Rust SDK for the core C2PA (Coalition for Content Provenance and Authenticity) specification

Last update: Jun 30, 2023

Related tags

Overview

C2PA Rust SDK

The Coalition for Content Provenance and Authenticity (C2PA) addresses the prevalence of misleading information online through the development of technical standards for certifying the source and history (or provenance) of media content. Adobe and other contributors created the C2PA Rust SDK as part of the Content Authenticity Initiative and released it to open source in June, 2022.

Key features

The C2PA Rust SDK implements a subset of the C2PA 1.2 technical specification.

The SDK enables a desktop, mobile, or embedded application to:

Create and sign C2PA claims and manifests.
Embed manifests in certain file formats.
Parse and validate manifests found in certain file formats.

The SDK supports several common C2PA assertions and hard bindings.

State of the project

This is a beta release (version 0.x.x) of the project. The minor version number (0.x.0) is incremented when there are breaking API changes, which may happen frequently.

Contributions and feedback

We welcome contributions to this project. For information on contributing, providing feedback, and about ongoing work, see Contributing.

Requirements

The SDK requires Rust version 1.65.0 or newer.

Supported platforms

The SDK has been tested on the following operating systems:

Windows (Intel only)
MacOS (Intel and Apple silicon)
Ubuntu Linux (64-bit Intel and ARM v8)
WebAssembly (Wasm)

Supported file formats

Extensions	MIME type
`avi`	`video/msvideo`, `video/avi`, `application-msvideo`
`avif`	`image/avif`
`c2pa`	`application/x-c2pa-manifest-store`,
`dng`	`image/x-adobe-dng`
`heic`	`image/heic`
`heif`	`image/heif`
`jpg`, `jpeg`	`image/jpeg`
`m4a`	`audio/mp4`
`mp4`	`video/mp4`, `application/mp4`
`mov`	`video/quicktime`
`png`	`image/png`
`tif`,`tiff`	`image/tiff`
`wav`	`audio/x-wav`
`webp`	`image/webp`

Usage

Add this to your Cargo.toml:

[dependencies]
c2pa = "0.25.0"

If you want to read or write a manifest file, add the file_io dependency to your Cargo.toml. The add_thumbnails feature will generate thumbnails for JPEG and PNG files. For example:

c2pa = { version = "0.25.0", features = ["file_io", "add_thumbnails"] }

NOTE: If you are building for WASM, omit the file_io dependency.

Crate features

The Rust SDK crate provides:

file_io enables manifest generation, signing via OpenSSL, and embedding manifests in various file formats.
add_thumbnails will generate thumbnails automatically for JPEG and PNG files. (no longer included with file_io)
serialize_thumbnails includes binary thumbnail data in the Serde serialization output.
xmp_write enables updating XMP on embed with the dcterms:provenance field. (Requires xmp_toolkit.)
no_interleaved_io forces fully-synchronous I/O; otherwise, the SDK uses threaded I/O for some operations to improve performance.
fetch_remote_manifests enables the verification step to retrieve externally referenced manifest stores. External manifests are only fetched if there is no embedded manifest store and no locally adjacent .c2pa manifest store file of the same name.
json_schema is used by make schema to produce a JSON schema document that represents the ManifestStore data structures.

License

The c2pa crate is distributed under the terms of both the MIT license and the Apache License (Version 2.0).

Note that some components and dependent crates are licensed under different terms; please check the license terms for each crate and component for details.

Release Notes

This section gives a highlight of noteworthy changes

Refer to the CHANGELOG for detailed Git changes

0.25.0

14 July 2023

(important!) the add_thumbnails feature is no longer tied to file_io, so you will need to specify it or thumbnails will not be generated.
removed User and UserCbor assertions from public API. They were not generating correct manifest data.
use manifest_add_labeled_assertion instead - see docs on manifest.embed for an example.
DataHash and BoxHash SDK support (generates a signed manifest ready to write into a file without writing to the file)
The SDK will no longer remove duplicate ingredients based on hash
make_test_images updated to fix issue 195, actions without required ingredients
updated the test fixtures generated by make_test_images
Expose CAIRead and CAIWrite traits required by some SDK calls.
Bug fix for certain BMFF formats (AVIF) that causes images to be unreadable

