The examples directory contains some small examples of using this Python library.
The examples use asset files from the tests/fixtures directory, save the resulting signed assets to the temporary output directory, and display manifest store data and other output to the console.
The examples/sign.py script shows how to sign an asset with a C2PA manifest and verify the asset.
The examples/sign_info.py script shows how to sign an asset with a C2PA manifest and verify it using a "default" signer created with the needed signer information.
These statements create a builder object with the specified manifest JSON (omitted in the snippet below), call builder.sign() to sign and attach the manifest to the source file, tests/fixtures/C.jpg, and save the signed asset to the output file, output/C_signed.jpg:
manifest_definition = {
// ... JSON omitted here
}
builder = c2pa.Builder(manifest_definition)
with open(fixtures_dir + "C.jpg", "rb") as source:
with open(output_dir + "C_signed.jpg", "wb") as dest:
result = builder.sign(signer, "image/jpeg", source, dest)Then these statements read and verify the signed asset:
print("\nReading signed image metadata:")
with open(output_dir + "C_signed.jpg", "rb") as file:
reader = c2pa.Reader("image/jpeg", file)
print(reader.json())The examples/training.py script shows how to add a "do not train" assertion to an asset, then verify the asset and display to the console whether its manifest indicates ML training is allowed.
These statements sign the asset using a stream:
with open(testFile, "rb") as source_file:
with open(testOutputFile, "wb") as dest_file:
result = builder.sign(signer, "image/jpeg", source_file, dest_file)These statements verify the asset and check its attached manifest for a "do not train" assertion:
allowed = True # opt out model, assume training is ok if the assertion doesn't exist
try:
# Create reader using the current API
reader = c2pa.Reader(testOutputFile)
manifest_store = json.loads(reader.json())
manifest = manifest_store["manifests"][manifest_store["active_manifest"]]
for assertion in manifest["assertions"]:
if assertion["label"] == "c2pa.training-mining":
if getitem(assertion, ("data","entries","c2pa.ai_training","use")) == "notAllowed":
allowed = False
# get the ingredient thumbnail and save it to a file using resource_to_stream
uri = getitem(manifest,("ingredients", 0, "thumbnail", "identifier"))
with open(output_dir + "thumbnail_v2.jpg", "wb") as thumbnail_output:
reader.resource_to_stream(uri, thumbnail_output)
except Exception as err:
sys.exit(err)To run the examples, make sure you have the c2pa-python package installed (pip install c2pa-python) and you're in the root directory of the project. We recommend working using virtual environments (venv). Then run the examples as shown below.
python examples/read.pypython examples/training.pyIn this example, a callback signer is the signer:
python examples/sign.pyIn this example, SignerInfo creates a Signer object that signs the manifest.
python examples/sign_info.pyc2pa-python-example is an example of a simple application that accepts an uploaded JPEG image file, attaches a C2PA manifest, and signs it using a certificate. The app uses the CAI Python library and the Flask Python framework to implement a back-end REST endpoint; it does not have an HTML front-end, so you have to use something like curl to access it. This example is a development setup and should not be deployed as-is to a production environment.