{"type":"doc","content":[{"type":"paragraph","content":[{"text":"We recently did a short demo for a ","type":"text"},{"text":"Project Origin","type":"text","marks":[{"type":"link","attrs":{"href":"https://www.originproject.info/"}}]},{"text":" workshop showing how the ","type":"text"},{"text":"Content Authenticity Initiative","type":"text","marks":[{"type":"link","attrs":{"href":"https://contentauthenticity.org/"}}]},{"text":"’s ","type":"text"},{"text":"open source toolkits for C2PA","type":"text","marks":[{"type":"link","attrs":{"href":"https://opensource.contentauthenticity.org/"}}]},{"text":" can work with IPTC Photo Metadata.","type":"text"}]},{"type":"paragraph","content":[{"text":"It shows a practical way that developers and power users can start working with the ","type":"text"},{"text":"C2PA Specification","type":"text","marks":[{"type":"link","attrs":{"href":"https://c2pa.org/specifications/specifications/1.0/"}}]},{"text":" straight away.","type":"text"}]},{"type":"paragraph","content":[{"text":"Here we record the steps we took to create the demo, along with a few notes and suggestions for improvements. It includes several “manual” steps involving editing things with text editors.","type":"text"}]},{"type":"paragraph","content":[{"text":"Overall, it shows that it is possible to comply with the C2PA spec, but it also shows that there is a lot of work to be done to make it easy for users.","type":"text"}]},{"type":"heading","attrs":{"level":2},"content":[{"text":"Step 1: Create an image with embedded IPTC Photo Metadata.","type":"text"}]},{"type":"paragraph","content":[{"text":"We used Adobe Photoshop but many other tools can be used - see ","type":"text"},{"text":"IPTC’s list of software that supports IPTC Photo Metadata Standard","type":"text","marks":[{"type":"link","attrs":{"href":"https://iptc.org/standards/photo-metadata/software-support/"}}]},{"text":".","type":"text"}]},{"type":"mediaSingle","attrs":{"layout":"center"},"content":[{"type":"media","attrs":{"width":380,"id":"b02cff66-41e0-40ad-998f-427b159ae61f","collection":"contentId-613613569","type":"file","height":385}},{"type":"caption","content":[{"text":"Adding IPTC Photo Metadata fields to our image using Adobe Photoshop’s File Info panel","type":"text"}]}]},{"type":"heading","attrs":{"level":2},"content":[{"text":"Step 2: Use exiftool to export the embedded metadata in XMP format","type":"text"}]},{"type":"paragraph","content":[{"text":"Using a Terminal window on my Mac, I ran the following command:","type":"text"}]},{"type":"paragraph","content":[{"text":"exiftool -xmp -b greenwich_flowers_with_metadata.jpg >greenwich_flowers_xmp.xml","type":"text","marks":[{"type":"code"}]}]},{"type":"paragraph","content":[{"text":"Here is a description of what the extra arguments do:","type":"text"}]},{"type":"bulletList","content":[{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"-xmp","type":"text","marks":[{"type":"code"}]},{"text":": Export the XMP metadata from the image file","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"-b","type":"text","marks":[{"type":"code"}]},{"text":": Show binary data. The XMP block includes byte-order markers which show up as binary data in exiftool output - you can see the ","type":"text"},{"text":"","type":"text","marks":[{"type":"code"}]},{"text":" characters at the top of the output shown below.","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":">greenwich_flowers_xmp.xml","type":"text","marks":[{"type":"code"}]},{"text":": Send the output to a new file called “greenwich_flowers_xmp.xml”","type":"text"}]}]}]},{"type":"paragraph","content":[{"text":"We have just created an XML file that looks like this: (","type":"text"},{"text":"actually the real version is all on one long line, so I have inserted line breaks here to make it slightly more readable","type":"text","marks":[{"type":"em"}]},{"text":")","type":"text"}]},{"type":"codeBlock","attrs":{"language":"xml"},"content":[{"text":"\" id=\"W5M0MpCehiHzreSzNTczkc9d\"?>\n \n \n ","type":"text"}]},{"type":"paragraph","content":[{"text":"If you’ve never seen an XMP packet before, this is probably quite confusing, but don’t worry - it just shows all the IPTC metadata properties in the XMP format that’s specified by ISO ","type":"text"},{"text":"ISO 16884","type":"text","marks":[{"type":"link","attrs":{"href":"https://www.iso.org/standard/75163.html"}}]},{"text":".","type":"text"}]},{"type":"panel","attrs":{"panelType":"info"},"content":[{"type":"paragraph","content":[{"text":"Note that ","type":"text"},{"text":"exiftool","type":"text","marks":[{"type":"code"}]},{"text":" also has a JSON export function (","type":"text"},{"text":"-json","type":"text","marks":[{"type":"code"}]},{"text":"), but the format used is slightly different from the JSON-LD version that we need for the C2PA assertion. Another approach could be to generate the JSON output using ","type":"text"},{"text":"exiftool -json -struct -G1","type":"text","marks":[{"type":"code"}]},{"text":" and then convert the field names to their correct XMP values.","type":"text"}]}]},{"type":"heading","attrs":{"level":2},"content":[{"text":"Step 3: Convert the RDF/XML to JSON-LD","type":"text"}]},{"type":"paragraph","content":[{"text":"XMP’s standard data storage format is RDF/XML, which is a representation of the RDF data model in the XML format. To add these fields to a C2PA manifest, we need to convert the RDF/XML to another serialisation of RDF called JSON-LD.","type":"text"}]},{"type":"paragraph","content":[{"text":"There is a standard for expressing XMP in JSON-LD (","type":"text"},{"text":"ISO16884-3: JSON-LD serialisation of XMP","type":"text","marks":[{"type":"link","attrs":{"href":"https://www.iso.org/standard/79384.html"}}]},{"text":") but ","type":"text"},{"text":"exiftool","type":"text","marks":[{"type":"code"}]},{"text":" doesn't export in that format directly, so we have to do some conversion ourselves.","type":"text"}]},{"type":"paragraph","content":[{"text":"We can use a tool called ","type":"text"},{"text":"riot","type":"text","marks":[{"type":"code"}]},{"text":" from the ","type":"text"},{"text":"Apache Jena project","type":"text","marks":[{"type":"link","attrs":{"href":"https://jena.apache.org/"}}]},{"text":" to convert the RDF/XML to JSON-LD. If you don’t have it installed, ","type":"text"},{"text":"download