Hmmm … maybe this doesn't need to be so complicated

scouten-adobe · scouten-adobe · commit ba322ff7defb · 2025-09-12T14:18:27.000-07:00
diff --git a/c2pa_c_ffi/src/c_api.rs b/c2pa_c_ffi/src/c_api.rs
@@ -463,11 +463,6 @@ pub unsafe extern "C" fn c2pa_free_string_array(ptr: *const *const c_char, count
 
 // Run CAWG post-validation - this is async and requires a runtime.
 fn post_validate(result: Result<C2paReader, c2pa::Error>) -> Result<C2paReader, c2pa::Error> {
-    if false {
-        // CONSIDER BEFORE MERGING ...
-        todo!("Remove me?");
-    }
-
     match result {
         Ok(mut reader) => {
             let runtime = match Runtime::new() {
diff --git a/c2pa_c_ffi/src/json_api.rs b/c2pa_c_ffi/src/json_api.rs
@@ -24,10 +24,6 @@ use crate::{Error, Result, SignerInfo};
 pub fn read_file(path: &str, data_dir: Option<String>) -> Result<String> {
     let mut reader = Reader::from_file(path).map_err(Error::from_c2pa_error)?;
     let runtime = Runtime::new().map_err(|e| Error::Other(e.to_string()))?;
-    if false {
-        // CONSIDER BEFORE MERGING ...
-        todo!("Remove post_validate_async here?");
-    }
     runtime
         .block_on(reader.post_validate_async(&CawgValidator {}))
         .map_err(Error::from_c2pa_error)?;
diff --git a/cli/src/main.rs b/cli/src/main.rs
@@ -574,10 +574,6 @@ fn verify_fragmented(init_pattern: &Path, frag_pattern: &Path) -> Result<Vec<Rea
 
 // run cawg validation if supported
 fn validate_cawg(reader: &mut Reader) -> Result<()> {
-    if false {
-        // CONSIDER BEFORE MERGING ...
-        todo!("Remove me?");
-    }
     #[cfg(not(target_os = "wasi"))]
     {
         Runtime::new()?
diff --git a/sdk/examples/cawg_identity.rs b/sdk/examples/cawg_identity.rs
@@ -124,8 +124,7 @@ mod cawg {
 
         builder.sign_file_async(&signer, source, &dest).await?;
 
-        let reader = Reader::from_file_async(dest).await?;
-
+        let reader = Reader::from_file_with_cawg_async(dest).await?;
         println!("{reader}");
         Ok(())
     }
diff --git a/sdk/src/identity/validator.rs b/sdk/src/identity/validator.rs
@@ -77,10 +77,13 @@ mod tests {
         crate::settings::set_settings_value("verify.verify_trust", false).unwrap();
 
         let mut stream = Cursor::new(CONNECTED_IDENTITIES_VALID);
-        let reader = Reader::from_stream_async("image/jpeg", &mut stream)
+
+        let reader = Reader::from_stream_with_cawg_async("image/jpeg", &mut stream)
             .await
             .unwrap();
+
         //println!("validation results: {}", reader);
+
         assert_eq!(
             reader
                 .validation_results()
@@ -100,10 +103,13 @@ mod tests {
         crate::settings::set_settings_value("verify.verify_trust", false).unwrap();
 
         let mut stream = Cursor::new(MULTIPLE_IDENTITIES_VALID);
-        let reader = Reader::from_stream_async("image/jpeg", &mut stream)
+
+        let reader = Reader::from_stream_with_cawg_async("image/jpeg", &mut stream)
             .await
             .unwrap();
+
         println!("validation results: {reader}");
+
         assert_eq!(
             reader
                 .validation_results()
@@ -119,9 +125,11 @@ mod tests {
     #[c2pa_test_async]
     async fn test_cawg_validate_with_hard_binding_missing() {
         let mut stream = Cursor::new(NO_HARD_BINDING);
-        let reader = Reader::from_stream_async("image/jpeg", &mut stream)
+
+        let reader = Reader::from_stream_with_cawg_async("image/jpeg", &mut stream)
             .await
             .unwrap();
+
         assert_eq!(
             reader
                 .validation_results()
diff --git a/sdk/src/identity/x509/x509_credential_holder.rs b/sdk/src/identity/x509/x509_credential_holder.rs
@@ -134,15 +134,16 @@ mod tests {
         // Read back the Manifest that was generated.
         dest.rewind().unwrap();
 
