alexandercerutti/passkit-generator

Getting unsupported file format issue,after pkpass file generate process.

prashant03Dev opened this issue · 23 comments

const passCreated = await PassKit.PKPass.from({
    model: `${process.cwd()}/src/BoardingPass.pass`,
    certificates: {
       wwdr,
       signerCert,
       signerKey,
       signerKeyPassphrase,
    },
});

try {
    const buffer = passCreated.getAsBuffer();

    await fs.writeFile('sample.pkpass', buffer);

    this.logger.debug('Pass generated successfully....');
} catch (error) {
    throw Error(error.message);
}

Used this,but getting file format issue on viewing it.

Hi @prashant03Dev, thank you for using passkit-generator!

Do you mind explaining better what is happening? You can't open the file?

As you didn't include any detail, I cannot help you.

Steps I followed:

-I had generated all the certificates e.g (wwdr,signerCert,p12,signerPhrasphare and signerKey).
-After that i loaded all certificates from cert repository,using below code.

const { signerCert, signerKey, wwdr, signerKeyPassphrase } = await this.getCertificates();
 
private async getCertificates(): Promise<Exclude<Cache['certificates'], undefined>> {
        if (cache.certificates) {
            return cache.certificates;
        }

        const [signerCert, signerKey, wwdr] = await Promise.all([
            fs.readFile(`${process.cwd()}/src/certs/signerCert.pem`, 'utf-8'),
            fs.readFile(`${process.cwd()}/src/certs/rsa_signerKey.pem`, 'utf-8'),
            fs.readFile(`${process.cwd()}/src/certs/wwdr.pem`, 'utf-8'),
        ]);

        const signerKeyPassphrase = this.configService.get('appleWallet.signerKeyPassphrase');

        cache.certificates = {
            signerCert,
            signerKey,
            wwdr,
            signerKeyPassphrase,
        };

        return cache.certificates;
    }

-Once i loaded all the certificates,I moved to generate the pass using PkPass.from() method,here is the below code.

const passCreated = await PassKit.PKPass.from({
    model: `${process.cwd()}/src/BoardingPass.pass`,
    certificates: {
        wwdr,
        signerCert,
        signerKey,
        signerKeyPassphrase,
    },
});

-For generting pass,I called buffer method,

const buffer = passCreated.getAsBuffer();

-Once this process,get's completed i used to create a pkpass file using fs (file stream).

await fs.writeFile('sample.pkpass', buffer);

-When i open it on the mac,it shows file not supported.

-Can you suggest me the way,where it get's stucked,is there any certification generation issue,or Am i following the wrong path?.

-When i open it on the mac,it shows file not supported.

Okay this was enough to let me understand the path to follow.

I will give you the standard answer:

Let me know the results.

@alexandercerutti let me check above one.

@alexandercerutti

I had reviewed above one, but not getting it through. I had attached my written code below, Please have a look on that.

const passCreated = await PassKit.PKPass.from({ model:${process.cwd()}/src/BoardingPass.pass`,
certificates: {
wwdr,
signerCert,
signerKey,
signerKeyPassphrase,
},
});

    try {
        const buffer = passCreated.getAsBuffer();

        return buffer.toString('base64');
    } catch (error) {
        throw Error(error.message);
    }`
    
    I had collected base64 from bufffer method, and getting a base64 in console, Is there any way to decode the base64 before  creating pkpass file for just verification process, and suggest me to view it on windows system.

@prashant03Dev

Are you running this code in response to an endpoint (webserver) or just as a standalone script?

What does the Console.app says when you try to open it?

About Windows, maybe there are some third party applications.

@alexandercerutti Tried for viewing pass,

it returns error

Pass Viewer ERROR: Error Domain=PKPassKitErrorDomain Code=1 "The pass cannot be read because it isn't valid." UserInfo={NSLocalizedDescription=The pass cannot be read because it isn't valid., NSUnderlyingError=0x6000013b4300 {Error Domain=PKPassKitErrorDomain Code=1 "Manifest signature did not verify successfully" UserInfo={NSLocalizedDescription=Manifest signature did not verify successfully}}}

One problem at the time, please.
Forget about windows right now.