Jena","type":"text","marks":[{"type":"link","attrs":{"href":"https://jena.apache.org/download/index.cgi"}}]},{"text":" or install it with Homebrew on a Mac (","type":"text"},{"text":"brew install jena","type":"text","marks":[{"type":"code"}]},{"text":").","type":"text"}]},{"type":"paragraph","content":[{"text":"But ","type":"text"},{"text":"riot","type":"text","marks":[{"type":"code"}]},{"text":" doesn't like the XML processing directives in the XMP packet. So first, we have to remove the XMP headers by hand. (","type":"text"},{"text":"Side note: if anyone knows of a good way of removing the processing headers using the command-line, please let me know! Probably some ","type":"text","marks":[{"type":"em"}]},{"text":"sed","type":"text","marks":[{"type":"code"}]},{"text":" magic would do the trick?","type":"text","marks":[{"type":"em"}]},{"text":")","type":"text"}]},{"type":"paragraph","content":[{"text":"Open the XML file in a text editor and remove the ","type":"text"},{"text":"","type":"text","marks":[{"type":"code"}]},{"text":" sections at the start and end of the file. If you have it, you can also use ","type":"text"},{"text":"xmllint","type":"text","marks":[{"type":"code"}]},{"text":" to make the xml look a bit nicer:","type":"text"}]},{"type":"paragraph","content":[{"text":"xmllint --format greenwich_flowers_xmp.xml >greenwich_flowers_xmp_pretty.xml","type":"text","marks":[{"type":"code"}]}]},{"type":"paragraph","content":[{"text":"Then you can run ","type":"text"},{"text":"riot","type":"text","marks":[{"type":"code"}]},{"text":" on the RDF/XML to create JSON-LD:","type":"text"}]},{"type":"paragraph","content":[{"text":"riot --syntax rdfxml --output jsonld greenwich_flowers_xmp_pretty.xml >greenwich_flowers_xmp.jsonld","type":"text","marks":[{"type":"code"}]}]},{"type":"paragraph","content":[{"text":"riot converts between various syntaxes of RDF. This command converts the original RDF/XML format to JSON-LD, a JSON-friendly version of RDF.","type":"text"}]},{"type":"paragraph","content":[{"text":"Unfortunately, that’s not yet the end of our story in preparing metadata for embedding into a C2PA assertion. ","type":"text"},{"text":"riot","type":"text","marks":[{"type":"code"}]},{"text":" does a straight conversion to JSON-LD, including the structures such as rdf:Bag, rdf:Seq and various “blank nodes” used to handle multi-valued properties, but XMP's use of JSON-LD is much simpler. So we need to do some more conversion by hand.","type":"text"}]},{"type":"paragraph","content":[{"text":"The output at first looks like this:","type":"text"}]},{"type":"codeBlock","attrs":{"language":"json"},"content":[{"text":"{\n \"@graph\": [\n {\n \"@id\": \"_:b0\",\n \"rdf:_1\": \"Brendan Quinn\",\n \"@type\": \"rdf:Seq\"\n },\n {\n \"@id\": \"_:b1\",\n \"plus:ImageSupplierName\": \"IPTC\"\n },\n {\n \"@id\": \"_:b2\",\n \"stEvt:changed\": \"/\",\n \"stEvt:softwareAgent\": \"Adobe Photoshop 23.4 (Macintosh)\",\n \"stEvt:when\": \"2022-07-21T15:46:32+03:00\",\n \"stEvt:instanceID\": \"xmp.iid:ef558a6e-e419-4aae-8890-f6b2b2bed77c\",\n \"stEvt:action\": \"saved\"\n },\n {\n \"@id\": \"_:b3\",\n \"stEvt:changed\": \"/\",\n \"stEvt:softwareAgent\": \"Adobe Photoshop 23.4 (Macintosh)\",\n \"stEvt:when\": \"2022-07-21T15:46:32+03:00\",\n \"stEvt:instanceID\": \"xmp.iid:f9c65ac7-2ad9-4016-84b3-97065eb121b4\",\n \"stEvt:action\": \"saved\"\n },\n {\n \"@id\": \"_:b4\",\n \"rdf:_1\": {\n \"@language\": \"x-default\",\n \"@value\": \"Wildflowers at the Rose Garden, Greenwich Park, London\"\n },\n \"@type\": \"rdf:Alt\"\n },\n ... much more ...","type":"text"}]},{"type":"paragraph","content":[{"text":"All those ","type":"text"},{"text":"_:b0","type":"text","marks":[{"type":"code"}]},{"text":", ","type":"text"},{"text":"_:b1","type":"text","marks":[{"type":"code"}]},{"text":", ","type":"text"},{"text":"_:b2","type":"text","marks":[{"type":"code"}]},{"text":" objects are parts of the XMP packet that can actually be converted into simple arrays and objects in JSON. Right now there is no tool that can do this conversion, so I did it by hand! It took a while... It looks like it would be handy to create a Python and/or JavaScript tool to do it for us.","type":"text"}]},{"type":"paragraph","content":[{"text":"Ideally ","type":"text"},{"text":"exiftool","type":"text","marks":[{"type":"code"}]},{"text":" would have an option that outputs XMP in ISO16884-3-compliant JSON-LD, but until it does, we need to do the work manually.","type":"text"}]},{"type":"paragraph","content":[{"text":"After a lot of manual reworking effort, here’s what I ended up with:","type":"text"}]},{"type":"codeBlock","attrs":{"language":"json"},"content":[{"text":"{\n \"@context\": {\n \"xmpRights\": \"http://ns.adobe.com/xap/1.0/rights/\",\n \"aux\": \"http://ns.adobe.com/exif/1.0/aux/\",\n \"exifEX\": \"http://cipa.jp/exif/1.0/\",\n \"stEvt\": \"http://ns.adobe.com/xap/1.0/sType/ResourceEvent#\",\n \"Iptc4xmpExt\": \"http://iptc.org/std/Iptc4xmpExt/2008-02-29/\",\n \"photoshop\": \"http://ns.adobe.com/photoshop/1.0/\",\n \"plus\": \"http://ns.useplus.org/ldf/xmp/1.0/\",\n \"Iptc4xmpCore\": \"http://iptc.org/std/Iptc4xmpCore/1.0/xmlns/\",\n \"rdf\": \"http://www.w3.org/1999/02/22-rdf-syntax-ns#\",\n \"xmpMM\": \"http://ns.adobe.com/xap/1.0/mm/\",\n \"xmp\": \"http://ns.adobe.com/xap/1.0/\",\n \"dc\": \"http://purl.org/dc/elements/1.1/\"\n },\n \"@graph\": {\n \"@id\": \"file:///Users/brendan/dev/iptc/c2pa/c2patool-play/greenwich_flowers_xmp_pretty.xml\",\n \"dc:description\": \"Wildflowers at the Rose Garden, Greenwich Park, London\",\n \"exifEX:LensModel\": \"iPhone 11 back dual wide camera 4.25mm f/1.8\",\n \"xmp:MetadataDate\": \"2022-07-21T15:46:32+03:00\",\n \"aux:LensInfo\": \"807365/524263 17/4 9/5 12/5\",\n \"exifEX:LensMake\": \"Apple\",\n \"xmp:rights/UsageTerms\": \"Usage permitted under Creative Commons Attribution (CC-BY 4.0) licence.