Manifest Builder and Claim.v2 Support Abt. Assertions #20
Description
Thank you for your work on this project.
Is there an estimated timeline for when the Manifest Builder API will be released?
In the meantime, I am building my own manifests and am experiencing difficulty differentiating between claim assertions and gathered assertions. The library appears to automatically determine the assertion type, and despite multiple attempts, I have been unable to explicitly mark certain assertions as claimed.
This makes it unclear how assertion classification is intended to be controlled when constructing manifests.
Questions:
Is there a supported way to explicitly define an assertion as a claim assertion?
Is this behavior expected by design?
Will upcoming documentation or the Manifest Builder API address this distinction?
Any clarification would be appreciated. Thank you.
Example manifest given to builder:
{
"claim_generator_info": [
{
"name": "test",
"version": "1.8.9"
}
],
"assertions": [
{
"label": "c2pa.actions.v2",
"data": {
"actions": [
{
"action": "c2pa.created",
"digitalSourceType": "http://cv.iptc.org/newscodes/digitalsourcetype/digitalCapture"
}
]
}
},
{
"label": "com.test.private_device_info",
"data": {
"device_id_enc": "YeY0iGEyFmExX43hueKAUuLAxpBl0LtmbU3E7aIRVDCGCqJmkQ0CwbX9uFDqRKS/+WIbUu95X6zVkLxuFB/Vk+2LwkOTC7AsCsG2YSYz0eL+ZLDQRW2BIalVFCEhM35qvgZoUxlDd5bysPZeAw827jt3FttcQqsrj8z+/3T3zLaFEeOUuN4Xs4HbUUqrcYSedHa6Q49o/t682JcKPRSSRqlWGjJ39k7Y0jFjs2NEivTAvYPe+T424UlsE5rfvgw4OcxePXU/W79cgJr3j2jnHIRZiWrQYuAULL/Bs4Xz1F5XrmAvMJljpErquwvPhB/MSWUCEO5ZlPOjpEFsT4vLaw=="
},
"private": true
}
]
}
Actual manifest of the content:
{
"active_manifest": "urn:c2pa:76d0a5f3-3891-4b3b-87c9-f49c3c87a319",
"manifests": {
"urn:c2pa:76d0a5f3-3891-4b3b-87c9-f49c3c87a319": {
"claim": {
"instanceID": "xmp:iid:7928045a-6a66-4291-894e-c7198a04fc88",
"claim_generator_info": {
"name": "test",
"version": "1.8.9",
"org.contentauth.c2pa_rs": "0.73.1"
},
"signature": "self#jumbf=/c2pa/urn:c2pa:76d0a5f3-3891-4b3b-87c9-f49c3c87a319/c2pa.signature",
"created_assertions": [
{
"url": "self#jumbf=c2pa.assertions/c2pa.hash.data",
"hash": "5/UBrcRBLi9kly/v1GpTTi2NDePe7rGUS2bOk5ORgAY="
}
],
"gathered_assertions": [
{
"url": "self#jumbf=c2pa.assertions/c2pa.thumbnail.claim",
"hash": "hA/kr9ZyBQUKu2aB211mVQuY4FedeOp70TXyzqtQCEM="
},
{
"url": "self#jumbf=c2pa.assertions/c2pa.actions.v2",
"hash": "QsL2Cd7gm754sR0MRGD6UIXXeOczZufj4gW9++VfQeo="
},
{
"url": "self#jumbf=c2pa.assertions/com.test.private_device_info",
"hash": "B9zE581SNbgSkiQCTStxiRKeiC3mtUHu+wk8Gdr9JRA="
}
],
"alg": "sha256"
},
"assertion_store": {
"c2pa.actions.v2": {