-        let manifest_store = Reader::from_stream_async(format, &mut dest).await.unwrap();
+        let manifest_store = Reader::from_stream_with_cawg_async(format, &mut dest)
+            .await
+            .unwrap();
+
         assert_eq!(manifest_store.validation_status(), None);
 
         let validation_results = manifest_store.validation_results().unwrap();
         let active_manifest_results = validation_results.active_manifest().unwrap();
         let active_manifest_success_codes = active_manifest_results.success();
 
-        dbg!(&active_manifest_success_codes);
-
         let mut ia_success_codes = active_manifest_success_codes.iter().filter(|s| {
             s.url()
                 .map(|url| url.ends_with("cawg.identity"))
@@ -151,8 +152,6 @@ mod tests {
         });
 
         let ia_success = ia_success_codes.next().unwrap();
-        dbg!(&ia_success);
-
         assert_eq!(ia_success.code(), "signingCredential.trusted");
         assert!(ia_success.url().unwrap().ends_with("cawg.identity"));
         assert_eq!(ia_success.kind(), &LogKind::Success);
diff --git a/sdk/src/reader.rs b/sdk/src/reader.rs
@@ -35,6 +35,7 @@ use crate::{
     crypto::base64,
     dynamic_assertion::PartialClaim,
     error::{Error, Result},
+    identity::validator::CawgValidator,
     jumbf::labels::{manifest_label_from_uri, to_absolute_uri, to_relative_uri},
     jumbf_io,
     manifest::StoreOptions,
@@ -108,13 +109,17 @@ type ValidationFn =
 
 impl Reader {
     /// Create a manifest store [`Reader`] from a stream.  A Reader is used to validate C2PA data from an asset.
+    ///
     /// # Arguments
     /// * `format` - The format of the stream.  MIME type or extension that maps to a MIME type.
     /// * `stream` - The stream to read from.  Must implement the Read and Seek traits. (NOTE: Explain Send trait, required for both sync & async?).
+    ///
     /// # Returns
     /// A [`Reader`] for the manifest store.
+    ///
     /// # Errors
     /// Returns an [`Error`] when the manifest data cannot be read.  If there's no error upon reading, you must still check validation status to ensure that the manifest data is validated.  That is, even if there are no errors, the data still might not be valid.
+    ///
     /// # Example
     /// This example reads from a memory buffer and prints out the JSON manifest data.
     /// ```no_run
@@ -125,51 +130,163 @@ impl Reader {
     /// let reader = Reader::from_stream("image/jpeg", stream).unwrap();
     /// println!("{}", reader.json());
     /// ```
-    #[async_generic()]
+    ///
+    /// # Note
+    /// This function does not validate [CAWG identity] assertions that may be
+    /// contained within any C2PA Manifests. If an async call is feasible, use
+    /// [from_stream_with_cawg_async()]; if not, you can construct an async runtime
+    /// on your own and perform the CAWG validation separately as shown in the
+    /// following example:
+    ///
+    /// ```no_run
+    /// use std::io::Cursor;
+    ///
+    /// use c2pa::Reader;
+    /// let mut stream = Cursor::new(include_bytes!("../tests/fixtures/CA.jpg"));
+    /// let mut reader = Reader::from_stream("image/jpeg", stream).unwrap();
+    /// let runtime = tokio::runtime::Runtime::new().unwrap();
+    /// runtime
+    ///     .block_on(reader.post_validate_async(&CawgValidator {}))
+    ///     .unwrap();
+    /// println!("{}", reader.json());
+    /// ```
+    ///
+    /// [CAWG identity]: https://cawg.io/identity
+    /// [from_stream_with_cawg_async()]: Self::from_stream_with_cawg_async
+    #[async_generic]
     #[cfg(not(target_arch = "wasm32"))]
     pub fn from_stream(format: &str, mut stream: impl Read + Seek + Send) -> Result<Reader> {
         let verify = get_settings_value::<bool>("verify.verify_after_reading")?; // defaults to true
         let mut validation_log = StatusTracker::default();
+
         let store = if _sync {
             Store::from_stream(format, &mut stream, verify, &mut validation_log)
         } else {
             Store::from_stream_async(format, &mut stream, verify, &mut validation_log).await
         }?;
 
