Merge branch 'gpeacock/no_rust' into tran/test-coverage

Author: alextrnnn

.github/workflows/build-wheel.yml

@@ -16,6 +16,9 @@ on:
         required: true
         type: string
         default: 'ubuntu-latest'
+      c2pa-version:
+        required: true
+        type: string
     secrets:
       github-token:
         required: true
@@ -27,6 +30,7 @@ permissions:
 
 env:
   GITHUB_TOKEN: ${{ secrets.github-token }}
+  C2PA_VERSION: ${{ inputs.c2pa-version }}
 
 jobs:
   build:
@@ -59,7 +63,7 @@ jobs:
             cd /io &&
             /opt/python/cp310-cp310/bin/pip install -r requirements.txt -r requirements-dev.txt &&
             /opt/python/cp310-cp310/bin/pip install toml &&
-            C2PA_LIBS_PLATFORM=\"${{ inputs.architecture == 'aarch64' && 'aarch64-unknown-linux-gnu' || 'x86_64-unknown-linux-gnu' }}\" /opt/python/cp310-cp310/bin/python scripts/download_artifacts.py c2pa-v0.55.0 &&
+            C2PA_LIBS_PLATFORM=\"${{ inputs.architecture == 'aarch64' && 'aarch64-unknown-linux-gnu' || 'x86_64-unknown-linux-gnu' }}\" /opt/python/cp310-cp310/bin/python scripts/download_artifacts.py $C2PA_VERSION &&
             for PYBIN in /opt/python/cp3{10,11}-*/bin; do
               \${PYBIN}/pip install --upgrade pip wheel &&
               \${PYBIN}/pip install toml &&
@@ -92,7 +96,15 @@ jobs:
           pip install wheel
 
           # Download native artifacts
-          python scripts/download_artifacts.py c2pa-v0.55.0
+          Write-Host "Starting artifact download process..."
+          Write-Host "C2PA_VERSION: $env:C2PA_VERSION"
+
+          python scripts/download_artifacts.py "$env:C2PA_VERSION"
+
+          Write-Host "Artifacts directory contents:"
+          Get-ChildItem -Recurse -Path artifacts
+          Write-Host "src/c2pa/libs directory contents:"
+          Get-ChildItem -Recurse -Path src/c2pa/libs
 
           # Build wheel
           python setup.py bdist_wheel --plat-name win_amd64
@@ -111,7 +123,7 @@ jobs:
           pip install wheel
 
           # Download native artifacts
-          python scripts/download_artifacts.py c2pa-v0.55.0
+          python scripts/download_artifacts.py $C2PA_VERSION
 
           # Build wheel
           python setup.py bdist_wheel --plat-name macosx_11_0_arm64

.github/workflows/build.yml

@@ -25,8 +25,20 @@ permissions:
   actions: read
 
 jobs:
+  read-version:
+    name: Read C2PA version
+    runs-on: ubuntu-latest
+    outputs:
+      c2pa-native-version: ${{ steps.read-version.outputs.version }}
+    steps:
+      - uses: actions/checkout@v4
+      - name: Read version from file
+        id: read-version
+        run: echo "version=$(cat c2pa-native-version.txt | tr -d '\r\n')" >> $GITHUB_OUTPUT
+
   tests-unix:
     name: Unit tests for developer setup (Unix)
+    needs: read-version
     if: |
       github.event_name != 'pull_request' ||
       github.event.pull_request.author_association == 'COLLABORATOR' ||
@@ -69,7 +81,7 @@ jobs:
         run: |
           # Ensure the token is being used
           echo "Using GitHub token for authentication"
-          python3 scripts/download_artifacts.py c2pa-v0.55.0
+          python3 scripts/download_artifacts.py ${{ needs.read-version.outputs.c2pa-native-version }}
 
       - name: Install package in development mode
         run: |
@@ -85,6 +97,7 @@ jobs:
 
   tests-windows:
     name: Unit tests for developer setup (Windows)
+    needs: read-version
     if: |
       github.event_name != 'pull_request' ||
       github.event.pull_request.author_association == 'COLLABORATOR' ||
@@ -134,7 +147,7 @@ jobs:
         run: |
           # Ensure the token is being used
           echo "Using GitHub token for authentication"
-          python scripts\download_artifacts.py c2pa-v0.55.0
+          python scripts\download_artifacts.py ${{ needs.read-version.outputs.c2pa-native-version }}
 