"actions": [
{
"action": "c2pa.created",
"digitalSourceType": "http://cv.iptc.org/newscodes/digitalsourcetype/digitalCapture"
}
]
},
"c2pa.thumbnail.claim": "<omitted> len = 150121",
"com.test.private_device_info": {
"device_id_enc": "YeY0iGEyFmExX43hueKAUuLAxpBl0LtmbU3E7aIRVDCGCqJmkQ0CwbX9uFDqRKS/+WIbUu95X6zVkLxuFB/Vk+2LwkOTC7AsCsG2YSYz0eL+ZLDQRW2BIalVFCEhM35qvgZoUxlDd5bysPZeAw827jt3FttcQqsrj8z+/3T3zLaFEeOUuN4Xs4HbUUqrcYSedHa6Q49o/t682JcKPRSSRqlWGjJ39k7Y0jFjs2NEivTAvYPe+T424UlsE5rfvgw4OcxePXU/W79cgJr3j2jnHIRZiWrQYuAULL/Bs4Xz1F5XrmAvMJljpErquwvPhB/MSWUCEO5ZlPOjpEFsT4vLaw=="
},
"c2pa.hash.data": {
"exclusions": [
{
"start": 3209,
"length": 165636
}
],
"name": "jumbf manifest",
"alg": "sha256",
"hash": "bLE2RnR2JixxRcGIkpNNGx7hEijl7Ifb5Awm6vPZMxs=",
"pad": "AAAAAAAAAA=="
}
},
"signature": {
"alg": "es256",
"issuer": "Test",
"common_name": "Test"
}
}
},
"validation_results": {
"activeManifest": {
"success": [
{
"code": "claimSignature.insideValidity",
"url": "self#jumbf=/c2pa/urn:c2pa:76d0a5f3-3891-4b3b-87c9-f49c3c87a319/c2pa.signature",
"explanation": "claim signature valid"
},
{
"code": "claimSignature.validated",
"url": "self#jumbf=/c2pa/urn:c2pa:76d0a5f3-3891-4b3b-87c9-f49c3c87a319/c2pa.signature",
"explanation": "claim signature valid"
},
{
"code": "assertion.hashedURI.match",
"url": "self#jumbf=/c2pa/urn:c2pa:76d0a5f3-3891-4b3b-87c9-f49c3c87a319/c2pa.assertions/c2pa.hash.data",
"explanation": "hashed uri matched: self#jumbf=c2pa.assertions/c2pa.hash.data"
},
{
"code": "assertion.hashedURI.match",
"url": "self#jumbf=/c2pa/urn:c2pa:76d0a5f3-3891-4b3b-87c9-f49c3c87a319/c2pa.assertions/c2pa.thumbnail.claim",
"explanation": "hashed uri matched: self#jumbf=c2pa.assertions/c2pa.thumbnail.claim"
},
{
"code": "assertion.hashedURI.match",
"url": "self#jumbf=/c2pa/urn:c2pa:76d0a5f3-3891-4b3b-87c9-f49c3c87a319/c2pa.assertions/c2pa.actions.v2",
"explanation": "hashed uri matched: self#jumbf=c2pa.assertions/c2pa.actions.v2"
},
{
"code": "assertion.hashedURI.match",
"url": "self#jumbf=/c2pa/urn:c2pa:76d0a5f3-3891-4b3b-87c9-f49c3c87a319/c2pa.assertions/com.test.private_device_info",
"explanation": "hashed uri matched: self#jumbf=c2pa.assertions/com.test.private_device_info"
},
{
"code": "assertion.dataHash.match",
"url": "self#jumbf=/c2pa/urn:c2pa:76d0a5f3-3891-4b3b-87c9-f49c3c87a319/c2pa.assertions/c2pa.hash.data",
"explanation": "data hash valid"
}
],
"informational": [],
"failure": [
{
"code": "signingCredential.untrusted",
"url": "self#jumbf=/c2pa/urn:c2pa:76d0a5f3-3891-4b3b-87c9-f49c3c87a319/c2pa.signature",
"explanation": "signing certificate untrusted"
}
]
}
},
"validation_state": "Invalid"
}