\",\n \"xmp:ModifyDate\": \"2022-07-21T15:46:32+03:00\",\n \"photoshop:CaptionWriter\": \"Brendan Quinn\",\n \"xmp:mm/OriginalDocumentID\": \"4B267F2683ABA382F9E0C1DE10BF4210\",\n \"photoshop:ColorMode\": \"3\",\n \"photoshop:AuthorsPosition\": \"Managing Director\",\n \"plus:Licensor\": {\n \"plus:LicensorEmail\": \"office@iptc.org\",\n \"plus:LicensorURL\": \"www.iptc.org/\",\n \"plus:LicensorTelephoneType2\": \"http://ns.useplus.org/ldf/vocab/work\",\n \"plus:LicensorName\": \"Brendan Quinn\"\n },\n \"dc:subject\": [\n \"Rose Garden\",\n \"Greenwich\",\n \"flowers\",\n \"Wild flowers\"\n ],\n \"dc:creator\": \"Brendan Quinn\",\n \"Iptc4xmpCore:CountryCode\": \"GB\",\n \"Iptc4xmpCore:IntellectualGenre\": \"https://cv.iptc.org/newscodes/genre/Actuality\",\n \"Iptc4xmpExt:LocationShown\": {\n \"Iptc4xmpExt:WorldRegion\": \"Europe\",\n \"Iptc4xmpExt:CountryCode\": \"GB\",\n \"Iptc4xmpExt:CountryName\": \"United Kingdom\",\n \"Iptc4xmpExt:ProvinceState\": \"London\",\n \"Iptc4xmpExt:City\": \"London\",\n \"Iptc4xmpExt:Sublocation\": \"Greenwich\"\n },\n \"photoshop:City\": \"London\",\n \"photoshop:DateCreated\": \"2022-07-09T17:47:17.538\",\n \"photoshop:ICCProfile\": \"Display P3\",\n \"plus:ModelReleaseStatus\": \"http://ns.useplus.org/ldf/vocab/MR-NAP\",\n \"photoshop:LegacyIPTCDigest\": \"74680B31492930D266D0FAE3B244D1BD\",\n \"photoshop:State\": \"London\",\n \"xmp:CreateDate\": \"2022-07-09T17:47:17\",\n \"dc:format\": \"image/jpeg\",\n \"plus:CopyrightOwner\": {\n \"plus:CopyrightOwnerName\": \"Brendan Quinn\"\n },\n \"plus:ImageCreator\": {\n \"plus:ImageCreatorName\": \"Brendan Quinn\"\n },\n \"xmp:CreatorTool\": \"15.5\",\n \"plus:ImageSupplier\": {\n \"plus:ImageSupplierName\": \"IPTC\"\n },\n \"Iptc4xmpCore:Scene\": \"https://cv.iptc.org/newscodes/scene/011600\",\n \"Iptc4xmpCore:Location\": \"Greenwich\",\n \"Iptc4xmpCore:CreatorContactInfo\": {\n \"Iptc4xmpCore:CiAdrCtry\": \"United Kingdom\",\n \"Iptc4xmpCore:CiTelWork\": \"+44 (0)20 3178 4922 \",\n \"Iptc4xmpCore:CiUrlWork\": \"https://www.iptc.org/\",\n \"Iptc4xmpCore:CiEmailWork\": \"mdirector@iptc.org\",\n \"Iptc4xmpCore:CiAdrPcode\": \"WC2A 1AL\",\n \"Iptc4xmpCore:CiAdrRegion\": \"London\",\n \"Iptc4xmpCore:CiAdrCity\": \"London\",\n \"Iptc4xmpCore:CiAdrExtadr\": \"25 Southampton Buildings\"\n },\n \"Iptc4xmpExt:LocationCreated\": {\n \"Iptc4xmpExt:WorldRegion\": \"Europe\",\n \"Iptc4xmpExt:CountryCode\": \"GB\",\n \"Iptc4xmpExt:CountryName\": \"United Kingdom\",\n \"Iptc4xmpExt:ProvinceState\": \"London\",\n \"Iptc4xmpExt:City\": \"London\",\n \"Iptc4xmpExt:Sublocation\": \"Greenwich\"\n },\n \"plus:PropertyReleaseStatus\": \"http://ns.useplus.org/ldf/vocab/PR-NAP\",\n \"xmp:mm/InstanceID\": \"xmp.iid:ef558a6e-e419-4aae-8890-f6b2b2bed77c\",\n \"photoshop:Headline\": \"Wildflowers at the Rose Garden, Greenwich Park, London\",\n \"photoshop:Country\": \"United Kingdom\",\n \"aux:Lens\": \"iPhone 11 back dual wide camera 4.25mm f/1.8\",\n \"dc:rights\": \"Copyright (C) Brendan Quinn 2022. Some rights reserved.\",\n \"Iptc4xmpExt:DigitalSourceType\": \"http://cv.iptc.org/newscodes/digitalsourcetype/digitalCapture\"\n }\n}","type":"text"}]},{"type":"heading","attrs":{"level":2},"content":[{"text":"Step 4: Add the JSON-LD to a c2patool assertion block","type":"text"}]},{"type":"paragraph","content":[{"text":"Now we can finally start using ","type":"text"},{"text":"c2patool","type":"text","marks":[{"type":"code"}]},{"text":"!","type":"text"}]},{"type":"paragraph","content":[{"text":"If you don’t yet have c2patool installed, and you’re on a Mac, I recommend installing the Homebrew version:","type":"text"}]},{"type":"paragraph","content":[{"text":"brew tap contentauth/tools","type":"text","marks":[{"type":"code"}]},{"type":"hardBreak"},{"text":"brew install c2patool","type":"text","marks":[{"type":"code"}]}]},{"type":"paragraph","content":[{"text":"You can try running c2patool on the image file just to see what happens. As we only have IPTC embedded metadata but no C2PA claim included, it should show “No claim found”:","type":"text"}]},{"type":"codeBlock","attrs":{"language":"shell"},"content":[{"text":"c2patool greenwich_flowers_with_metadata.jpg \nNo claim found","type":"text"}]},{"type":"paragraph","content":[{"text":"Now we can follow the ","type":"text"},{"text":"“manifest definition format” specification in the c2patool docs","type":"text","marks":[{"type":"link","attrs":{"href":"https://opensource.contentauthenticity.org/docs/c2patool#manifest-definition-format"}}]},{"text":" to turn our IPTC metadata structure into an assertion:","type":"text"}]},{"type":"codeBlock","attrs":{"language":"json"},"content":[{"text":"{\n \"alg\": \"es256\",\n \"private_key\": \"es256_private.key\",\n \"sign_cert\": \"es256_certs.pem\",\n \"ta_url\": \"http://timestamp.digicert.com\",\n \"vendor\": \"IPTC\",\n \"claim_generator\": \"BQ Test with c2patool/0.1\",\n \"ingredients\": [],\n \"assertions\": [\n {\n \"label\": \"stds.iptc.photo-metadata\",\n \"data\": {\n ... insert the XMP metadata packet in JSON-LD format here ...\n }\n }\n ]\n}","type":"text"}]},{"type":"paragraph","content":[{"text":"Save that as, say, test_assertion.json. Then we are told that we can run c2patool using this file as a parameter. So let’s try it:","type":"text"}]},{"type":"codeBlock","attrs":{"language":"shell"},"content":[{"text":"c2patool test_assertion.json -p greenwich_flowers_with_metadata.jpg \\\n -o greenwich_flowers_with_c2pa.jpg","type":"text"}]},{"type":"paragraph","content":[{"text":"But we get the following response from c2patool:","type":"text"}]},{"type":"codeBlock","content":[{"text":"-----------\n\nClaim creation requires key files \"/Users/brendan/.cai/temp_key.pem\" and \"/Users/brendan/.cai/temp_key.pub\"\n\nYou can generate a throwaway RSAPSS SSH private key for testing by \npasting the following line into a terminal and hitting enter\nmkdir -p ~/.x509 ; openssl req -new -newkey rsa:4096 -sigopt rsa_padding_mode:pss -days 180 -extensions v3_ca -addext \"keyUsage = digitalSignature\" -addext \"extendedKeyUsage = emailProtection\" -nodes -x509 -keyout ~/.x509/temp_key.pem -out ~/.x509/temp_key.pub -sha256 ; sudo chmod 644 ~/.x509/temp_key.pem\n\nYou should only need to do this once. \nSet the environment var CAI_SIGNING_ALGORITHM=ps256 to set the signature algorithm \n The environment variable CAI_KEY_PATH can specify an alternate key folder.