       - name: Install package in development mode
         run: |
@@ -151,12 +164,13 @@ jobs:
   build-linux-wheel:
     name: Build Linux wheel
     uses: ./.github/workflows/build-wheel.yml
-    needs: tests-unix
+    needs: [tests-unix, read-version]
     with:
       python-version: "3.10"
       architecture: ${{ matrix.target }}
       artifact-name: wheels-linux-${{ matrix.target }}
       runs-on: ${{ matrix.runs-on }}
+      c2pa-version: ${{ needs.read-version.outputs.c2pa-native-version }}
     secrets:
       github-token: ${{ secrets.GITHUB_TOKEN }}
     strategy:
@@ -231,12 +245,13 @@ jobs:
   build-windows-wheel:
     name: Build Windows wheel
     uses: ./.github/workflows/build-wheel.yml
-    needs: tests-windows
+    needs: [tests-windows, read-version]
     with:
       python-version: "3.10"
       architecture: ${{ matrix.target }}
       artifact-name: wheels-windows-${{ matrix.target }}
       runs-on: windows-latest
+      c2pa-version: ${{ needs.read-version.outputs.c2pa-native-version }}
     secrets:
       github-token: ${{ secrets.GITHUB_TOKEN }}
     strategy:
@@ -309,11 +324,12 @@ jobs:
   build-macos-wheel:
     name: Build macOS wheel
     uses: ./.github/workflows/build-wheel.yml
-    needs: tests-unix
+    needs: [tests-unix, read-version]
     with:
       python-version: "3.10"
       artifact-name: wheels-macos-${{ matrix.target }}
       runs-on: macos-latest
+      c2pa-version: ${{ needs.read-version.outputs.c2pa-native-version }}
     secrets:
       github-token: ${{ secrets.GITHUB_TOKEN }}
     strategy:
@@ -402,7 +418,7 @@ jobs:
       - name: Install dev dependencies for build
         run: pip install -r requirements-dev.txt
       - name: Build sdist
-        run: python setup.py sdist
+        run: python -m build --sdist
       - name: Upload sdist
         uses: actions/upload-artifact@v4
         with:

.gitignore

@@ -7,6 +7,9 @@ __pycache__/
 scripts/artifacts
 tests/fixtures/temp_data
 
+# For the examples
+/output
+
 
 # C extensions
 *.so

Makefile

@@ -1,5 +1,8 @@
 # For Python bindings ===========================================================
 
+# Version of C2PA to use
+C2PA_VERSION := $(shell cat c2pa-native-version.txt)
+
 # Start from clean env: Delete `.venv`, then `python3 -m venv .venv`
 # Pre-requisite: Python virtual environment is active (source .venv/bin/activate)
 # Run Pytest tests in virtualenv: .venv/bin/pytest tests/test_unit_tests.py -v
@@ -27,7 +30,12 @@ build-python:
 rebuild: clean-c2pa-env install-deps download-native-artifacts build-python
 	@echo "Development rebuild done!"
 
-# Runs the unit tests
+run-examples:
+	python3 ./examples/sign.py
+	python3 ./examples/training.py
+	rm -rf output/
+
+# Runs the examples, then the unit tests
 test:
 	python3 ./tests/test_unit_tests.py
 	python3 ./tests/test_unit_tests_threaded.py
@@ -42,7 +50,7 @@ test-local-wheel-build:
 	# Clean any existing builds
 	rm -rf build/ dist/
 	# Download artifacts and place them where they should go
-	python scripts/download_artifacts.py c2pa-v0.55.0
+	python scripts/download_artifacts.py $(C2PA_VERSION)
 	# Install Python
 	python3 -m pip install -r requirements.txt
 	python3 -m pip install -r requirements-dev.txt
@@ -60,12 +68,12 @@ test-local-sdist-build:
 	# Clean any existing builds
 	rm -rf build/ dist/
 	# Download artifacts and place them where they should go
-	python scripts/download_artifacts.py c2pa-v0.55.0
+	python scripts/download_artifacts.py $(C2PA_VERSION)
 	# Install Python
 	python3 -m pip install -r requirements.txt
 	python3 -m pip install -r requirements-dev.txt
 	# Build sdist package
-	python -m build --sdist
+	python setup.py sdist
 	# Install local build in venv
 	pip install $$(ls dist/*.tar.gz)
 	# Verify installation in local venv
@@ -90,4 +98,4 @@ format:
 
 # Downloads the required native artifacts for the specified version
 download-native-artifacts:
-	python3 scripts/download_artifacts.py c2pa-v0.55.0
+	python3 scripts/download_artifacts.py $(C2PA_VERSION)

README.md

@@ -13,27 +13,51 @@ This project provides a Python API for working with [C2PA](https://c2pa.org/) (C
 
 ```bash
 .
-├── .github/           # GitHub configuration files
-├── artifacts/         # Platform-specific libraries for building (per subfolder)
-│   └── linux_x86_64/ # Linux ARM64 libraries
-├── docs/             # Project documentation
-├── examples/         # Example scripts demonstrating usage
-├── scripts/          # Utility scripts (eg. artifacts download)
-├── src/             # Source code
-│   └── c2pa/        # Main package directory
-│       └── libs/    # Platform-specific libraries
-├── tests/           # Unit tests and benchmarks
-├── .gitignore       # Git ignore rules
-├── Makefile         # Build and development commands
-├── pyproject.toml   # Python project configuration
-├── requirements.txt # Python dependencies
-├── requirements-dev.txt # Development dependencies
-└── setup.py         # Package setup script
+├── .github/                  # GitHub configuration files
+├── artifacts/                # Platform-specific libraries for building (per subfolder)
+│   └── your_target_platform/ # Platform-specific artifacts
+├── docs/                     # Project documentation
+├── examples/                 # Example scripts demonstrating usage
+├── scripts/                  # Utility scripts (eg. artifacts download)
+├── src/                      # Source code
+│   └── c2pa/                 # Main package directory
+│       └── libs/             # Platform-specific libraries
+├── tests/                    # Unit tests and benchmarks
+├── .gitignore                # Git ignore rules
+├── Makefile                  # Build and development commands
+├── pyproject.toml            # Python project configuration
+├── requirements.txt          # Python dependencies
+├── requirements-dev.txt      # Development dependencies
+└── setup.py                  # Package setup script
 ```
 
