fix: More docs, and readme for examples

tmathern · tmathern · commit 09030d4adc3c · 2025-06-17T11:03:51.000-07:00
diff --git a/docs/usage.md b/docs/usage.md
@@ -2,18 +2,20 @@
 
 This package works with media files in the [supported formats](https://github.com/contentauth/c2pa-rs/blob/main/docs/supported-formats.md).
 
+> **Note**: For complete working examples, see the [examples folder](https://github.com/contentauth/c2pa-python/tree/main/examples) in the repository.
+
 ## Import
 
-Import the API as follows:
+Import the API:
 
 ```py
-from c2pa import *
+from c2pa import Builder, Reader, Signer, C2paSigningAlg, C2paSignerInfo
 ```
 
 ## Define manifest JSON
 
 The Python library works with both file-based and stream-based operations.
-In both cases, the manifest JSON string defines the C2PA manifest to add to an asset; for example:
+In both cases, the manifest JSON string defines the C2PA manifest to add to an asset. For example:
 
 ```py
 manifest_json = json.dumps({
@@ -34,58 +36,33 @@ manifest_json = json.dumps({
  })
 ```
 
-## Signing function
-
-The `sign_ps256` function is [defined in the library](https://github.com/contentauth/c2pa-python/blob/main/c2pa/c2pa_api/c2pa_api.py#L244) and  used in both file-based and stream-based methods. It's reproduced here to show how signing is performed.
-
-```py
-# Example of using Python crypto to sign data using openssl with Ps256
-from cryptography.hazmat.primitives import hashes, serialization
-from cryptography.hazmat.primitives.asymmetric import padding
-
-def sign_ps256(data: bytes, key: bytes) -> bytes:
-    private_key = serialization.load_pem_private_key(
-        key,
-        password=None,
-    )
-    signature = private_key.sign(
-        data,
-        padding.PSS(
-            mgf=padding.MGF1(hashes.SHA256()),
-            salt_length=padding.PSS.MAX_LENGTH
-        ),
-        hashes.SHA256()
-    )
-    return signature
-```
-
 ## File-based operation
 
 ### Read and validate C2PA data
 
-Use the `Reader` to read C2PA data from the specified asset file. 
+Use the `Reader` to read C2PA data from the specified asset file.
 
 This examines the specified media file for C2PA data and generates a report of any data it finds. If there are validation errors, the report includes a `validation_status` field.
 
-An asset file may contain many manifests in a manifest store. The most recent manifest is identified by the value of the `active_manifest` field in the manifests map. The manifests may contain binary resources such as thumbnails which can be retrieved with `resource_to_stream` or `resource_to_file` using the associated `identifier` field values and a `uri`.
+An asset file may contain many manifests in a manifest store. The most recent manifest is identified by the value of the `active_manifest` field in the manifests map. The manifests may contain binary resources such as thumbnails which can be retrieved with `resource_to_stream` using the associated `identifier` field values and a `uri`.
 
 NOTE: For a comprehensive reference to the JSON manifest structure, see the [Manifest store reference](https://opensource.contentauthenticity.org/docs/manifest/manifest-ref).
 
 ```py
 try:
-  # Create a reader from a file path
-  reader = c2pa.Reader.from_file("path/to/media_file.jpg")
-
-  # Print the JSON for a manifest. 
-  print("Manifest store:", reader.json())
-
-  # Get the active manifest.
-  manifest = reader.get_active_manifest()
-  if manifest != None:
-
-    # get the uri to the manifest's thumbnail and write it to a file
-    uri = manifest["thumbnail"]["identifier"]
-    reader.resource_to_file(uri, "thumbnail_v2.jpg") 
+    # Create a reader from a file path
+    with Reader("path/to/media_file.jpg") as reader:
+        # Print the JSON for a manifest.
+        print("Manifest store:", reader.json())
+
+        # Get the active manifest.
+        manifest = json.loads(reader.json())
+        active_manifest = manifest["manifests"][manifest["active_manifest"]]
+        if active_manifest:
+            # get the uri to the manifest's thumbnail and write it to a file
+            uri = active_manifest["thumbnail"]["identifier"]
+            with open("thumbnail_v2.jpg", "wb") as f:
+                reader.resource_to_stream(uri, f)
 
 except Exception as err:
     print(err)
@@ -98,76 +75,68 @@ except Exception as err:
 Use a `Builder` to add a manifest to an asset:
 