\n\n-----------","type":"text"}]},{"type":"paragraph","content":[{"text":"Note that this message contradicts itself: it requires a folder called ","type":"text"},{"text":"~/.cai","type":"text","marks":[{"type":"code"}]},{"text":", NOT ","type":"text"},{"text":"~/.x509","type":"text","marks":[{"type":"code"}]},{"text":" as the example command says. Also the filenames for the key and certificate don’t match those given in the assertion example JSON, so I changed them in .","type":"text"}]},{"type":"paragraph","content":[{"text":"To make this work, on my MacOS system at least, I had to install openssl version 3 using homebrew:","type":"text"}]},{"type":"codeBlock","content":[{"text":"brew install openssl@3","type":"text"}]},{"type":"paragraph","content":[{"text":"And then explicitly use the openssl 3 binary when running the command (see below).","type":"text"}]},{"type":"paragraph","content":[{"text":"So what I had to do (after installing openssl 3) was the following:","type":"text"}]},{"type":"codeBlock","attrs":{"language":"shell"},"content":[{"text":"mkdir -p ~/.cai\n/opt/homebrew/opt/openssl@3/bin/openssl req -new -newkey rsa:4096 \\\n -sigopt rsa_padding_mode:pss -days 180 -extensions v3_ca \\\n -addext \"keyUsage = digitalSignature\" \\\n -addext \"extendedKeyUsage = emailProtection\" -nodes -x509 \\\n -keyout ~/.cai/temp_key.pem -out ~/.cai/temp_key.pub -sha256\n\nsudo chmod 644 ~/.cai/temp_key.pem","type":"text"}]},{"type":"paragraph","content":[{"text":"When I ran this command, it asked me some questions about what information I wanted to put into the certificate:","type":"text"}]},{"type":"codeBlock","attrs":{"language":"shell"},"content":[{"text":"...+.....+.+.........+..+.........+.+........+....+..+................+.................+...+.......+............+.....+....+......+......+...............+..+......+.+.........+.....+....+...............+..+....+......+...+...+..+.+.....+.......+........+......+.+...+.....+................+...+...+.................+.+..+.......+......+..+..........+.....+...+.+...+...+..+............+......+....+.....+......+...+.......+...+...........+...+.......+.........+..+...+.+........+.+..+.........+.........+......+....+.....+.+.....+......+...+.+......+............+...+..+...+....+.....+...+...+....+...+........+....+...+.....+......+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*...+......+............+...+..+...+....+..+...+......+....+..+...............+.+...+..+....+...+.....+...+...+.....................+.+.........+...........+...+....+...+.....+...+.+...+...+........+......+.............+.....+.+..+...+....+.....+......+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*.+......+.......+..+.......+........+......+....+.....+......+..........+..+...............+....+...............+...+......+.....+..............................+.......+..+.......+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++\n.+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*...+......+.+......+.....+............+...............+.+..+...+.+...+.....+......+..........+......+........+..........+.....+......+............+...+......+....+..+.......+..+....+.....+.+...+............+...+..+.+.........+......+........+.+........+......+......+.+............+...+.........+...+..+....+..+.............+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*................+...+......................+......+.........+......+.....+..........+........+......+.............+.....+............+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++\n-----\nYou are about to be asked to enter information that will be incorporated\ninto your certificate request.\nWhat you are about to enter is what is called a Distinguished Name or a DN.\nThere are quite a few fields but you can leave some blank\nFor some fields there will be a default value,\nIf you enter '.', the field will be left blank.\n-----\nCountry Name (2 letter code) [AU]:GB\nState or Province Name (full name) [Some-State]:\nLocality Name (eg, city) []:London\nOrganization Name (eg, company) [Internet Widgits Pty Ltd]:IPTC\nOrganizational Unit Name (eg, section) []:\nCommon Name (e.g. server FQDN or YOUR name) []:iptc.org\nEmail Address []:office@iptc.org","type":"text"}]},{"type":"paragraph","content":[{"text":"It then returned with no information, but my ","type":"text"},{"text":"~/.cai","type":"text","marks":[{"type":"code"}]},{"text":" folder now contained files called ","type":"text"},{"text":"es256_certs.pem","type":"text","marks":[{"type":"code"}]},{"text":" and ","type":"text"},{"text":"es256_private.key","type":"text","marks":[{"type":"code"}]},{"text":" as I had requested in the command.","type":"text"}]},{"type":"heading","attrs":{"level":2},"content":[{"text":"Step 5: Embedding the assertion into our image using c2patool","type":"text"}]},{"type":"paragraph","content":[{"text":"Finally we can now run the ","type":"text"},{"text":"c2patool","type":"text","marks":[{"type":"code"}]},{"text":" command to sign and embed the assertion:","type":"text"}]},{"type":"codeBlock","attrs":{"language":"shell"},"content":[{"text":"c2patool test_assertion.json -p greenwich_flowers_with_metadata.jpg \\\n -o greenwich_flowers_with_c2pa.jpg","type":"text"}]},{"type":"paragraph","content":[{"text":"This returns a full copy of the embedded, signed manifest, which is also embedded into the file:","type":"text"}]},{"type":"codeBlock","attrs":{"language":"json"},"content":[{"text":"{\n \"active_manifest\": \"iptc:urn:uuid:69e35782-99da-4be1-83b1-85ede6dfd4b5\",\n \"manifests\": {\n \"iptc:urn:uuid:69e35782-99da-4be1-83b1-85ede6dfd4b5\": {\n \"claim_generator\": \"BQ Test with c2patool/0.1 c2pa-rs/0.1.3\",\n \"claim_generator_hints\": {\n \"Sec-CH-UA\": \"\\\"c2pa-rs\\\";v=\\\"0.1.3\\\"\"\n },\n \"asset\": {\n \"title\": \"greenwich_flowers_with_c2pa.jpg\",\n \"format\": \"image/jpeg\",\n \"instance_id\": \"xmp.iid:ef558a6e-e419-4aae-8890-f6b2b2bed77c\"\n },\n \"ingredients\": [\n {\n \"title\": \"greenwich_flowers_with_metadata.jpg\",\n \"format\": \"image/jpeg\",\n \"document_id\": \"adobe:docid:photoshop:91a3bd3c-4510-ca4a-8d21-8f2fb4edaf91\",\n \"instance_id\": \"xmp.iid:ef558a6e-e419-4aae-8890-f6b2b2bed77c\",\n \"is_parent\": true\n }\n ],\n \"credentials\": [],\n \"assertions\": [\n {\n \"label\": \"stds.iptc.photo-metadata\",\n \"data\": {\n \"@context\": {\n \"Iptc4xmpCore\": \"http://iptc.org/std/Iptc4xmpCore/1.0/xmlns/\",\n \"Iptc4xmpExt\": \"http://iptc.org/std/Iptc4xmpExt/2008-02-29/\",\n \"aux\": \"http://ns.adobe.com/exif/1.0/aux/\",\n \"dc\": \"http://purl.org/dc/elements/1.1/\",\n \"exifEX\": \"http://cipa.jp/exif/1.0/\",\n \"photoshop\": \"http://ns.adobe.com/photoshop/1.0/\",\n \"plus\": \"http://ns.useplus.org/ldf/xmp/1.0/\",\n \"rdf\": \"http://www.w3.org/1999/02/22-rdf-syntax-ns#\",\n \"stEvt\": \"http://ns.adobe.com/xap/1.0/sType/ResourceEvent#\",\n \"xmp\": \"http://ns.adobe.com/xap/1.0/\",\n \"xmpMM\": \"http://ns.adobe.com/xap/1.0/mm/\",\n \"xmpRights\": \"http://ns.adobe.com/xap/1.0/rights/\"\n },\n \"@graph\": {\n \"@id\": \"file:///Users/brendan/dev/iptc/c2pa/c2patool-play/greenwich_flowers_xmp_pretty.xml\",\n \"Iptc4xmpCore:CountryCode\": \"GB\",\n \"Iptc4xmpCore:CreatorContactInfo\": {\n \"Iptc4xmpCore:CiAdrCity\": \"London\",\n \"Iptc4xmpCore:CiAdrCtry\": \"United Kingdom\",\n \"Iptc4xmpCore:CiAdrExtadr\": \"25 Southampton Buildings\",\n \"Iptc4xmpCore:CiAdrPcode\": \"WC2A 1AL\",\n \"Iptc4xmpCore:CiAdrRegion\": \"London\",\n \"Iptc4xmpCore:CiEmailWork\": \"mdirector@iptc.org\",\n \"Iptc4xmpCore:CiTelWork\": \"+44 (0)20 3178 4922 \",\n \"Iptc4xmpCore:CiUrlWork\": \"https://www.iptc.org/\"\n },\n \"Iptc4xmpCore:IntellectualGenre\": \"https://cv.iptc.org/newscodes/genre/Actuality\",\n \"Iptc4xmpCore:Location\": \"Greenwich\",\n \"Iptc4xmpCore:Scene\": \"https://cv.iptc.org/newscodes/scene/011600\",\n \"Iptc4xmpExt:DigitalSourceType\": \"http://cv.iptc.org/newscodes/digitalsourcetype/digitalCapture\",\n \"Iptc4xmpExt:LocationCreated\": {\n \"Iptc4xmpExt:City\": \"London\",\n \"Iptc4xmpExt:CountryCode\": \"GB\",\n \"Iptc4xmpExt:CountryName\": \"United Kingdom\",\n \"Iptc4xmpExt:ProvinceState\": \"London\",\n \"Iptc4xmpExt:Sublocation\": \"Greenwich\",\n \"Iptc4xmpExt:WorldRegion\": \"Europe\"\n },\n \"Iptc4xmpExt:LocationShown\": {\n \"Iptc4xmpExt:City\": \"London\",\n \"Iptc4xmpExt:CountryCode\": \"GB\",\n \"Iptc4xmpExt:CountryName\": \"United Kingdom\",\n \"Iptc4xmpExt:ProvinceState\": \"London\",\n \"Iptc4xmpExt:Sublocation\": \"Greenwich\",\n \"Iptc4xmpExt:WorldRegion\": \"Europe\"\n },\n \"aux:Lens\": \"iPhone 11 back dual wide camera 4.25mm f/1.8\",\n \"aux:LensInfo\": \"807365/524263 17/4 9/5 12/5\",\n \"dc:creator\": \"Brendan Quinn\",\n \"dc:description\": \"Wildflowers at the Rose Garden, Greenwich Park, London\",\n \"dc:format\": \"image/jpeg\",\n \"dc:rights\": \"Copyright (C) Brendan Quinn 2022. Some rights reserved.\",\n \"dc:subject\": [\n \"Rose Garden\",\n \"Greenwich\",\n \"flowers\",\n \"Wild flowers\"\n ],\n \"exifEX:LensMake\": \"Apple\",\n \"exifEX:LensModel\": \"iPhone 11 back dual wide camera 4.25mm f/1.8\",\n \"photoshop:AuthorsPosition\": \"Managing Director\",\n \"photoshop:CaptionWriter\": \"Brendan Quinn\",\n \"photoshop:City\": \"London\",\n \"photoshop:ColorMode\": \"3\",\n \"photoshop:Country\": \"United Kingdom\",\n \"photoshop:DateCreated\": \"2022-07-09T17:47:17.538\",\n \"photoshop:Headline\": \"Wildflowers at the Rose Garden, Greenwich Park, London\",\n \"photoshop:ICCProfile\": \"Display P3\",\n \"photoshop:LegacyIPTCDigest\": \"74680B31492930D266D0FAE3B244D1BD\",\n \"photoshop:State\": \"London\",\n \"plus:CopyrightOwner\": {\n \"plus:CopyrightOwnerName\": \"Brendan Quinn\"\n },\n \"plus:ImageCreator\": {\n \"plus:ImageCreatorName\": \"Brendan Quinn\"\n },\n \"plus:ImageSupplier\": {\n \"plus:ImageSupplierName\": \"IPTC\"\n },\n \"plus:Licensor\": {\n \"plus:LicensorEmail\": \"office@iptc.org\",\n \"plus:LicensorName\": \"Brendan Quinn\",\n \"plus:LicensorTelephoneType2\": \"http://ns.useplus.org/ldf/vocab/work\",\n \"plus:LicensorURL\": \"www.iptc.org/\"\n },\n \"plus:ModelReleaseStatus\": \"http://ns.useplus.org/ldf/vocab/MR-NAP\",\n \"plus:PropertyReleaseStatus\": \"http://ns.useplus.org/ldf/vocab/PR-NAP\",\n \"xmp:CreateDate\": \"2022-07-09T17:47:17\",\n \"xmp:CreatorTool\": \"15.5\",\n \"xmp:MetadataDate\": \"2022-07-21T15:46:32+03:00\",\n \"xmp:ModifyDate\": \"2022-07-21T15:46:32+03:00\",\n \"xmp:mm/InstanceID\": \"xmp.iid:ef558a6e-e419-4aae-8890-f6b2b2bed77c\",\n \"xmp:mm/OriginalDocumentID\": \"4B267F2683ABA382F9E0C1DE10BF4210\",\n \"xmp:rights/UsageTerms\": \"Usage permitted under Creative Commons Attribution (CC-BY 4.0) licence.\"\n }\n }\n },\n {\n \"label\": \"c2pa.hash.data\",\n \"data\": {\n \"alg\": \"sha256\",\n \"exclusions\": [\n {\n \"length\": 766693,\n \"start\": 11334\n }\n ],\n \"hash\": \"p4CB4O1GytvYNTcRG4xuy7UlX53wFLNsxNHfDKChs2w=\",\n \"name\": \"jumbf manifest\",\n \"pad\": \"\"\n }\n }\n ],\n \"signature_info\": {\n \"issuer\": \"IPTC\",\n \"time\": \"2022-07-21T13:51:22.223549+00:00\"\n }\n }\n }\n}","type":"text"}]},{"type":"heading","attrs":{"level":2},"content":[{"text":"Step 6: Checking what we’ve done","type":"text"}]},{"type":"paragraph","content":[{"text":"Firstly, we can use ","type":"text"},{"text":"c2patool","type":"text","marks":[{"type":"code"}]},{"text":" itself in read-only mode, to view the embedded manifest including our assertion:","type":"text"}]},{"type":"codeBlock","content":[{"text":"c2patool -d greenwich_flowers_with_c2pa.jpg\n{\n \"active_manifest\": \"iptc:urn:uuid:d2bf46f1-cb56-4899-b386-1270ae9581a0\",\n \"manifests\": {\n \"iptc:urn:uuid:d2bf46f1-cb56-4899-b386-1270ae9581a0\": {\n \"claim\": {\n \"alg\": \"sha256\",\n \"assertions\": [\n {\n \"hash\": \"Mes+SkL6ATGlyTDj9oQB83r5bzzuONDG3AGEnzEYdhk=\",\n \"url\": \"self#jumbf=c2pa.assertions/c2pa.thumbnail.claim.jpeg\"\n },\n {\n \"hash\": \"/UBCRIHKhkBBGZz/xvU4/Xfoy1FnGXRAGWT+FTgVyd4=\",\n \"url\": \"self#jumbf=c2pa.assertions/c2pa.thumbnail.ingredient.jpeg\"\n },\n {\n \"hash\": \"VK6sfqioMibOyyF2oqJVPBQpae/ObPk/sZBGqNGQZWs=\",\n \"url\": \"self#jumbf=c2pa.assertions/c2pa.ingredient\"\n },\n {\n \"hash\": \"WiLn4YZAvAxxOyYdcwYJ57/DPQQd0BZ7BhvgvdXp0II=\",\n \"url\": \"self#jumbf=c2pa.assertions/stds.iptc.photo-metadata\"\n },\n {\n \"hash\": \"ZnfuVaZ+3msvlXtNMO/4Lg101KKvGRPQtHFNWW/cU2o=\",\n \"url\": \"self#jumbf=c2pa.assertions/c2pa.hash.data\"\n }\n ],\n \"claim_generator\": \"BQ Test with c2patool/0.1 c2pa-rs/0.1.3\",\n \"claim_generator_hints\": {\n \"Sec-CH-UA\": \"\\\"c2pa-rs\\\";v=\\\"0.1.3\\\"\"\n },\n \"dc:format\": \"image/jpeg\",\n \"dc:title\": \"greenwich_flowers_with_c2pa.jpg\",\n \"instanceID\": \"xmp.iid:ef558a6e-e419-4aae-8890-f6b2b2bed77c\",\n \"signature\": \"self#jumbf=c2pa.signature\"\n },\n \"assertion_store\": {\n \"c2pa.thumbnail.claim.jpeg\": \" len = 376929\",\n \"c2pa.thumbnail.ingredient.jpeg\": \" len = 376929\",\n \"c2pa.hash.data\": {\n \"alg\": \"sha256\",\n \"exclusions\": [\n {\n \"length\": 766708,\n \"start\": 11334\n }\n ],\n \"hash\": \"M7kXVTNy8VZak4B+p6lPCJbgevGRhB4Y7EK+dOVZM90=\",\n \"name\": \"jumbf manifest\",\n \"pad\": \"\"\n },\n \"stds.iptc.photo-metadata\": {\n \"@context\": {\n \"Iptc4xmpCore\": \"http://iptc.org/std/Iptc4xmpCore/1.0/xmlns/\",\n \"Iptc4xmpExt\": \"http://iptc.org/std/Iptc4xmpExt/2008-02-29/\",\n \"aux\": \"http://ns.adobe.com/exif/1.0/aux/\",\n \"dc\": \"http://purl.org/dc/elements/1.1/\",\n \"exifEX\": \"http://cipa.jp/exif/1.0/\",\n \"photoshop\": \"http://ns.adobe.com/photoshop/1.0/\",\n \"plus\": \"http://ns.useplus.org/ldf/xmp/1.0/\",\n \"rdf\": \"http://www.w3.org/1999/02/22-rdf-syntax-ns#\",\n \"stEvt\": \"http://ns.adobe.com/xap/1.0/sType/ResourceEvent#\",\n \"xmp\": \"http://ns.adobe.com/xap/1.0/\",\n \"xmpMM\": \"http://ns.adobe.com/xap/1.0/mm/\",\n \"xmpRights\": \"http://ns.adobe.com/xap/1.0/rights/\"\n },\n \"@graph\": {\n \"@id\": \"file:///Users/brendan/dev/iptc/c2pa/c2patool-play/greenwich_flowers_xmp_pretty.xml\",\n \"Iptc4xmpCore:CountryCode\": \"GB\",\n \"Iptc4xmpCore:CreatorContactInfo\": {\n \"Iptc4xmpCore:CiAdrCity\": \"London\",\n \"Iptc4xmpCore:CiAdrCtry\": \"United Kingdom\",\n \"Iptc4xmpCore:CiAdrExtadr\": \"25 Southampton Buildings\",\n \"Iptc4xmpCore:CiAdrPcode\": \"WC2A 1AL\",\n \"Iptc4xmpCore:CiAdrRegion\": \"London\",\n \"Iptc4xmpCore:CiEmailWork\": \"mdirector@iptc.org\",\n \"Iptc4xmpCore:CiTelWork\": \"+44 (0)20 3178 4922 \",\n \"Iptc4xmpCore:CiUrlWork\": \"https://www.iptc.org/\"\n },\n...etc...\n },\n \"c2pa.ingredient\": {\n \"dc:format\": \"image/jpeg\",\n \"dc:title\": \"greenwich_flowers_with_metadata.jpg\",\n \"documentID\": \"adobe:docid:photoshop:91a3bd3c-4510-ca4a-8d21-8f2fb4edaf91\",\n \"instanceID\": \"xmp.iid:ef558a6e-e419-4aae-8890-f6b2b2bed77c\",\n \"relationship\": \"parentOf\",\n \"thumbnail\": {\n \"hash\": \"/UBCRIHKhkBBGZz/xvU4/Xfoy1FnGXRAGWT+FTgVyd4=\",\n \"url\": \"self#jumbf=c2pa.assertions/c2pa.thumbnail.ingredient.jpeg\"\n }\n }\n },\n \"signature\": {\n \"alg\": \"ps256\",\n \"issuer\": \"IPTC\",\n \"time\": \"2022-07-29T15:29:24.974920+00:00\"\n }\n }\n },\n \"validation_status\": [\n {\n \"code\": \"claimSignature.validated\",\n \"url\": \"self#jumbf=/c2pa/iptc:urn:uuid:d2bf46f1-cb56-4899-b386-1270ae9581a0/c2pa.signature\",\n \"explanation\": \"claim signature valid\"\n },\n {\n \"code\": \"assertion.hashedURI.match\",\n \"url\": \"self#jumbf=c2pa.assertions/c2pa.thumbnail.claim.jpeg\",\n \"explanation\": \"hashed uri matched: self#jumbf=c2pa.assertions/c2pa.thumbnail.claim.jpeg\"\n },\n {\n \"code\": \"assertion.hashedURI.match\",\n \"url\": \"self#jumbf=c2pa.assertions/c2pa.thumbnail.ingredient.jpeg\",\n \"explanation\": \"hashed uri matched: self#jumbf=c2pa.assertions/c2pa.thumbnail.ingredient.jpeg\"\n },\n {\n \"code\": \"assertion.hashedURI.match\",\n \"url\": \"self#jumbf=c2pa.assertions/c2pa.ingredient\",\n \"explanation\": \"hashed uri matched: self#jumbf=c2pa.assertions/c2pa.ingredient\"\n },\n {\n \"code\": \"assertion.hashedURI.match\",\n \"url\": \"self#jumbf=c2pa.assertions/stds.iptc.photo-metadata\",\n \"explanation\": \"hashed uri matched: self#jumbf=c2pa.assertions/stds.iptc.photo-metadata\"\n },\n {\n \"code\": \"assertion.hashedURI.match\",\n \"url\": \"self#jumbf=c2pa.assertions/c2pa.hash.data\",\n \"explanation\": \"hashed uri matched: self#jumbf=c2pa.assertions/c2pa.hash.data\"\n },\n {\n \"code\": \"assertion.dataHash.match\",\n \"url\": \"self#jumbf=/c2pa/iptc:urn:uuid:d2bf46f1-cb56-4899-b386-1270ae9581a0/c2pa.assertions/c2pa.hash.data\",\n \"explanation\": \"data hash valid\"\n }\n ]\n}","type":"text"}]},{"type":"paragraph","content":[{"text":"So we can see that the signatures match and the image is un-tampered. (A fun exercise might be to try to change the metadata in a hex editor and see what happens!)","type":"text"}]},{"type":"paragraph","content":[{"text":"We can then load the image into ","type":"text"},{"text":"verify.contentauthenticity.org","type":"text","marks":[{"type":"link","attrs":{"href":"http://verify.contentauthenticity.org"}}]},{"text":" to see what it looks like:","type":"text"}]},{"type":"mediaSingle","attrs":{"layout":"center","width":100.0},"content":[{"type":"media","attrs":{"width":395,"id":"cb6c04ed-5d22-4474-a8d0-87d0af444035","collection":"contentId-613613569","type":"file","height":241}},{"type":"caption","content":[{"text":"Viewing our C2PA-compliant image using verify.contentauthenticity.org","type":"text"}]}]},{"type":"paragraph","content":[{"text":"So we can see that the image is “signed by” the string that we entered into the certificate “Organization Name” field. For “produced with,” ","type":"text"},{"text":"verify.contentauthenticity.org","type":"text","marks":[{"type":"link","attrs":{"href":"http://verify.contentauthenticity.org"}}]},{"text":" seems to use the first word in the “claim generator” string (everything up to the first space character).","type":"text"}]},{"type":"paragraph","content":[{"text":"But none of the IPTC metadata included in the assertion is shown on ","type":"text"},{"text":"verify.contentauthenticity.org","type":"text","marks":[{"type":"link","attrs":{"href":"http://verify.contentauthenticity.org"}}]},{"text":" ","type":"text"},{"type":"emoji","attrs":{"id":"1f61e","text":"😞","shortName":":disappointed:"}}]},{"type":"paragraph","content":[{"text":"We are in active discussions with the CAI team to work out exactly how to display asserted IPTC metadata on this screen, so watch this space!","type":"text"}]},{"type":"paragraph","content":[{"text":"How about if we load the image into Photoshop, with Content Credentials (the Photoshop name for C2PA) switched on? Well it doesn’t seem to do much at all…","type":"text"}]},{"type":"mediaSingle","attrs":{"layout":"center","width":100.0},"content":[{"type":"media","attrs":{"width":343,"id":"79b343e3-48ca-45d4-8621-4391a7fa22bd","collection":"contentId-613613569","type":"file","height":355}},{"type":"caption","content":[{"text":"Loading the C2PA-compliant image into Photoshop and looking at “Content Credentials Preview”","type":"text"}]}]},{"type":"paragraph","content":[{"text":"As can be seen from the screenshot, loading the image into Photoshop and viewing the “Content Credentials Preview” window seems to just show that an Adobe signature would be added when the image is saved. Perhaps I’m missing something here - please let me know if you can see I’m doing something wrong!","type":"text"}]},{"type":"paragraph","content":[{"text":"(As more C2PA-compliant tools are released, we will add more content to this section.)","type":"text"}]},{"type":"heading","attrs":{"level":2},"content":[{"text":"Step 7: Tampering with the metadata","type":"text"}]},{"type":"paragraph","content":[{"text":"To see if the hashing and signing feature works, I tried tampering with the embedded metadata.","type":"text"}]},{"type":"paragraph","content":[{"text":"To do this I created a hex dump of the C2PA version of the image using xxd on my Mac command line, edited it using a text editor, and used xxd again to re-create the binary from the tampered image.","type":"text"}]},{"type":"codeBlock","attrs":{"language":"shell"},"content":[{"text":"cat greenwich_flowers_with_c2pa.jpg| xxd >hex-dump\nvi hex-dump\n# ... make changes by hand ...