Answer to my questions, please. Report me the full error logged inside Console.app when opening the file written on the File System.

@alexandercerutti

default 13:13:44.252775+0530 Pass Viewer notify_get_state check indicated test daemon not ready.
default 13:13:44.252867+0530 Pass Viewer notify_get_state check indicated test daemon not ready.
default 13:13:44.262768+0530 Pass Viewer SignalReady: pid=2721 asn=0x0-0xc07c07
default 13:13:44.263864+0530 Pass Viewer SIGNAL: pid=2721 asn=0x0x-0xc07c07
default 13:13:44.277158+0530 tccd -[TCCDAccessIdentity staticCode]: static code for: identifier com.apple.Pass-Viewer, type: 0: 0x14c93a690 at /System/Library/CoreServices/Pass Viewer.app
default 13:13:44.331634+0530 Pass Viewer Verifying structure for pass
default 13:13:44.333614+0530 Pass Viewer Verifying signature for pass using network:1
default 13:13:44.335270+0530 Pass Viewer SecCMSMessageSecurityShim is disabled (via feature flags)
default 13:13:44.335278+0530 Pass Viewer CMS verification error: -25293
default 13:13:44.340723+0530 Pass Viewer Signature validation: *** FAILED ***
error 13:13:44.340734+0530 Pass Viewer Invalid data error reading pass pass.com.rsys.fbinsapp/123456. Manifest signature did not verify successfully
default 13:13:44.341263+0530 Pass Viewer ERROR: Error Domain=PKPassKitErrorDomain Code=1 "The pass cannot be read because it isn't valid." UserInfo={NSLocalizedDescription=The pass cannot be read because it isn't valid., NSUnderlyingError=0x6000013b4300 {Error Domain=PKPassKitErrorDomain Code=1 "Manifest signature did not verify successfully" UserInfo={NSLocalizedDescription=Manifest signature did not verify successfully}}}
default 13:13:44.345002+0530 Pass Viewer NSApp cache appearance:
-NSRequiresAquaSystemAppearance: 0
-appearance: (null)
-effectiveAppearance: <NSCompositeAppearance: 0x600003397000
(
"<NSAquaAppearance: 0x600003382000>",
"<NSSystemAppearance: 0x600003396780>"
)>
default 13:13:44.474343+0530 WindowManager Connection activated | (2721) Pass Viewer
default 13:13:44.500554+0530 Pass Viewer Set a breakpoint at SLSLogBreak to catch errors/faults as they are logged.
error 13:13:44.500577+0530 Pass Viewer CGSWindowShmemCreateWithPort failed on port 0
error 13:13:44.507546+0530 Pass Viewer CGSWindowShmemCreateWithPort failed on port 0
error 13:13:44.512104+0530 Pass Viewer Warning: Window _NSAlertPanel 0x131b24330 ordered front from a non-active application and may order beneath the active application's windows.
default 13:13:44.512159+0530 Pass Viewer order window front conditionally: 33d5 related: 0
default 13:13:46.530864+0530 Pass Viewer order window front conditionally: 33d5 related: 0
default 13:13:46.623836+0530 tccd AUTHREQ_ATTRIBUTION: msgID=147.5289, attribution={accessing={TCCDProcess: identifier=com.apple.Pass-Viewer, pid=2721, auid=501, euid=501, binary_path=/System/Library/CoreServices/Pass Viewer.app/Contents/MacOS/Pass Viewer}, requesting={TCCDProcess: identifier=com.apple.WindowServer, pid=147, auid=88, euid=88, binary_path=/System/Library/PrivateFrameworks/SkyLight.framework/Versions/A/Resources/WindowServer}, },
default 13:13:46.623919+0530 tccd requestor: TCCDProcess: identifier=com.apple.WindowServer, pid=147, auid=88, euid=88, binary_path=/System/Library/PrivateFrameworks/SkyLight.framework/Versions/A/Resources/WindowServer is checking access for accessor TCCDProcess: identifier=com.apple.Pass-Viewer, pid=2721, auid=501, euid=501, binary_path=/System/Library/CoreServices/Pass Viewer.app/Contents/MacOS/Pass Viewer
default 13:13:46.629133+0530 tccd -[TCCDAccessIdentity staticCode]: static code for: identifier com.apple.Pass-Viewer, type: 0: 0x14c9297a0 at /System/Library/CoreServices/Pass Viewer.app
default 13:13:46.640171+0530 Pass Viewer order window: 33d5 op: 0 relative: 0 related: 0
error 13:13:46.654141+0530 Pass Viewer CGSWindowShmemCreateWithPort failed on port 0
default 13:13:46.655884+0530 Pass Viewer Entering exit handler.
default 13:13:46.659024+0530 WindowManager Connection invalidated | (2721) Pass Viewer
default 13:13:46.655901+0530 Pass Viewer Queueing exit procedure onto XPC queue. Any further messages sent will be discarded. activeSendTransactions=0
default 13:13:46.658080+0530 Pass Viewer Cancelling XPC connection. Any further reply handler invocations will not retry messages
default 13:13:46.658281+0530 Pass Viewer Exiting exit handler.
default 13:13:46.658292+0530 Pass Viewer XPC connection invalidated (daemon unloaded/disabled)
default 13:13:46.700687+0530 loginwindow -[PersistentAppsSupport applicationQuit:] | for app:Pass Viewer, _appTrackingState = 2