0.24.0

21 June 2023

Bump minor version to 0.24.0 to signify change in signature (back to the compatible one)
Reverts to 1.2 Cose signatures when signing while still validating 1.3 Cose signatures
We want to allow some time for clients to upgrade to validating 1.3 before writing this breaking change.
Fix embed_from_memory to correctly return the updated image
includes the cert serial number in the ValidationInfo output
support adding claim_generator_info field
support Actions V2 and Ingredients V2
BMFF V2
Json Schema generation

0.19.0

23 March 2023

Added support for many new file formats, see Supported File Formats above.
New api to return supported formats.
Streaming APIs for manifest creation without file_io for some formats.
Manifest and Ingredient JSON formats replace the is_parent field with relationship.
ResourceRef replaces content-type with format.
The bmff feature no longer required.

Comments

Failed reading with JumbfParseError
The image below fails to read in c2patool with the following output

c2patool --info out.jpg [2023-02-23T17:39:43Z DEBUG c2pa::ingredient] ingredient "out.jpg" [2023-02-23T17:39:43Z DEBUG c2pa::ingredient] ingredient JumbfParseError(UnexpectedEof) Information for out.jpg No C2PA Manifests

This is created by another C2PA API which is still under development - so I'm certainly open to the fact that the C2PA is genuinely invalid.

However the app11 marker is accepted (by jpegtran etc) and the JUMBF box hierarchy is tested by both our code (it's also a verifier, so has been run on all the public C2PA samples) and also loads without error in https://github.com/thorfdbg/codestream-parser. So I'm fairly confident at this point.

SHA256 sum of this image is 4eef35e7becaf084c205fc962448327128f7ded053c987592b04f188f711fe1a, just in case it gets mangled by github - I posted the same to the CAI Discord server, and it was certainly mangled there.
opened by faceless2 7

Update quick-xml requirement from 0.20.0 to 0.25.0 in /sdk

Updates the requirements on quick-xml to permit the latest version.

Changelog

Sourced from quick-xml's changelog.

0.25.0 -- 2022-09-10

Bug Fixes

#469: Fix incorrect parsing of CDATA and comments when using buffered readers

Misc Changes

#468: Content of DeError::Unsupported changed from &'static str to Cow<'static, str>

#468: Ensure that map keys are restricted to only types that can be serialized as primitives

#468: tafia/quick-xml#468 #469: tafia/quick-xml#469

0.24.1 -- 2022-09-10

Bug Fixes

#469: Fix incorrect parsing of CDATA and comments when using buffered readers

#469: tafia/quick-xml#469

0.24.0 -- 2022-08-28

New Features

#387: Allow overlapping between elements of sequence and other elements (using new feature overlapped-lists)

#393: New module name with QName, LocalName, Namespace, Prefix and PrefixDeclaration wrappers around byte arrays and ResolveResult with the result of namespace resolution

#180: Make Decoder struct public. You already had access to it via the Reader::decoder() method, but could not name it in the code. Now the preferred way to access decoding functionality is via this struct

#395: Add support for XML Schema xs:list

#324: Reader::from_str / Deserializer::from_str / from_str now ignore the XML declared encoding and always use UTF-8

#416: Add borrow() methods in all event structs which allows to get a borrowed version of any event

#437: Split out namespace reading functionality to a dedicated NsReader, namely:

Old function in Reader New function in NsReader

read_event -- borrow from input

read_resolved_event -- borrow from input

read_event_into

read_namespaced_event read_resolved_event_into

resolve

event_namespace resolve_element

attribute_namespace resolve_attribute

#439: Added utilities detect_encoding() and decode() under the quick-xml::encoding namespace.