 ```py
-def test_v2_sign(self):
-    # Define source folder for any assets being read.
-    data_dir = "tests/fixtures/"
-    try:
-        key = open(data_dir + "ps256.pem", "rb").read()
-        def sign(data: bytes) -> bytes:
-            return sign_ps256(data, key)
-
-        certs = open(data_dir + "ps256.pub", "rb").read()
-        # Create a local signer from a certificate pem file.
-        signer = create_signer(sign, SigningAlg.PS256, certs, "http://timestamp.digicert.com")
-
-        builder = Builder(manifest_def)
-
-        builder.add_ingredient_file(ingredient_def, data_dir + "A.jpg")
-
-        builder.add_resource_file("A.jpg", data_dir + "A.jpg")
-
-        builder.to_archive(open("target/archive.zip", "wb"))
-
-        builder = Builder.from_archive(open("target/archive.zip", "rb"))
-
-        with tempfile.TemporaryDirectory() as output_dir:
-            output_path = output_dir + "out.jpg"
-            if os.path.exists(output_path):
-                os.remove(output_path)
-            c2pa_data = builder.sign_file(signer, data_dir + "A.jpg", output_dir + "out.jpg")
-            assert len(c2pa_data) > 0
-
-        reader = Reader.from_file(output_dir + "out.jpg")
-        print(reader.json())
-        manifest_store = json.loads(reader.json())
-        manifest = manifest_store["manifests"][manifest_store["active_manifest"]]
-        assert "python_test" in manifest["claim_generator"]
-        # Check custom title and format.
-        assert manifest["title"]== "My Title" 
-        assert manifest,["format"] == "image/jpeg"
-        # There should be no validation status errors.
-        assert manifest.get("validation_status") == None
-        assert manifest["ingredients"][0]["relationship"] == "parentOf"
-        assert manifest["ingredients"][0]["title"] == "A.jpg"
-
-    except Exception as e:
-        print("Failed to sign manifest store: " + str(e))
-        exit(1)
+try:
+    # Create a signer from certificate and key files
+    with open("path/to/cert.pem", "rb") as cert_file, open("path/to/key.pem", "rb") as key_file:
+        cert_data = cert_file.read()
+        key_data = key_file.read()
+
+        # Create signer info using cert and key info
+        signer_info = C2paSignerInfo(
+            alg=C2paSigningAlg.PS256,
+            cert=cert_data,
+            key=key_data,
+            timestamp_url="http://timestamp.digicert.com"
+        )
+
+        # Create signer using the defined SignerInfo
+        signer = Signer.from_info(signer_info)
+
+        # Create builder with manifest and add ingredients
+        with Builder(manifest_json) as builder:
+            # Add any ingredients if needed
+            with open("path/to/ingredient.jpg", "rb") as ingredient_file:
+                ingredient_json = json.dumps({"title": "Ingredient Image"})
+                builder.add_ingredient(ingredient_json, "image/jpeg", ingredient_file)
+
+            # Sign the file
+            with open("path/to/source.jpg", "rb") as source_file, open("path/to/output.jpg", "wb") as dest_file:
+                manifest_bytes = builder.sign(signer, "image/jpeg", source_file, dest_file)
+
+            # Verify the signed file
+        with Reader("path/to/output.jpg") as reader:
+            manifest_store = json.loads(reader.json())
+            active_manifest = manifest_store["manifests"][manifest_store["active_manifest"]]
+            print("Signed manifest:", active_manifest)
+
+except Exception as e:
+    print("Failed to sign manifest store: " + str(e))
 ```
 
 ## Stream-based operation
 
 Instead of working with files, you can read, validate, and add a signed manifest to streamed data.  This example code does the same thing as the file-based example.
 
-### Read and validate C2PA data
+### Read and validate C2PA data using streams
 
 ```py
 try:
-  # It's also possible to create a reader from a format and stream
-  # Note that these two readers are functionally equivalent
-  stream = open("path/to/media_file.jpg", "rb")
-  reader = c2pa.Reader("image/jpeg", stream)
-
-  # Print the JSON for a manifest. 
-  print("manifest store:", reader.json())
-
-  # Get the active manifest.
-  manifest = reader.get_active_manifest()
-  if manifest != None:
-
-    # get the uri to the manifest's thumbnail and write it to a file
-    uri = manifest["thumbnail"]["identifier"]
-    reader.resource_to_file(uri, "thumbnail_v2.jpg") 
+    # Create a reader from a format and stream
+    with open("path/to/media_file.jpg", "rb") as stream:
+        # First parameter can be mimetype or extension of the file
+        # But in any case we need something to identify the file type
+        with Reader("image/jpeg", stream) as reader:
+            # Print the JSON for a manifest.
+            print("manifest store:", reader.json())
+
+            # Get the active manifest.
+            manifest = json.loads(reader.json())
+            active_manifest = manifest["manifests"][manifest["active_manifest"]]
+            if active_manifest:
+                # get the uri to the manifest's thumbnail and write it to a file
+                uri = active_manifest["thumbnail"]["identifier"]
+                with open("thumbnail_v2.jpg", "wb") as f:
+                    reader.resource_to_stream(uri, f)
 
