Please add an example method for ES256 signing

[naomatheus]

I generate ES256 keys in my project, and needed to support ES256 signing algorithm. This is how I did this. Please consider adding to the repository's examples.

Adding, for example, to c2pa_api.py and examples:

from cryptography.hazmat.primitives import hashes
from cryptography.hazmat.primitives.asymmetric import ec
from cryptography.hazmat.primitives.serialization import load_pem_private_key

def sign_es256(data: bytes, key_path: str) -> bytes:
    with open(key_path, "rb") as key_file:
        private_key = load_pem_private_key(
            key_file.read(),
            password=None,
        )
    
    # Ensure the key is an EC private key
    if not isinstance(private_key, ec.EllipticCurvePrivateKey):
        raise ValueError("The provided key is not an Elliptic Curve private key")
    
    # Sign the data using ECDSA with SHA256
    signature = private_key.sign(
        data,
        ec.ECDSA(hashes.SHA256())
    )
    return signature

You could tag this on here:

c2pa-python/c2pa/c2pa_api/c2pa_api.py

Line 242 in 4660ef9

return signature

Happy to open a PR post-discussion.

[gpeacock]

Thanks for this. We will test it out and consider adding it.

[tmathern]

es256 is one of the algorithms used in unit tests for signing for latest versions (0.10.0 and higher).

It is also used (through a callback signer) in the example sign.py, with the signer configured and defined here.