When running the prepare-keys command, a file called pass.pem is generated which appears to be the key for the certificate. In the pass.js file where the signing actually happens, it seems like this file is never referenced or used. Running the function causes an error complaining about opening the signing file.
I was able to fix the issue by adding the key argument to the sign function. Here is the code as it currently is in the repository:
function signManifest(template, manifest, callback) {
var identifier = template.passTypeIdentifier().replace(/^pass./, "");
var args = [
"smime",
"-sign", "-binary",
"-signer", Path.resolve(template.keysPath, identifier + ".pem"),
"-certfile", Path.resolve(template.keysPath, "wwdr.pem"),
"-passin", "pass:" + template.password
];
var sign = execFile("openssl", args, { stdio: "pipe" }, function(error, stdout, stderr) {
var trimmedStderr = stderr.trim();
// Windows outputs some unhelpful error messages, but still produces a valid signature
if (error || (trimmedStderr && trimmedStderr.indexOf('- done') < 0)) {
callback(new Error(stderr));
} else {
var signature = stdout.split(/\n\n/)[3];
callback(null, new Buffer(signature, "base64"));
}
});
sign.stdin.write(manifest);
sign.stdin.end();
}
function signManifest(template, manifest, callback) {
var identifier = template.passTypeIdentifier().replace(/^pass./, "");
var args = [
"smime",
"-sign", "-binary",
"-signer", Path.resolve(template.keysPath, identifier + ".pem"),
"-certfile", Path.resolve(template.keysPath, "wwdr.pem"),
"-inkey", Path.resolve(template.keysPath, "pass.pem"),
"-passin", "pass:" + template.password
];
var sign = execFile("openssl", args, { stdio: "pipe" }, function(error, stdout, stderr) {
var trimmedStderr = stderr.trim();
// Windows outputs some unhelpful error messages, but still produces a valid signature
if (error || (trimmedStderr && trimmedStderr.indexOf('- done') < 0)) {
callback(new Error(stderr));
} else {
var signature = stdout.split(/\n\n/)[3];
callback(null, new Buffer(signature, "base64"));
}
});
sign.stdin.write(manifest);
sign.stdin.end();
}
Is this a necessary fix for the library? Or is there another problem that this is essentially bypassing? With my fix above, everything works as expected. But I would prefer to use the version from npm as opposed to using a version with my modifications.