Old function in `Reader`	New function in `NsReader`
	`read_event` -- borrow from input
	`read_resolved_event` -- borrow from input
	`read_event_into`
`read_namespaced_event`	`read_resolved_event_into`
	`resolve`
`event_namespace`	`resolve_element`
`attribute_namespace`	`resolve_attribute`

... (truncated)

Commits

d710eba Release 0.25.0
a10b1c3 Merge pull request #471 from Mingun/fix-buffered-parsing
75823d5 Fix incorrect reading of CDATA and comments when end sequence crosses the bou...
e052a46 Add tests for #469
f8b292b Merge pull request #468 from Mingun/ser-tests
b2d57e6 Ensure that map keys are restricted to only types that can be serialized as p...
0336dcb Change DeError::Unsupported to store Cow instead of plain &str
6043d57 Add a special cases of structs: Empty and with $value field
49d918d Rewrite tests using macros
06ef1fc Move all "new" tests into with_root module
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

dependencies

opened by dependabot[bot] 7

Fix bad error response when manifest is stripped
Changes in this pull request

Fix bad error code when manifest is stripped and XMP reference is present

Checklist

[x] This PR represents a single feature, fix, or change.

[x] All applicable changes have been documented.

[x] Any TO DO items (or similar) have been entered as GitHub issues and the link to that issue has been included in a comment.
opened by mauricefisher64 6
Request: Generalize support for a remote manifest store URI reference
I've been working through the SDK and understanding the layout as well as learning the C2PA specification, so please bear with me if I misunderstand any of the fundamentals or fumble with the terminology.

From what I have observed, the start_save function in the store module writes a manifest store, a reference URI to a manifest store, or both to an asset. Due to the use of the embedded_xmp module, it's currently tied to embedding a remote manifest store URI to specific file formats like JPEG and PNG, which support XMP, limiting its reusability.

To address this, the embedding of remote manifest store URIs could be abstracted into a separate trait that defines methods for writing asset references. This approach is similar to defining IO traits in the asset_io module. I think this would also start to move in the right direction of supporting remote references for streaming (i.e. start_save_stream) assets too. For example, could have a ManifestUriRef trait defined in asset_io:

/// Interface for supporting a URI reference to an active manifest. pub trait ManifestUriRef { /// Add the URI for the active manifest for the file. /// /// ## Arguments /// - `asset_path`: Path to the asset to add the URI reference to /// - `manifest_uri`: A valid URI to the active manifest fn add_manifest_uri_to_file(&self, asset_path: &Path, manifest_uri: &str) -> Result<()>; /// Removes the URI for the active manifest for the file. /// /// ## Arguments /// - `asset_path`: Path to the asset to add the URI reference to fn remove_manifest_uri_from_file(&self, asset_path: &Path) -> Result<()>; } pub fn get_manifest_ref(ext: &str) -> Result<Box<dyn ManifestUriRef>> { let ext = ext.to_ascii_lowercase(); match ext.as_ref() { "jpg" | "jpeg" => Ok(Box::new(JpegIO {})), "png" => Ok(Box::new(PngIO{})), "tif" | "tiff" | "dng" => Ok(Box::new(TiffIO{})), _ => Err(crate::error::Error::RemoteManifestNotSupported), } }

The embedded_xmp functionality can then be implemented as a concrete implementation of the trait for image file formats like JPEG and PNG. This would make the start_save function more flexible and modular, enabling it to work with various file formats. For example the JpegIO struct could implement as follows:

impl ManifestUriRef for JpegIO { fn add_manifest_uri_to_file(&self, asset_path: &Path, manifest_uri: &str) -> Result<()> { #[cfg(feature="xmp_write")] { add_manifest_uri_to_file(asset_path, manifest_uri) } #[cfg(not(feature = "xmp_write"))] { Err(crate::error::Error::MissingFeature("xmp_write")) } } fn remove_manifest_uri_from_file(&self, _asset_path: &Path) -> Result<()> { todo!() } }

This would allow for the store::start_save to write the remote reference cleaner:

crate::claim::RemoteManifest::EmbedWithRemote(_url) => { get_manifest_ref(&ext)?.add_manifest_uri_to_file(dest_path, &_url)?; dest_path.to_path_buf() }

Overall, the point is abstracting this part of the code would improve code maintainability and extensibility by separating concerns and enabling reuse of functionality. The sample code provided was just to provide context, there may be a better way to implement said suggestions.
opened by brogdonm 5
Visualizations
Changes in this pull request

Improve SDK with new visualizations for tree view of manifest and the ability to dump the certificate chain for the active manifest. Also include the new capability to remove manifests.