-        #[allow(unused_mut)] // TEMPORARY until I figure out the synchronous path.
-        let mut result = Self::from_store(store, &validation_log)?;
-        if _sync {
-            // TO DO: Figure out how to handle synchronous validation with
-            // identity assertions? Just report an error (needs async)?
-            if false {
-                todo!("Add identity assertion validation here");
-            }
+        Self::from_store(store, &validation_log)
+    }
+
+    #[async_generic]
+    #[cfg(target_arch = "wasm32")]
+    pub fn from_stream(format: &str, mut stream: impl Read + Seek) -> Result<Reader> {
+        let verify = get_settings_value::<bool>("verify.verify_after_reading")?; // defaults to true
+        let mut validation_log = StatusTracker::default();
+
+        let store = if _sync {
+            Store::from_stream(format, &mut stream, verify, &mut validation_log)
         } else {
-            use crate::identity::validator::CawgValidator;
-            result
-                .post_validate_internal_async(&CawgValidator {})
-                .await?;
+            Store::from_stream_async(format, &mut stream, verify, &mut validation_log).await
+        }?;
+
+        Self::from_store(store, &validation_log)
+    }
+
+    /// Create a manifest store [`Reader`] from a stream. A `Reader` is used to
+    /// validate C2PA data from an asset. This variation also validates
+    /// [CAWG identity] assertions within the C2PA data.
+    ///
+    /// # Arguments
+    /// * `format` - The format of the stream. MIME type or extension that maps to a MIME type.
+    /// * `stream` - The stream to read from. Must implement the Read and Seek traits. (NOTE: Explain Send trait, required for both sync & async?).
+    ///
+    /// # Returns
+    /// A [`Reader`] for the manifest store.
+    ///
+    /// # Errors
+    /// Returns an [`Error`] when the manifest data cannot be read. If there's no error upon reading, you must still check validation status to ensure that the manifest data is validated. That is, even if there are no errors, the data still might not be valid.
+    ///
+    /// # Example
+    /// This example reads from a memory buffer and prints out the JSON manifest data.
+    /// ```no_run
+    /// use std::io::Cursor;
+    ///
+    /// use c2pa::Reader;
+    /// let mut stream = Cursor::new(include_bytes!("../tests/fixtures/CA.jpg"));
+    /// let reader = Reader::from_stream_with_cawg_async("image/jpeg", stream)
+    ///     .await
+    ///     .unwrap();
+    /// println!("{}", reader.json());
+    /// ```
+    ///
+    /// [CAWG identity]: https://cawg.io/identity
+    /// [from_stream_with_cawg_async()]: Self::from_stream_with_cawg_async
+    #[cfg(not(target_arch = "wasm32"))]
+    pub async fn from_stream_with_cawg_async(
+        format: &str,
+        stream: impl Read + Seek + Send,
+    ) -> Result<Reader> {
+        let mut reader = Self::from_stream_async(format, stream).await?;
+
+        if get_settings_value::<bool>("verify.verify_after_reading")? {
+            reader.post_validate_async(&CawgValidator {}).await?;
         }
 