Okay, I see you edited your message. That's a great pointer to what is happening.

Have you tried to check the content of your certificates files? Both the physical ones (on the file system) and the ones you are loading into your script (via a console.log or whatever) and check if they are coherent?

@alexandercerutti I've validated, both are same, Is there might a chance that the certificates are generated in wrong order.If it's then can you suggest me the steps,that i would follow.

@prashant03Dev I don't think it is a matter of order. WWDR certificate is independent from the other two.

The fact that the signature file cannot verify might be related somehow to your files.

Can you confirm that you can rename the file from .pkpass to .zip, un zip it and see the files? Can all the files be opened correctly (included manifest.json, excluded signature)?

Just to be sure, did you follow the guide I provided to generate the certificates?

@alexandercerutti I had followed above steps,and I'm seeing that all files are there after unzipping,I cross checked the files that you've mentioned,Which file should i open now to view pass

.pkpass is a bundle, just like many other "files" in MacOS (e.g. .app), so the "file" is a composition the Pass Viewer.app (embedded inside the operative systems) performs on the fly.

I'm not very sure about the issue here, anyway. Could you try to create again your certificates with the step-by-step guide I provided in wiki?

If so, I kindly ask you to not delete the old ones, because if it works I'd like you to send them both to me on Telegram (or somewhere safe), if you agree, so I can verify them and perhaps understand more and write more about it in the wiki, for the other people that are having this issue.

Furthermore, could you please tell me which guide you followed while creating the certificates?
The one in the wiki or a different one? If the one in wiki, please tell me if you followed the terminal (cli) one or the Keychain Access one.

Also, are you sure you are using the right WWDR Certificate (G4)?

@alexandercerutti Let me re-create the certificates again, and i will let you know,if it won't works.Thanks!

Hey @prashant03Dev, were you able to solve?

@alexandercerutti thanks,now we are getting the correct pkpass file,and it's viewing correctly,We are just rendering all the dynamic content on the pass.Thanks for the help!

@prashant03Dev so which step did you do? You regenerated your certificates?

@alexandercerutti Yes,by regenerating the certificates,we solved the problem,but currently facing issue with displaying the content,some contents are visible,but our primary fields values,are not showing while viewing the pass

@prashant03Dev do you mind sharing the old certificates and keys with me? Just for a matter of analysis. You can send them to me on Telegram.

@alexandercerutti can you share us the link,by which we can set the attributes for dynamic data.

Actually i need to show the pass in a landscape mode,having a background image,and some text data on it.

Could you help us out for this.

I honestly don't know what you mean by "landscape mode". Passes can be shown only in a portrait mode.

You can use https://pkvd.app configurator to preview your passes.

About certificates, I assume it is a no?

@alexandercerutti yes,actually we are using certificates from the client account,that's why we are unable to share the certificates.