Checklist

[x] This PR represents a single feature, fix, or change.

[x] All applicable changes have been documented.

[x] Any TO DO items (or similar) have been entered as GitHub issues and the link to that issue has been included in a comment.
opened by mauricefisher64 5

Bad example in Crate docs, `from_file` not implemented in ManifestStore

Hi, while going through the example in https://docs.rs/c2pa/latest/c2pa/#example-reading-a-manifeststore
Am getting not implemented error (E0599)

error[E0599]: no function or associated item named `from_file` found for struct `ManifestStore` in the current scope
 --> src/main.rs:4:41
  |
4 |     let manifest_store = ManifestStore::from_file("tests/fixtures/C.jpg")?;
  |                                         ^^^^^^^^^ function or associated item not found in `ManifestStore`

My cargo.toml file

[dependencies]
c2pa = "0.11.0"

opened by ronald-das 5

Self-signed ECDSA certificate is not accepted
Attached file is failing with "explanation": "certificate params incorrect", but I'm not clear why that is

it's an EC key using prime256v1, self-signed with SHA256+ECDSA

the public key parameters are set (I assume, from the message, that this is the failure, but as it's just the curve I can't see how)

keyUsage and extendedKeyUsage are both set

it has no AuthorityKeyIdentifier because it's self-signed

As far as I can see, other than being self-signed it's structurally identical to the key from truepic-20230212-library.jpg from the public repository
opened by faceless2 4
(IGNORE) Disable cargo-semver-checks step

Looks like there's a compatibility issue that needs resolving in cargo-semver-check crate.

Restore when https://github.com/obi1kenobi/cargo-semver-check/issues/122 is fixed.

opened by scouten-adobe 4
(MINOR) Move crate-level functions for creating signers to new public `create_signer` mod
Changes in this pull request

~~Turns out it is legal in Rust to publicly export a function as a top-level entity in a crate, but such a function does not appear in the documentation for the crate.~~

~~For that reason, we're moving the get_signer and get_signer_from_files functions into a new create_signer module.~~

(Update: This turned out to be an incorrect assumption on my part, but we've decided to make this change anyway because the docs are easier to comprehend in the new format.)

Checklist

[x] This PR represents a single feature, fix, or change.

[x] All applicable changes have been documented.

[x] Any TO DO items (or similar) have been entered as GitHub issues and the link to that issue has been included in a comment.
opened by scouten-adobe 4
Can`t verify generated images

Hello!

I tried to verify test image (attached to issue) generated by your`s library on this verification site. But it failed in case of unavailable image content credentials (screenshot attached bellow). But image verified by c2pa-tool (v 0.2.0, from this project) successfully. Could you say what side is getting wrong: verification site or this project?

opened by StarodubtsevDV 4
Riff streaming support
Changes in this pull request

Support for RIFF streaming write. XMP support for RIFF. Format compatibility changes.

Checklist

[x] This PR represents a single feature, fix, or change.

[x] All applicable changes have been documented.

[x] Any TO DO items (or similar) have been entered as GitHub issues and the link to that issue has been included in a comment.
opened by mauricefisher64 3
Update half requirement from <2.3.0, < 3 to <2.4.0, < 3 in /make_test_images
Updates the requirements on half to permit the latest version.

Release notes

Sourced from half's releases.

2.2.1

Changed

Reduced unnecessary bounds checks for SIMD operations on slices. By @Shnatsel.

Further slice conversion optimizations for slices. Resolves #66.

Changelog

Sourced from half's changelog.

[2.2.1] - 2023-01-08

Changed

Reduced unnecessary bounds checks for SIMD operations on slices. By [@Shnatsel].

Further slice conversion optimizations for slices. Resolves #66.

[2.2.0] - 2022-12-30

Added

Add serialize_as_f32 and serialize_as_string functions when serde cargo feature is enabled. They allowing customizing the serialization by using #[serde(serialize_with="f16::serialize_as_f32")] attribute in serde derive macros. Closes #60.

Deserialize now supports deserializing from f32, f64, and string values in addition to its previous default deserialization. Closes #60.

Changed

Add #[inline] on fallback functions, which improved conversion execution on non-nightly rust by up to 50%. By [@Shnatsel].