\n# recreate the binary files from the edited hex dump:\ncat hex-dump | xxd -r >greenwich_flowers_with_c2pa_tampered.jpg","type":"text"}]},{"type":"paragraph","content":[{"text":"The specific change I made was to change the copyright year (","type":"text"},{"text":"dc:rights","type":"text","marks":[{"type":"code"}]},{"text":" field) from 2022 to 2099.","type":"text"}]},{"type":"paragraph","content":[{"text":"Let’s see what ","type":"text"},{"text":"c2patool","type":"text","marks":[{"type":"code"}]},{"text":" says about the tampered file:","type":"text"}]},{"type":"codeBlock","content":[{"text":"c2patool -d greenwich_flowers_with_c2pa_tampered.jpg \n{\n \"active_manifest\": \"iptc:urn:uuid:d2bf46f1-cb56-4899-b386-1270ae9581a0\",\n \"manifests\": {\n \"iptc:urn:uuid:d2bf46f1-cb56-4899-b386-1270ae9581a0\": {\n \"claim\": {\n \"alg\": \"sha256\",\n \"assertions\": [\n {\n \"hash\": \"Mes+SkL6ATGlyTDj9oQB83r5bzzuONDG3AGEnzEYdhk=\",\n \"url\": \"self#jumbf=c2pa.assertions/c2pa.thumbnail.claim.jpeg\"\n },\n {\n \"hash\": \"/UBCRIHKhkBBGZz/xvU4/Xfoy1FnGXRAGWT+FTgVyd4=\",\n \"url\": \"self#jumbf=c2pa.assertions/c2pa.thumbnail.ingredient.jpeg\"\n },\n {\n \"hash\": \"VK6sfqioMibOyyF2oqJVPBQpae/ObPk/sZBGqNGQZWs=\",\n \"url\": \"self#jumbf=c2pa.assertions/c2pa.ingredient\"\n },\n {\n \"hash\": \"WiLn4YZAvAxxOyYdcwYJ57/DPQQd0BZ7BhvgvdXp0II=\",\n \"url\": \"self#jumbf=c2pa.assertions/stds.iptc.photo-metadata\"\n },\n {\n \"hash\": \"ZnfuVaZ+3msvlXtNMO/4Lg101KKvGRPQtHFNWW/cU2o=\",\n \"url\": \"self#jumbf=c2pa.assertions/c2pa.hash.data\"\n }\n ],\n \"claim_generator\": \"BQ Test with c2patool/0.1 c2pa-rs/0.1.3\",\n \"claim_generator_hints\": {\n \"Sec-CH-UA\": \"\\\"c2pa-rs\\\";v=\\\"0.1.3\\\"\"\n },\n \"dc:format\": \"image/jpeg\",\n \"dc:title\": \"greenwich_flowers_with_c2pa.jpg\",\n \"instanceID\": \"xmp.iid:ef558a6e-e419-4aae-8890-f6b2b2bed77c\",\n \"signature\": \"self#jumbf=c2pa.signature\"\n },\n \"assertion_store\": {\n \"c2pa.hash.data\": {\n \"alg\": \"sha256\",\n \"exclusions\": [\n {\n \"length\": 766708,\n \"start\": 11334\n }\n ],\n \"hash\": \"M7kXVTNy8VZak4B+p6lPCJbgevGRhB4Y7EK+dOVZM90=\",\n \"name\": \"jumbf manifest\",\n \"pad\": \"\"\n },\n \"c2pa.ingredient\": {\n \"dc:format\": \"image/jpeg\",\n \"dc:title\": \"greenwich_flowers_with_metadata.jpg\",\n \"documentID\": \"adobe:docid:photoshop:91a3bd3c-4510-ca4a-8d21-8f2fb4edaf91\",\n \"instanceID\": \"xmp.iid:ef558a6e-e419-4aae-8890-f6b2b2bed77c\",\n \"relationship\": \"parentOf\",\n \"thumbnail\": {\n \"hash\": \"/UBCRIHKhkBBGZz/xvU4/Xfoy1FnGXRAGWT+FTgVyd4=\",\n \"url\": \"self#jumbf=c2pa.assertions/c2pa.thumbnail.ingredient.jpeg\"\n }\n },\n \"c2pa.thumbnail.ingredient.jpeg\": \" len = 376929\",\n \"c2pa.thumbnail.claim.jpeg\": \" len = 376929\",\n \"stds.iptc.photo-metadata\": {\n \"@context\": {\n \"Iptc4xmpCore\": \"http://iptc.org/std/Iptc4xmpCore/1.0/xmlns/\",\n \"Iptc4xmpExt\": \"http://iptc.org/std/Iptc4xmpExt/2008-02-29/\",\n \"aux\": \"http://ns.adobe.com/exif/1.0/aux/\",\n \"dc\": \"http://purl.org/dc/elements/1.1/\",\n \"exifEX\": \"http://cipa.jp/exif/1.0/\",\n \"photoshop\": \"http://ns.adobe.com/photoshop/1.0/\",\n \"plus\": \"http://ns.useplus.org/ldf/xmp/1.0/\",\n \"rdf\": \"http://www.w3.org/1999/02/22-rdf-syntax-ns#\",\n \"stEvt\": \"http://ns.adobe.com/xap/1.0/sType/ResourceEvent#\",\n \"xmp\": \"http://ns.adobe.com/xap/1.0/\",\n \"xmpMM\": \"http://ns.adobe.com/xap/1.0/mm/\",\n \"xmpRights\": \"http://ns.adobe.com/xap/1.0/rights/\"\n },\n \"@graph\": {\n \"@id\": \"file:///Users/brendan/dev/iptc/c2pa/c2patool-play/greenwich_flowers_xmp_pretty.xml\",\n \"Iptc4xmpCore:CountryCode\": \"GB\",\n \"Iptc4xmpCore:CreatorContactInfo\": {\n \"Iptc4xmpCore:CiAdrCity\": \"London\",\n \"Iptc4xmpCore:CiAdrCtry\": \"United Kingdom\",\n \"Iptc4xmpCore:CiAdrExtadr\": \"25 Southampton Buildings\",\n \"Iptc4xmpCore:CiAdrPcode\": \"WC2A 1AL\",\n \"Iptc4xmpCore:CiAdrRegion\": \"London\",\n \"Iptc4xmpCore:CiEmailWork\": \"mdirector@iptc.org\",\n \"Iptc4xmpCore:CiTelWork\": \"+44 (0)20 3178 4922 \",\n \"Iptc4xmpCore:CiUrlWork\": \"https://www.iptc.org/\"\n },\n \"Iptc4xmpCore:IntellectualGenre\": \"https://cv.iptc.org/newscodes/genre/Actuality\",\n \"Iptc4xmpCore:Location\": \"Greenwich\",\n \"Iptc4xmpCore:Scene\": \"https://cv.iptc.org/newscodes/scene/011600\",\n \"Iptc4xmpExt:DigitalSourceType\": \"http://cv.iptc.org/newscodes/digitalsourcetype/digitalCapture\",\n \"Iptc4xmpExt:LocationCreated\": {\n \"Iptc4xmpExt:City\": \"London\",\n \"Iptc4xmpExt:CountryCode\": \"GB\",\n \"Iptc4xmpExt:CountryName\": \"United Kingdom\",\n \"Iptc4xmpExt:ProvinceState\": \"London\",\n \"Iptc4xmpExt:Sublocation\": \"Greenwich\",\n \"Iptc4xmpExt:WorldRegion\": \"Europe\"\n },\n \"Iptc4xmpExt:LocationShown\": {\n \"Iptc4xmpExt:City\": \"London\",\n \"Iptc4xmpExt:CountryCode\": \"GB\",\n \"Iptc4xmpExt:CountryName\": \"United Kingdom\",\n \"Iptc4xmpExt:ProvinceState\": \"London\",\n \"Iptc4xmpExt:Sublocation\": \"Greenwich\",\n \"Iptc4xmpExt:WorldRegion\": \"Europe\"\n },\n \"aux:Lens\": \"iPhone 11 back dual wide camera 4.25mm f/1.8\",\n \"aux:LensInfo\": \"807365/524263 17/4 9/5 12/5\",\n \"dc:creator\": \"Brendan Quinn\",\n \"dc:description\": \"Wildflowers at the Rose Garden, Greenwich Park, London\",\n \"dc:format\": \"image/jpeg\",\n \"dc:rights\": \"Copyright (C) Brendan Quinn 2099. Some rights reserved.