-        Ok(result)
+        Ok(reader)
     }
 
-    #[async_generic()]
     #[cfg(target_arch = "wasm32")]
-    pub fn from_stream(format: &str, mut stream: impl Read + Seek) -> Result<Reader> {
+    pub async fn from_stream_with_cawg_async(
+        format: &str,
+        stream: impl Read + Seek,
+    ) -> Result<Reader> {
+        let mut reader = Self::from_stream_async(format, stream).await?;
+
+        if get_settings_value::<bool>("verify.verify_after_reading")? {
+            reader.post_validate_async(&CawgValidator {}).await?;
+        }
+
+        Ok(reader)
+    }
+
+    /// Create a manifest store [`Reader`] from a stream.  A Reader is used to validate C2PA data from an asset.
+    /// # Arguments
+    /// * `format` - The format of the stream.  MIME type or extension that maps to a MIME type.
+    /// * `stream` - The stream to read from.  Must implement the Read and Seek traits. (NOTE: Explain Send trait, required for both sync & async?).
+    /// # Returns
+    /// A [`Reader`] for the manifest store.
+    /// # Errors
+    /// Returns an [`Error`] when the manifest data cannot be read.  If there's no error upon reading, you must still check validation status to ensure that the manifest data is validated.  That is, even if there are no errors, the data still might not be valid.
+    /// # Example
+    /// This example reads from a memory buffer and prints out the JSON manifest data.
+    /// ```no_run
+    /// use std::io::Cursor;
+    ///
+    /// use c2pa::Reader;
+    /// let mut stream = Cursor::new(include_bytes!("../tests/fixtures/CA.jpg"));
+    /// let reader = Reader::from_stream("image/jpeg", stream).unwrap();
+    /// println!("{}", reader.json());
+    /// ```
+    #[cfg(not(target_arch = "wasm32"))]
+    pub fn from_stream_with_cawg_async(
+        format: &str,
+        mut stream: impl Read + Seek + Send,
+    ) -> Result<Reader> {
+        use crate::identity::validator::CawgValidator;
+
         let verify = get_settings_value::<bool>("verify.verify_after_reading")?; // defaults to true
         let mut validation_log = StatusTracker::default();
-
         let store = if _sync {
             Store::from_stream(format, &mut stream, verify, &mut validation_log)
         } else {
             Store::from_stream_async(format, &mut stream, verify, &mut validation_log).await
         }?;
 
+        #[allow(unused_mut)] // TEMPORARY until I figure out the synchronous path.
         let mut result = Self::from_store(store, &validation_log)?;
-        if false {
-            todo!("Add identity assertion validation here");
+
+        #[allow(unused)] // TEMPORARY until I figure the synchronous path.
+        let cawg_validator = CawgValidator {};
+
+        if _sync {
+            if false {
+                panic!("Need sync implementation of CawgValidator");
+            }
+        } else {
+            result.post_validate_async(&cawg_validator).await?;
         }
+
         Ok(result)
     }
 
@@ -754,24 +871,6 @@ impl Reader {
         validator: &impl AsyncPostValidator
     ))]
     pub fn post_validate(&mut self, validator: &impl PostValidator) -> Result<()> {
-        if false {
-            // CONSIDER BEFORE MERGING ...
-            todo!("Remove me?");
-        }
-
-        if _sync {
-            self.post_validate_internal(validator)
-        } else {
-            self.post_validate_internal_async(validator).await
-        }
-    }
-
-    #[async_generic(async_signature(
-        &mut self,
-        validator: &impl AsyncPostValidator
-    ))]
-    fn post_validate_internal(&mut self, validator: &impl PostValidator) -> Result<()> {
-        // TEMPORARY: Make this available while I sort out new code path.
         let mut validation_log = StatusTracker::default();
         let mut validation_results = self.validation_results.take().unwrap_or_default();
         let mut assertion_values = HashMap::new();
@@ -1034,10 +1133,6 @@ pub mod tests {
 
     #[test]
     fn test_reader_post_validate() -> Result<()> {
-        if false {
-            // CONSIDER BEFORE MERGING ...
-            todo!("Remove me?");
-        }
         use crate::{log_item, status_tracker::StatusTracker};
 
         let mut reader =

Original file line number	Diff line number	Diff line change
`@@ -124,8 +124,7 @@ mod cawg {`
`124`	`124`
`125`	`125`	`builder.sign_file_async(&signer, source, &dest).await?;`
`126`	`126`
`127`		`- let reader = Reader::from_file_async(dest).await?;`
`128`		`-`
	`127`	`+ let reader = Reader::from_file_with_cawg_async(dest).await?;`
`129`	`128`	`println!("{reader}");`
`130`	`129`	`Ok(())`
`131`	`130`	`}`