[2.1.0] - 2022-07-18

Added

Add support for target_arch spirv. Some traits and functions are unavailble on this architecture. By [@charles-r-earp].

Add total_cmp method to both float types. Closes #55, by [@joseluis].

[2.0.0] - 2022-06-21

Changed

Breaking Change Minimum supported Rust version is now 1.58.

Breaking Change std is now enabled as a default cargo feature. Disable default features to continue using no_std support.

Migrated to Rust Edition 2021.

Added #[must_use] attributes to functions, as appropriate.

Fixed

Fix a soundness bug with slice::as_ptr not correctly using mutable reference. By [@Nilstrieb].

Added

Added const conversion methods to both f16 and bf16. These methods never use hardware intrinsics, unlike the current conversion methods, which is why they are separated into new methods. The following const methods were added:

from_f32_const

from_f64_const

to_f32_const

to_f64_const

Added Neg trait support for borrowed values &f16 and &bf16. By [@pthariensflame].

Added AsPrimitive implementations from and to self, usize, and isize. By [@kali].

Removed

Breaking Change The deprecated serialize cargo feature has been removed. Use serde cargo feature instead.

Breaking Change The deprecated consts module has been removed. Use associated constants on f16 instead.

... (truncated)

Commits

4c56dab bump version to 2.2.1

6fefe28 Fix AArch64 CI

b68c11d Fix AArch64 CI

3503961 Fix AArch64 CI

43ebb6b Fix AArch64 CI

f17f1ad Fix AArch64 CI

ad60cbe Fix AArch64 CI

a5a31d9 Add AArch64 build target to CI

b8782c2 bump criterion dev dependency to 0.4

bc38c5b Optimize f16 slice conversion. Fixes #66

Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

dependencies
opened by dependabot[bot] 1
Update riff requirement from 1.0.1 to 2.0.0 in /sdk
Updates the requirements on riff to permit the latest version.

Commits

See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

dependencies
opened by dependabot[bot] 0
Abstract use of instance/document IDs and provenance for ingredient use
Currently, the SDK relies on assets to support XMP to properly be an ingredient. Since not all assets support XMP, would be beneficial to abstract this behavior, to allow for:

Optional method for getting a new ID to use for instance/document ID

This would allow an asset to provide a customized ID instead of one with xmp:*

Setting an instance/document ID when signing an asset the first time

Getting an instance/document ID from an asset

Getting the provenance URI of a remote manifest

The ingredient.rs mod would be able to utilize these new methods to build out the ingredient information and would appropriately support remote manifests.
opened by brogdonm 1
Support writing manifest data to simple (PDF without incremental docs) PDFs
Changes in this pull request

This PR introduces the pdf_utils::Pdf struct and the pdf_utils::C2paPdf trait, public (to the crate), lopdf abstractions with functionality to read and write manifest data from PDFs. This code works against wasm and non-wasm targets.

I intend to add read support next, then round out the work with incremental update support. I opened this PR against origin/pdf instead of main as I want to get this in front of folks before getting to far and this work doesn't support reading manifests or incremental PDF updates.

Checklist

[x] This PR represents a single feature, fix, or change.

[x] All applicable changes have been documented.

[x] Any TO DO items (or similar) have been entered as GitHub issues and the link to that issue has been included in a comment.
opened by dyro 1
Update rsa requirement from 0.6.1 to 0.9.2 in /sdk
Updates the requirements on rsa to permit the latest version.

Changelog

Sourced from rsa's changelog.

0.9.2 (2023-05-08)

Fixed

pkcs1v15: have fmt impls call SignatureEncoding::to_bytes (#330)

#330: RustCrypto/RSA#330

0.9.1 (2023-05-03)

Fixed

Left pad signatures when encoding (#325)

#325: RustCrypto/RSA#325

0.9.0 (2023-04-27)

Added

Function to get salt length from RSA PSS keys (#277)

AssociatedAlgorithmIdentifier implementation (#278)

Random key generation for pss::BlindedSigningKey (#295)

Impl Signer for pss::SigningKey (#297)

Impl core::hash::Hash for RsaPrivateKey (#308)

