Passbook,PHP和签名

Whenever I try to add my pass to passbook it fails due to:

Manifest signature did not verify succesfully

My code for signing is below:

$privKey = "certs/key.pem";
$keyPassword = "PASSWORD";
$wwdr = "certs/wwdr.pem";
$cert = file_get_contents("certs/certificate.pem");
$certData = openssl_x509_read($cert);

openssl_pkcs7_sign($path . "/" . "manifest.json", 
$path . "/" . "signature", 
$certData, 
array("file://" . $privKey, $keyPassword), 
array(), 
PKCS7_BINARY|PKCS7_NOATTR|PKCS7_DETACHED,
"certs/wwdr.pem");

Thanks!

Try the following, using the certificate file, not its contents and removing the PKSC7_NOATTR, since as of iOS 6.1.1, the signature should contain a signing date.

openssl_pkcs7_sign($path . "/manifest.json",
            $path . "/signature",
            'file://' . $fullPathTo . 'certs/certificate.pem',
            array('file://' . $fullPathTo . $privKey, $keyPassword),
            array(),
            PKCS7_BINARY|PKCS7_DETACHED,
            $fullPathTo . $wwdr);

openssl_pkcs7_sign creates an email attachement, so you'll also need to extract the signature part, since this is all the .pkpass bundle needs.

// Read the signature file
$email = file_get_contents($path . "/signature");

// Extract the signature using a regex
$pattern = "/.*?Content-Disposition: attachment; filename=\".*?\"(.*?)-----.*?/sm";
preg_match_all($pattern, $email, $signature);

// Base64 encode the part of result we need
$signature = base64_decode($signature[1][0]);

// Write contents to a new signature file
file_put_contents ($path . "/signature", $signature);

If it still doesn't ingest, check your certificate is a valid Pass Type ID certificate, and that your private key is the correct one for your cert. You may even want to check your PHP logs to verify that the openssl_pkcs7_sign command is executing properly.

Update

When I try to add your .pkpass bundle to Passbook, I get the following error in the device console.

<Warning>: Invalid data error reading pass pass.datafarms.peppermints/123456. Manifest JSON didn't parse: The operation couldn’t be completed. (Cocoa error 3840.)

Your signature file looks fine, the error lies in the part of your code that is calculating the SHA1 hashes and building manifest.json

Looking at your .pkpass bundle, your manifest is corrupt in two ways:

  1. It contains multiple objects
  2. The SHA1 values do not match the file contents

For this .pkpass bundle, your manifest.json should be:

{
    "strip.png" : "f95387c0843a51dac73f1b0a3181da9c99ba3dc4",
    "strip@2x.png" : "f325a97fc6bafbe53a5e8feb7b2c509a8ceb6b10",
    "logo@2x.png" : "7b7b025774128b95e50f2bcda55e608412e95a37",
    "icon@2x.png" : "68b61c27657a0018da71c7f73626c8a891da753c",
    "icon.png" : "6b15fa477ece83fdd4f544a2381444272a0e39a0",
    "logo.png" : "7cf1d842afde33c4b14978f330cf98d05c3e57f2",
    "pass.json" : "971417ec80638736cb3392d6d5db53d554f138a4",
}

But it is currently:

{
    "strip.png" : "156b528933284a0a58fc316897e1b7d202dfe3e8",
    "strip@2x.png" : "99f5dc1a0c5ed300193f87e42d8632f7251a3f26",
    "logo@2x.png" : "f36816f173aa9011186b80b140dfc49395d31051",
    "icon@2x.png" : "c10dd92e6c043c4bcf6214251d6fcb2a760cd9ad",
    "icon.png" : "d181ad4208e06afb63d5e6049a40521b458da19d",
    "logo.png" : "81c27284f77a447375ba39fb2f0005eeaccf28d8",
    "pass.json" : "e5960e9004d5fff241d77415413d609f47d7b2fb",
}{
    "strip.png" : "156b528933284a0a58fc316897e1b7d202dfe3e8",
    "strip@2x.png" : "99f5dc1a0c5ed300193f87e42d8632f7251a3f26",
    "logo@2x.png" : "f36816f173aa9011186b80b140dfc49395d31051",
    "icon@2x.png" : "c10dd92e6c043c4bcf6214251d6fcb2a760cd9ad",
    "icon.png" : "d181ad4208e06afb63d5e6049a40521b458da19d",
    "logo.png" : "81c27284f77a447375ba39fb2f0005eeaccf28d8",
    "pass.json" : "e5960e9004d5fff241d77415413d609f47d7b2fb",
}{
    "strip.png" : "156b528933284a0a58fc316897e1b7d202dfe3e8",
    "strip@2x.png" : "99f5dc1a0c5ed300193f87e42d8632f7251a3f26",
    "logo@2x.png" : "f36816f173aa9011186b80b140dfc49395d31051",
    "icon@2x.png" : "c10dd92e6c043c4bcf6214251d6fcb2a760cd9ad",
    "icon.png" : "d181ad4208e06afb63d5e6049a40521b458da19d",
    "logo.png" : "81c27284f77a447375ba39fb2f0005eeaccf28d8",
    "pass.json" : "e5960e9004d5fff241d77415413d609f47d7b2fb",
}{
    "strip.png" : "156b528933284a0a58fc316897e1b7d202dfe3e8",
    "strip@2x.png" : "99f5dc1a0c5ed300193f87e42d8632f7251a3f26",
    "logo@2x.png" : "f36816f173aa9011186b80b140dfc49395d31051",
    "icon@2x.png" : "c10dd92e6c043c4bcf6214251d6fcb2a760cd9ad",
    "icon.png" : "d181ad4208e06afb63d5e6049a40521b458da19d",
    "logo.png" : "81c27284f77a447375ba39fb2f0005eeaccf28d8",
    "pass.json" : "e5960e9004d5fff241d77415413d609f47d7b2fb",
}{
    "strip.png" : "156b528933284a0a58fc316897e1b7d202dfe3e8",
    "strip@2x.png" : "99f5dc1a0c5ed300193f87e42d8632f7251a3f26",
    "logo@2x.png" : "f36816f173aa9011186b80b140dfc49395d31051",
    "icon@2x.png" : "c10dd92e6c043c4bcf6214251d6fcb2a760cd9ad",
    "icon.png" : "d181ad4208e06afb63d5e6049a40521b458da19d",
    "logo.png" : "81c27284f77a447375ba39fb2f0005eeaccf28d8",
    "pass.json" : "e5960e9004d5fff241d77415413d609f47d7b2fb",
}{
    "strip.png" : "156b528933284a0a58fc316897e1b7d202dfe3e8",
    "strip@2x.png" : "99f5dc1a0c5ed300193f87e42d8632f7251a3f26",
    "logo@2x.png" : "f36816f173aa9011186b80b140dfc49395d31051",
    "icon@2x.png" : "c10dd92e6c043c4bcf6214251d6fcb2a760cd9ad",
    "icon.png" : "d181ad4208e06afb63d5e6049a40521b458da19d",
    "logo.png" : "81c27284f77a447375ba39fb2f0005eeaccf28d8",
    "pass.json" : "e5960e9004d5fff241d77415413d609f47d7b2fb",
}{
    "strip.png" : "156b528933284a0a58fc316897e1b7d202dfe3e8",
    "strip@2x.png" : "99f5dc1a0c5ed300193f87e42d8632f7251a3f26",
    "logo@2x.png" : "f36816f173aa9011186b80b140dfc49395d31051",
    "icon@2x.png" : "c10dd92e6c043c4bcf6214251d6fcb2a760cd9ad",
    "icon.png" : "d181ad4208e06afb63d5e6049a40521b458da19d",
    "logo.png" : "81c27284f77a447375ba39fb2f0005eeaccf28d8",
    "pass.json" : "e5960e9004d5fff241d77415413d609f47d7b2fb",
}{
    "strip.png" : "156b528933284a0a58fc316897e1b7d202dfe3e8",
    "strip@2x.png" : "99f5dc1a0c5ed300193f87e42d8632f7251a3f26",
    "logo@2x.png" : "f36816f173aa9011186b80b140dfc49395d31051",
    "icon@2x.png" : "c10dd92e6c043c4bcf6214251d6fcb2a760cd9ad",
    "icon.png" : "d181ad4208e06afb63d5e6049a40521b458da19d",
    "logo.png" : "81c27284f77a447375ba39fb2f0005eeaccf28d8",
    "pass.json" : "e5960e9004d5fff241d77415413d609f47d7b2fb",
}{
    "strip.png" : "156b528933284a0a58fc316897e1b7d202dfe3e8",
    "strip@2x.png" : "99f5dc1a0c5ed300193f87e42d8632f7251a3f26",
    "logo@2x.png" : "f36816f173aa9011186b80b140dfc49395d31051",
    "icon@2x.png" : "c10dd92e6c043c4bcf6214251d6fcb2a760cd9ad",
    "icon.png" : "d181ad4208e06afb63d5e6049a40521b458da19d",
    "logo.png" : "81c27284f77a447375ba39fb2f0005eeaccf28d8",
    "pass.json" : "e5960e9004d5fff241d77415413d609f47d7b2fb",
}{
    "strip.png" : "156b528933284a0a58fc316897e1b7d202dfe3e8",
    "strip@2x.png" : "99f5dc1a0c5ed300193f87e42d8632f7251a3f26",
    "logo@2x.png" : "f36816f173aa9011186b80b140dfc49395d31051",
    "icon@2x.png" : "c10dd92e6c043c4bcf6214251d6fcb2a760cd9ad",
    "icon.png" : "d181ad4208e06afb63d5e6049a40521b458da19d",
    "logo.png" : "81c27284f77a447375ba39fb2f0005eeaccf28d8",
    "pass.json" : "e5960e9004d5fff241d77415413d609f47d7b2fb",
}