 except Exception as err:
     print(err)
@@ -180,39 +149,41 @@ except Exception as err:
 Use a `Builder` to add a manifest to an asset:
 
 ```py
-from c2pa import Builder, Error, Reader, SigningAlg, create_signer, sdk_version, sign_ps256, version
-...
-data_dir = "tests/fixtures/"
 try:
-    key = open(data_dir + "ps256.pem", "rb").read()
-    def sign(data: bytes) -> bytes:
-        return sign_ps256(data, key)
-
-    certs = open(data_dir + "ps256.pub", "rb").read()
-    # Create a local signer from a certificate pem file
-    signer = create_signer(sign, SigningAlg.PS256, certs, "http://timestamp.digicert.com")
-
-    builder = Builder(manifest_def)
-
-    builder.add_ingredient_file(ingredient_def, data_dir + "A.jpg")
-    builder.add_resource_file("A.jpg", data_dir + "A.jpg")
-    builder.to_archive(open("target/archive.zip", "wb"))
-    
-    builder = Builder.from_archive(open("target/archive.zip", "rb"))
-
-    with tempfile.TemporaryDirectory() as output_dir:
-        output_path = output_dir + "out.jpg"
-        if os.path.exists(output_path):
-            os.remove(output_path)
-        c2pa_data = builder.sign_file(signer, data_dir + "A.jpg", output_dir + "out.jpg")
-        assert len(c2pa_data) > 0
-
-    reader = Reader.from_file(output_dir + "out.jpg")
-    print(reader.json())
-    manifest_store = json.loads(reader.json())
-    manifest = manifest_store["manifests"][manifest_store["active_manifest"]]
+    # Create a signer from certificate and key files
+    with open("path/to/cert.pem", "rb") as cert_file, open("path/to/key.pem", "rb") as key_file:
+        cert_data = cert_file.read()
+        key_data = key_file.read()
+
+        # Create signer info
+        signer_info = C2paSignerInfo(
+            alg=C2paSigningAlg.PS256,
+            cert=cert_data,
+            key=key_data,
+            timestamp_url="http://timestamp.digicert.com"
+        )
+
+        # Create signer using the defined SignerInfo
+        signer = Signer.from_info(signer_info)
+
+        # Create builder with manifest and add ingredients
+        with Builder(manifest_json) as builder:
+            # Add any ingredients if needed
+            with open("path/to/ingredient.jpg", "rb") as ingredient_file:
+                ingredient_json = json.dumps({"title": "Ingredient Image"})
+                builder.add_ingredient(ingredient_json, "image/jpeg", ingredient_file)
+
+            # Sign using streams
+            with open("path/to/source.jpg", "rb") as source_file, open("path/to/output.jpg", "wb") as dest_file:
+                manifest_bytes = builder.sign(signer, "image/jpeg", source_file, dest_file)
+
+            # Verify the signed file
+            with open("path/to/output.jpg", "rb") as stream:
+                with Reader("image/jpeg", stream) as reader:
+                    manifest_store = json.loads(reader.json())
+                    active_manifest = manifest_store["manifests"][manifest_store["active_manifest"]]
+                    print("Signed manifest:", active_manifest)
 
 except Exception as e:
     print("Failed to sign manifest store: " + str(e))
-    exit(1)
- ```
+```
diff --git a/examples/README.md b/examples/README.md
@@ -0,0 +1,25 @@
+# Usage examples
+
+## Adding a "Do Not Train" Assertion
+
+The `examples/training.py` script demonstrates how to add a "Do Not Train" assertion to an asset and verify it.
+
+### Signing and Verifying Assets
+
+The `examples/sign.py` script shows how to sign an asset with a C2PA manifest and verify it.
+
+## Running the Examples
+
+To run the examples, make sure you have the c2pa-python package installed and you're in the root directory of the project. We recommend working using virtual environments (venv).
+
+Then you can run the examples with the following commands:
+
+```bash
+# Run the "Do Not Train" assertion example
+python examples/training.py
+
+# Run the signing and verification example
+python examples/sign.py
+```
+
+The examples will use test files from the `tests/fixtures` directory and output the results to the `output` directory. Read manifest store data will be shown in the console you run the examples from.