Impl ZeroizeOnDrop for RsaPrivateKey, SigningKey, DecryptingKey (#311)

u64_digit feature; on-by-default (#313)

AsRef<RsaPublicKey> impl on RsaPrivateKey (#317)

Changed

Use namespaced features for serde (#268)

Bump pkcs1 to v0.7, pkcs8 to v0.10; MSRV 1.65 (#270)

Rename PKCS#1v1.5 *_with_prefix methods (#290)

SigningKey::new => SigningKey::new_unprefixed

SigningKey::new_with_prefix => SigningKey::new

VerifyingKey::new => VerifyingKey::new_unprefixed

VerifyingKey::new_with_prefix => VerifyingKey::new

Rename Pkcs1v15Sign::new_raw to Pkcs1v15Sign::new_unprefixed (#293)

Use digest output size as default PSS salt length (#294)

Specify salt_len when verifying PSS signatures (#294)

Ensure signatures have the expected length and don't overflow the modulus (#306)

Improved public key checks (#307)

Rename CRTValue => CrtValue (#314)

Traits under padding module now located under traits module (#315)

PublicKeyParts/PrivateKeyParts now located under traits module (#315)

Removed

"Unsalted" PSS support (#294)

EncryptionPrimitive/DecriptionPrimitive traits (#300)

PublicKey/PrivateKey traits (#300)

Zeroize impl on RsaPrivateKey; automatically zeroized on drop (#311)

Deref<Target=RsaPublicKey> impl on RsaPrivateKey; use AsRef instead (#317)

#268: RustCrypto/RSA#268 #270: RustCrypto/RSA#270 #277: RustCrypto/RSA#277

... (truncated)

Commits

dfa23bc v0.9.2 (#331)

09254b0 pkcs1v15: have fmt impls call SignatureEncoding::to_bytes (#330)

7a58281 Adds support for the SignatureBitStringEncoding trait (#328)

d61b501 v0.9.1 (#327)

1d1037b Initial proptests (#326)

53bb256 Left pad signatures when encoding (#325)

94856ec pkcs1v15: note RSASSA-PKCS1-v1_5 in docs (#324)

901765d build(deps): bump sha3 from 0.10.6 to 0.10.7 (#321)

cbf6685 build(deps): bump hex-literal from 0.3.4 to 0.4.1 (#319)

f63290f build(deps): bump signature from 2.0.0 to 2.1.0 (#320)

Additional commits viewable in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

> **Note** > Automatic rebases have been disabled on this pull request as it has been open for over 30 days. dependencies
opened by dependabot[bot] 1
Update spki requirement from 0.6.0 to 0.7.2 in /sdk
Updates the requirements on spki to permit the latest version.

Commits

ade4dc3 spki: 0.7.2 (#1049)

82a6ed5 spki: Adds a SignatureBitStringEncoding trait (#1047)

476d1a0 cms v0.2.1 (#1044)

4e298da x509-cert: fixup usage of ecdsa signer (#1043)

80c2c12 x509-cert: fixup CI flakiness (#1042)

664ee44 x509-cert: v0.2.2-pre (#1039)

2030132 x509-cert: adds a CertReq builder (#1034)

91b951d der: fix off-by-one error in BMPString tag (#1037)

79585b3 x509-cert: adds conversion from std::net::IpAddr (#1035)

3d7a110 chore(deps): bump rsa from 0.9.0-pre.2 to 0.9.0 (#1033)

Additional commits viewable in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

> **Note** > Automatic rebases have been disabled on this pull request as it has been open for over 30 days. dependencies
opened by dependabot[bot] 1

Releases(v0.25.0)

v0.25.0(Jul 14, 2023)
(MINOR) User, UserCbor and Uuid assertions removed from SDK (#141)

Fix for #195 make_test_images missing ingredient references (#254)

Return ResourceNotFound instead of NotFound for resource get (#279)

(MINOR) Minor improvements for Wasm and Node.js interoperability (#276)

Fix iloc extent_offsets when offset_size is 0 (#277)

(MINOR) Converts DataHash and BoxHash methods to use RemoteSigner instead of AsyncSigner (#280)

(MINOR) Embeddable manifest support (#266)