+## Package installation
+
+The c2pa-python package is published to PyPI. You can install it from there by running:
+
+```bash
+pip install c2pa-python
+```
+
+To use the module in your Python code, import like this:
+
+```python
+import c2pa
+```
+
+## Examples
+
+### Adding a "Do Not Train" Assertion
+
+The `examples/training.py` script demonstrates how to add a "Do Not Train" assertion to an asset and verify it.
+
+### Signing and Verifying Assets
+
+The `examples/sign.py` script shows how to sign an asset with a C2PA manifest and verify it.
+
 ## Development Setup
 
-1. Create and activate a virtual environment:
+1. Create and activate a virtual environment with native dependencies:
 
 ```bash
 # Create virtual environment
@@ -100,16 +124,6 @@ And run:
 pytest
 ```
 
-## Examples
-
-### Adding a "Do Not Train" Assertion
-
-The `examples/training.py` script demonstrates how to add a "Do Not Train" assertion to an asset and verify it.
-
-### Signing and Verifying Assets
-
-The `examples/test.py` script shows how to sign an asset with a C2PA manifest and verify it.
-
 ## Contributing
 
 Contributions are welcome! Please fork the repository and submit a pull request.

c2pa-native-version.txt

@@ -0,0 +1 @@
+c2pa-v0.55.0

examples/sign.py

@@ -0,0 +1,89 @@
+# Copyright 2025 Adobe. All rights reserved.
+# This file is licensed to you under the Apache License,
+# Version 2.0 (http://www.apache.org/licenses/LICENSE-2.0)
+# or the MIT license (http://opensource.org/licenses/MIT),
+# at your option.
+# Unless required by applicable law or agreed to in writing,
+# this software is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR REPRESENTATIONS OF ANY KIND, either express or
+# implied. See the LICENSE-MIT and LICENSE-APACHE files for the
+# specific language governing permissions and limitations under
+# each license.
+
+# This example shows how to sign an image with a C2PA manifest
+# and read the metadata added to the image.
+
+import os
+import c2pa
+
+fixtures_dir = os.path.join(os.path.dirname(__file__), "../tests/fixtures/")
+output_dir = os.path.join(os.path.dirname(__file__), "../output/")
+
+# ensure the output directory exists
+if not os.path.exists(output_dir):
+    os.makedirs(output_dir)
+
+print("c2pa version:")
+version = c2pa.sdk_version()
+print(version)
+
+# Read existing C2PA metadata from the file
+print("\nReading existing C2PA metadata:")
+with open(fixtures_dir + "C.jpg", "rb") as file:
+    reader = c2pa.Reader("image/jpeg", file)
+    print(reader.json())
+
+# Create a signer from certificate and key files
+certs = open(fixtures_dir + "es256_certs.pem", "rb").read()
+key = open(fixtures_dir + "es256_private.key", "rb").read()
+
+signer_info = c2pa.C2paSignerInfo(
+    alg=b"es256",  # Use bytes instead of encoded string
+    sign_cert=certs,
+    private_key=key,
+    ta_url=b"http://timestamp.digicert.com"  # Use bytes and add timestamp URL
+)
+
+signer = c2pa.Signer.from_info(signer_info)
+
+# Create a manifest definition as a dictionary
+manifest_definition = {
+    "claim_generator": "python_example",
+    "claim_generator_info": [{
+        "name": "python_example",
+        "version": "0.0.1",
+    }],
+    "format": "image/jpeg",
+    "title": "Python Example Image",
+    "ingredients": [],
+    "assertions": [
+        {
+            'label': 'stds.schema-org.CreativeWork',
+            'data': {
+                '@context': 'http://schema.org/',
+                '@type': 'CreativeWork',
+                'author': [
+                    {'@type': 'Person', 'name': 'Example User'}
+                ]
+            },
+            'kind': 'Json'
+        }
+    ]
+}
+
+builder = c2pa.Builder(manifest_definition)
+
+# Sign the image
+print("\nSigning the image...")
+with open(fixtures_dir + "C.jpg", "rb") as source:
+    with open(output_dir + "C_signed.jpg", "wb") as dest:
+        result = builder.sign(signer, "image/jpeg", source, dest)
+
+# Read the signed image to verify
+print("\nReading signed image metadata:")
+with open(output_dir + "C_signed.jpg", "rb") as file:
+    reader = c2pa.Reader("image/jpeg", file)
+    print(reader.json())
+
+print("\nExample completed successfully!")
+