\",\n \"dc:subject\": [\n \"Rose Garden\",\n \"Greenwich\",\n \"flowers\",\n \"Wild flowers\"\n ],\n \"exifEX:LensMake\": \"Apple\",\n \"exifEX:LensModel\": \"iPhone 11 back dual wide camera 4.25mm f/1.8\",\n \"photoshop:AuthorsPosition\": \"Managing Director\",\n \"photoshop:CaptionWriter\": \"Brendan Quinn\",\n \"photoshop:City\": \"London\",\n \"photoshop:ColorMode\": \"3\",\n \"photoshop:Country\": \"United Kingdom\",\n \"photoshop:DateCreated\": \"2022-07-09T17:47:17.538\",\n \"photoshop:Headline\": \"Wildflowers at the Rose Garden, Greenwich Park, London\",\n \"photoshop:ICCProfile\": \"Display P3\",\n \"photoshop:LegacyIPTCDigest\": \"74680B31492930D266D0FAE3B244D1BD\",\n \"photoshop:State\": \"London\",\n \"plus:CopyrightOwner\": {\n \"plus:CopyrightOwnerName\": \"Brendan Quinn\"\n },\n \"plus:ImageCreator\": {\n \"plus:ImageCreatorName\": \"Brendan Quinn\"\n },\n \"plus:ImageSupplier\": {\n \"plus:ImageSupplierName\": \"IPTC\"\n },\n \"plus:Licensor\": {\n \"plus:LicensorEmail\": \"office@iptc.org\",\n \"plus:LicensorName\": \"Brendan Quinn\",\n \"plus:LicensorTelephoneType2\": \"http://ns.useplus.org/ldf/vocab/work\",\n \"plus:LicensorURL\": \"www.iptc.org/\"\n },\n \"plus:ModelReleaseStatus\": \"http://ns.useplus.org/ldf/vocab/MR-NAP\",\n \"plus:PropertyReleaseStatus\": \"http://ns.useplus.org/ldf/vocab/PR-NAP\",\n \"xmp:CreateDate\": \"2022-07-09T17:47:17\",\n \"xmp:CreatorTool\": \"15.5\",\n \"xmp:MetadataDate\": \"2022-07-21T15:46:32+03:00\",\n \"xmp:ModifyDate\": \"2022-07-21T15:46:32+03:00\",\n \"xmp:mm/InstanceID\": \"xmp.iid:ef558a6e-e419-4aae-8890-f6b2b2bed77c\",\n \"xmp:mm/OriginalDocumentID\": \"4B267F2683ABA382F9E0C1DE10BF4210\",\n \"xmp:rights/UsageTerms\": \"Usage permitted under Creative Commons Attribution (CC-BY 4.0) licence.\"\n }\n }\n },\n \"signature\": {\n \"alg\": \"ps256\",\n \"issuer\": \"IPTC\",\n \"time\": \"2022-07-29T15:29:24.974920+00:00\"\n }\n }\n },\n \"validation_status\": [\n {\n \"code\": \"claimSignature.validated\",\n \"url\": \"self#jumbf=/c2pa/iptc:urn:uuid:d2bf46f1-cb56-4899-b386-1270ae9581a0/c2pa.signature\",\n \"explanation\": \"claim signature valid\"\n },\n {\n \"code\": \"assertion.hashedURI.match\",\n \"url\": \"self#jumbf=c2pa.assertions/c2pa.thumbnail.claim.jpeg\",\n \"explanation\": \"hashed uri matched: self#jumbf=c2pa.assertions/c2pa.thumbnail.claim.jpeg\"\n },\n {\n \"code\": \"assertion.hashedURI.match\",\n \"url\": \"self#jumbf=c2pa.assertions/c2pa.thumbnail.ingredient.jpeg\",\n \"explanation\": \"hashed uri matched: self#jumbf=c2pa.assertions/c2pa.thumbnail.ingredient.jpeg\"\n },\n {\n \"code\": \"assertion.hashedURI.match\",\n \"url\": \"self#jumbf=c2pa.assertions/c2pa.ingredient\",\n \"explanation\": \"hashed uri matched: self#jumbf=c2pa.assertions/c2pa.ingredient\"\n },\n {\n \"code\": \"assertion.hashedURI.mismatch\",\n \"url\": \"self#jumbf=c2pa.assertions/stds.iptc.photo-metadata\",\n \"explanation\": \"hash does not match assertion data: self#jumbf=c2pa.assertions/stds.iptc.photo-metadata\"\n },\n {\n \"code\": \"assertion.hashedURI.match\",\n \"url\": \"self#jumbf=c2pa.assertions/c2pa.hash.data\",\n \"explanation\": \"hashed uri matched: self#jumbf=c2pa.assertions/c2pa.hash.data\"\n },\n {\n \"code\": \"assertion.dataHash.mismatch\",\n \"url\": \"self#jumbf=/c2pa/iptc:urn:uuid:d2bf46f1-cb56-4899-b386-1270ae9581a0/c2pa.assertions/c2pa.hash.data\",\n \"explanation\": \"asset hash error, name: jumbf manifest, error: hash verification( Hashes do not match )\"\n }\n ]\n}","type":"text"}]},{"type":"paragraph","content":[{"text":"As you can see in the ","type":"text"},{"text":"validation_status","type":"text","marks":[{"type":"code"}]},{"text":" section at the bottom of the output, the hashes no longer match. We have detected the tampering!","type":"text"}]},{"type":"paragraph","content":[{"text":"Loading the image into ","type":"text"},{"text":"verify.contentauthenticity.org","type":"text","marks":[{"type":"link","attrs":{"href":"http://verify.contentauthenticity.org"}}]},{"text":" doesn’t say that the image has been signed, but on the other hand it doesn’t say that it has been tampered with, either. I would have thought that it’s better to signal tampering to users than to simply say that there are no credentials. (Note: I now see that this doesn’t work for the previous image either, so something may have changed on ","type":"text"},{"text":"verify.contentauthenticity.org","type":"text","marks":[{"type":"link","attrs":{"href":"http://verify.contentauthenticity.org"}}]},{"text":" since I took the above screenshots a couple of weeks ago)","type":"text"}]},{"type":"mediaSingle","attrs":{"layout":"center"},"content":[{"type":"media","attrs":{"width":1187,"id":"c215487e-8f49-4086-9fd0-f6d6dffeb1cf","collection":"contentId-613613569","type":"file","height":700}}]},{"type":"heading","attrs":{"level":2},"content":[{"text":"Conclusions","type":"text"}]},{"type":"paragraph","content":[{"text":"So we have proven the concept and we have shown that it works, albeit in a limited context. What have we learned, and what comes next?","type":"text"}]},{"type":"bulletList","content":[{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"We can see that the technology works: we have created an assertion, hashed and signed it, and we can extract it and check the signature afterwards. This is a big step forward.","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Creating the JSON-LD version of the XMP packet is awkward and time-consuming. We need to develop some tools to help.","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Unfortunately there are no tools that can currently show IPTC Photo Metadata assertions to users, or Exif assertions for that matter, except for the command-line c2patool which is not accessible to regular users. We are working with CAI and C2PA on addressing this problem.","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Notice that I simply typed in “IPTC” as the organisation when I created the certificate, and ","type":"text"},{"text":"verify.contentauthenticity.org","type":"text","marks":[{"type":"link","attrs":{"href":"http://verify.contentauthenticity.org"}}]},{"text":" displayed it unquestioningly. I could have typed “BBC” or “The New York Times”, used it to sign anything, and the tool would dutifully display it as if it is genuine. Obviously this is the opposite of content authenticity! So we need to work on certificate chains and webs of trust (the same way HTTPS certificates work) in the next phase of adoption. We’re already talking about this in Project Origin, CAI and C2PA circles.","type":"text"}]}]}]},{"type":"paragraph"}],"version":1}

Browser not supported