the exact content of the manifest.json for later signature verification. loo_BdManifest = create oleobject li_rc = loo_BdManifest.ConnectToNewObject("Chilkat_9_5_0.BinData") li_Success = loo_Ent.UnzipToBd(loo_BdManifest) loo_Json = create oleobject li_rc = loo_Json.ConnectToNewObject("Chilkat_9_5_0.JsonObject") loo_Json.EmitCompact = 0 loo_Json.Load(loo_Ent.UnzipToString(0,"utf-8")) Write-Debug loo_Json.Emit() destroy loo_Ent // For each file in the JSON, get the filename and hex hash value. loo_Crypt.EncodingMode = "hexlower" loo_Crypt.HashAlgorithm = "sha1" li_SomeHashesFailed = 0 loo_SbHashHex = create oleobject li_rc = loo_SbHashHex.ConnectToNewObject("Chilkat_9_5_0.StringBuilder") loo_BdFileData = create oleobject li_rc = loo_BdFileData.ConnectToNewObject("Chilkat_9_5_0.BinData") li_NumMembers = loo_Json.Size i = 0 do while i < li_NumMembers ls_Filename = loo_Json.NameAt(i) loo_SbHashHex.Clear() loo_SbHashHex.Append(loo_Json.StringAt(i)) loo_Ent = loo_Zip.GetEntryByName(ls_Filename) if loo_Zip.LastMethodSuccess = 0 then Write-Debug ls_Filename + " not found in the pkpass file." destroy loo_Crypt destroy loo_Zip destroy loo_BdManifest destroy loo_Json destroy loo_SbHashHex destroy loo_BdFileData return end if // Get the data for this file. loo_BdFileData.Clear() li_Success = loo_Ent.UnzipToBd(loo_BdFileData) ls_ComputedHashHex = loo_Crypt.HashBdENC(loo_BdFileData) if loo_SbHashHex.ContentsEqual(ls_ComputedHashHex,0) = 0 then Write-Debug "Computed hash does not match stored hash for " + ls_Filename Write-Debug " computed: " + ls_ComputedHashHex Write-Debug " stored: " + loo_SbHashHex.GetAsString() li_SomeHashesFailed = 1 else Write-Debug "hash verified for " + ls_Filename + "(" + ls_ComputedHashHex + ")" end if destroy loo_Ent i = i + 1 loop if li_SomeHashesFailed = 1 then Write-Debug "Some hashes failed." destroy loo_Crypt destroy loo_Zip destroy loo_BdManifest destroy loo_Json destroy loo_SbHashHex destroy loo_BdFileData return end if // Let's verify the signature.. // First get the signature. loo_Ent = loo_Zip.GetEntryByName("signature") if loo_Zip.LastMethodSuccess = 0 then Write-Debug "signature not found in the pkpass file." destroy loo_Crypt destroy loo_Zip destroy loo_BdManifest destroy loo_Json destroy loo_SbHashHex destroy loo_BdFileData return end if loo_BdSignature = create oleobject li_rc = loo_BdSignature.ConnectToNewObject("Chilkat_9_5_0.BinData") li_Success = loo_Ent.UnzipToBd(loo_BdSignature) destroy loo_Ent // Show the contents of the signature in base64 encoding. Write-Debug "Signature:" Write-Debug loo_BdSignature.GetEncoded("base64_mime") Write-Debug "----" // Verify the signature against the manifest.json loo_Crypt.EncodingMode = "base64" li_Verified = loo_Crypt.VerifyBdENC(loo_BdManifest,loo_BdSignature.GetEncoded("base64")) if li_Verified = 0 then Write-Debug loo_Crypt.LastErrorText end if Write-Debug "signature verified = " + string(li_Verified) destroy loo_Crypt destroy loo_Zip destroy loo_BdManifest destroy loo_Json destroy loo_SbHashHex destroy loo_BdFileData destroy loo_BdSignature |
||||
© 2000-2024 Chilkat Software, Inc. All Rights Reserved.