Repair CI tests (#278)

Source code(tar.gz)
Source code(zip)
v0.24.0(Jun 21, 2023)
(MINOR) force minor version change (#273)

Source code(tar.gz)
Source code(zip)
v0.23.3(Jun 21, 2023)
Bump minor version and update README.md (#272)

Updates (#270)

Add Send to CAIRead trait so that it can be used across threads (#271)

Generate old COSE headers for temporary backwards support (#269)

Source code(tar.gz)
Source code(zip)
v0.23.2(Jun 19, 2023)
Fix for returning input stream data when using embed_from_memory (#268)

Source code(tar.gz)
Source code(zip)
v0.23.1(Jun 13, 2023)
Remove no-default ci test (#259)

includes the cert serial number in the ValidationInfo output (#263)

adds ManifestStoreReport::cert_chain (#265)

Update Timestamp message imprint to include entire protected header (#264)

Source code(tar.gz)
Source code(zip)
v0.23.0(Jun 9, 2023)
Box hash support (#261)

Fix timestamp Accuracy decoding (#262)

Make remote manifest handling consistent across input types (#260)

(MINOR) Support for Ingredients V2 and Actions V2 (#258)

Generate and validate 1.3 Cose signatures (#256)

Add type exports via JSON Schema (#255)

Bmff v2 (#251)

Source code(tar.gz)
Source code(zip)
v0.22.0(May 18, 2023)
(MINOR) Improved Remote Manifest handling (#250)

Riff streaming support (#248)

Source code(tar.gz)
Source code(zip)
v0.21.0(May 4, 2023)
(MINOR) Added ResourceNotFound error (#244)

Source code(tar.gz)
Source code(zip)
v0.20.3(May 3, 2023)
backed out calls to set_memory_thumbnail (#243)

Revert "backed out calls to set_memory_thumbnail"

backed out calls to set_memory_thumbnail This was causing thumbnail files to not be generated.

Source code(tar.gz)
Source code(zip)
v0.20.2(Apr 24, 2023)
Fixes bug in Ingredient_from_stream_info (#241)

Source code(tar.gz)
Source code(zip)
v0.20.1(Apr 20, 2023)
Ingredient async and thumbnail support (#240)

Update actix requirement from 0.11.0 to 0.13.0 in /sdk (#209)

Update uuid requirement from 0.8.1 to 1.3.1 in /sdk (#237)

Upgrade x509-parser to 0.15.0 (#229)

Add support for ARM on Linux (#233)

Source code(tar.gz)
Source code(zip)
v0.20.0(Apr 5, 2023)
(MINOR) SVG support (#226)

(MINOR) Update several X509-related crate dependencies (#225)

Update thiserror to 1.0.40 in /sdk (#223)

Avoid chrono's transitive dependency on time crate (#222)

Require openssl >0.10.48 to address multiple RUSTSEC warnings (#221)

Apply code format to doc comments (#220)

Source code(tar.gz)
Source code(zip)
v0.19.1(Mar 28, 2023)
Update README (#215)

Source code(tar.gz)
Source code(zip)
v0.19.0(Mar 23, 2023)
Makefile update (#213)

Streaming enhancement (#212)

Adds base_path_take to ResourceStore (#205)

Add write support for HEIC, HEIF, AVIF (#210)

(MINOR) Riff support with refactored AssetIO (#203)

(MINOR) Resource format and is_parent / relationship changes (#202)

Fix hash algo warning in Wasm and hashing for RSA-PSS SHA-384/512 (#206)

Derive impl of Default for Relationship enum (#204)

Source code(tar.gz)
Source code(zip)
v0.18.1(Mar 8, 2023)
Update Validation Status codes (#200)

Fix async path to support ingredient box hashing (#201)

Source code(tar.gz)
Source code(zip)
v0.18.0(Mar 2, 2023)
Fix issue where value was inadvertently included in Exclusion structure (#197)

(MINOR) Bump MSRV to 1.63.0 (#198)

Fixed unit test failure (invalid unique name generation). (#190)

Source code(tar.gz)
Source code(zip)
v0.17.0(Feb 22, 2023)
Disable mdat exclusion (#187)

Bmff v2 (#186)

Fix for using non-c2pa segment when add required segments (#185)

Update Ingredient and VC hashes to 1.2 spec (#184)

(MINOR) Create a ResourceStore for binary assets (#180)

Fix Clippy warnings from new Rust 1.67 (#182)

Visualizations (#163)

Source code(tar.gz)
Source code(zip)
v0.16.1(Dec 19, 2022)
Update xmp-toolkit from 0.6.0 to 1.0.0 (#165)

Prepare 0.16.1 release

Address new Clippy warnings for Rust 1.66 (#164)

Create external manifests for unknown types (#162)

Source code(tar.gz)
Source code(zip)
v0.16.0(Dec 3, 2022)
Updates some cargo dependencies (#159)

makes manifest#add_redaction public; adds test (#156)

Fixes support for instanceId on action and generate parameters.ingredient field when possible (#158)

Support digitalSourceType field in Action (#154)

(MINOR) Add sign feature for signing manifests without file I/O (#125)

TIFF/DNG support (#152)

Source code(tar.gz)
Source code(zip)
v0.15.0(Nov 9, 2022)
Fix bad error response when manifest is stripped (#153)

(MINOR) Bump MSRV to 1.61 (#142)

Fix new Clippy warnings generated by Rust 1.65 (#151)

Build infrastructure improvements (#150)

Fix manifest.set_thumbnail when add_thumbnails is enabled (#148)

Fix for XMP links being mistaken for remote URLs (#147)

Upgrade xmp_toolkit to 0.6.0 (#146)

create jpeg thumbnails for pngs without alpha (#145)

Add test_embed_with_ingredient_err (#134)

Source code(tar.gz)
Source code(zip)
v0.14.1(Oct 4, 2022)
Add homepage and repository links to crates.io (#132)

Add Exif Assertion support (#140)

Source code(tar.gz)
Source code(zip)
v0.14.0(Sep 23, 2022)
(MINOR) Remove previously embedded manifests for remote manifests (#136)

(MINOR) Add support for manifest removal (#123)

Source code(tar.gz)
Source code(zip)
v0.13.2(Sep 21, 2022)
manifest_data was missing for remote manifests (#135)

Source code(tar.gz)
Source code(zip)
v0.13.1(Sep 13, 2022)
Add ManifestStore::from_manifest_and_asset_bytes_async (#130)

Source code(tar.gz)
Source code(zip)
v0.13.0(Aug 26, 2022)
Add RemoteManifestUrl Error, returning url (#120)

Convert status_log error val to a string so that we can return full errors (#121)

Report failures from remote manifest fetch (#116)

Fast XMP extraction from PNG (#117)

Bump MSRV to 1.59.0 (#118)

Make sure there is a single manifest store in the asset (#114)

(MINOR) Switch to "lib" for crate-type (#113)

Source code(tar.gz)
Source code(zip)
v0.12.0(Aug 16, 2022)
Update C2PA manifest store mime type (#112)

Updates Manifest API to support remote and external manifests (#107)

Support validating remote and external manifest stores (#108)

Fix build error when xmp_write is not defined (#105)

Fix box order for BMFF (#104)

Added support for external manifests (#101)

Source code(tar.gz)
Source code(zip)
v0.11.3(Aug 3, 2022)
Remove inadvertent 1.0.0 release from changelog (#97)

Source code(tar.gz)
Source code(zip)
v0.11.1(Aug 1, 2022)
Bug fix: Ingredients with valid claims not reporting correct thumbnails (#94)

Update make_test_images to use timestamp authority (#90)

Fix bad response for case when there is no timestamp (#89)

Source code(tar.gz)
Source code(zip)
v0.11.0(Jul 21, 2022)
(MINOR) PR #87 should have been flagged for breaking API compatibility (#88)

Add support for remotely generated CoseSign1 signatures (#87)

Optimize performance of large assets (#84)

Source code(tar.gz)
Source code(zip)
v0.10.0(Jul 20, 2022)
Add Unicode license to allow-list (#85)

(MINOR) IngredientOptions allow override of hash and thumbnail generation; image library is now a default feature (#79)

Source code(tar.gz)
Source code(zip)