Merge branch 'main' into wasm32-wasi_0.41.0

contentauth · Feb 11, 2025 · fca1c33 · fca1c33
2 parents 066a7a8 + e18d5d7
commit fca1c33
Show file tree

Hide file tree

Showing 20 changed files with 359 additions and 51 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -6,6 +6,13 @@ This project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.htm
 
 Since version 0.36.2, the format of this changelog is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
 
+## [0.45.3](https://github.com/contentauth/c2pa-rs/compare/c2pa-v0.45.2...c2pa-v0.45.3)
+_11 February 2025_
+
+### Fixed
+
+* Restore support for claim_generator_hints (#915)
+
 ## [0.45.2](https://github.com/contentauth/c2pa-rs/compare/c2pa-v0.45.1...c2pa-v0.45.2)
 _06 February 2025_
 

diff --git a/Cargo.lock b/Cargo.lock
diff --git a/cawg_identity/CHANGELOG.md b/cawg_identity/CHANGELOG.md
@@ -6,6 +6,13 @@ This project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.htm
 
 The format of this changelog is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
 
+## [0.6.1](https://github.com/contentauth/c2pa-rs/compare/cawg-identity-v0.6.0...cawg-identity-v0.6.1)
+_11 February 2025_
+
+### Fixed
+
+* *(cawg_identity)* No-op change to trigger re-release of cawg-identity crate (#918)
+
 ## [0.6.0](https://github.com/contentauth/c2pa-rs/compare/cawg-identity-v0.5.0...cawg-identity-v0.6.0)
 _30 January 2025_
 

diff --git a/cawg_identity/Cargo.toml b/cawg_identity/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 name = "cawg-identity"
-version = "0.6.0"
+version = "0.6.1"
 description = "Rust SDK for CAWG (Creator Assertions Working Group) identity assertion"
 authors = [
     "Eric Scouten <[email protected]>",
@@ -27,7 +27,7 @@ rustdoc-args = ["--cfg", "docsrs"]
 [dependencies]
 async-trait = "0.1.78"
 base64 = "0.22.1"
-c2pa = { path = "../sdk", version = "0.45.2", features = ["openssl"] }
+c2pa = { path = "../sdk", version = "0.45.3", features = ["openssl"] }
 c2pa-crypto = { path = "../internal/crypto", version = "0.6.2" }
 c2pa-status-tracker = { path = "../internal/status-tracker", version = "0.5.0" }
 chrono = { version = "0.4.38", features = ["serde"] }

diff --git a/cawg_identity/src/claim_aggregation/ica_credential.rs b/cawg_identity/src/claim_aggregation/ica_credential.rs
@@ -11,21 +11,32 @@
 // specific language governing permissions and limitations under
 // each license.
 
+use std::collections::BTreeMap;
+
 use chrono::{DateTime, FixedOffset};
-use iref::{Iri, UriBuf};
+use iref::{Iri, IriBuf, UriBuf};
 use non_empty_string::NonEmptyString;
 use nonempty_collections::NEVec;
 use serde::{Deserialize, Serialize};
 
 use crate::{
     claim_aggregation::w3c_vc::credential::{CredentialV2, VerifiableCredentialSubtype},
+    identity_assertion::signature_verifier::ToCredentialSummary,
     SignerPayload,
 };
 
 /// TO DO: Doc -- looks like CredentialV2 for our specific use
 /// case.
 pub type IcaCredential = CredentialV2<IdentityClaimsAggregationVc>;
 
+impl ToCredentialSummary for IcaCredential {
+    type CredentialSummary = IcaCredentialSummary;
+
+    fn to_summary(&self) -> Self::CredentialSummary {
+        IcaCredentialSummary::from_credential(self)
+    }
+}
+
 /// Identity claims aggregation context IRI.
 pub const IDENTITY_CLAIMS_AGGREGATION_CONTEXT_IRI: &Iri =
     static_iref::iri!("https://creator-assertions.github.io/tbd/tbd");
@@ -175,3 +186,53 @@ pub struct IdentityProvider {
     /// is the user-visible name of the _identity provider._
     pub name: NonEmptyString,
 }
+
+#[doc(hidden)]
+#[derive(Serialize)]
+pub struct IcaCredentialSummary {
+    #[serde(rename = "@context")]
+    contexts: NEVec<IriBuf>,
+
+    #[serde(
+        default,
+        deserialize_with = "not_null",
+        skip_serializing_if = "Option::is_none"
+    )]
+    id: Option<UriBuf>,
+
+    #[serde(rename = "type")]
+    types: NEVec<String>,
+
+    issuer: UriBuf,
+
+    #[serde(rename = "validFrom")]
+    #[serde(default, skip_serializing_if = "Option::is_none")]
+    valid_from: Option<DateTime<FixedOffset>>,
+
+    #[serde(rename = "validUntil")]
+    #[serde(default, skip_serializing_if = "Option::is_none")]
+    valid_until: Option<DateTime<FixedOffset>>,
+
+    #[serde(rename = "verifiedIdentities")]
+    verified_identities: NEVec<VerifiedIdentity>,
+
+    #[serde(flatten)]
+    extra_properties: BTreeMap<String, serde_json::Value>,
+}
+
+impl IcaCredentialSummary {
+    fn from_credential(ica: &IcaCredential) -> Self {
+        let subject = ica.credential_subjects.first();
+
+        Self {
+            contexts: ica.contexts.clone(),
+            id: ica.id.clone(),
+            issuer: ica.issuer.clone(),
+            types: ica.types.clone(),
+            valid_from: ica.valid_from,
+            valid_until: ica.valid_until,
+            verified_identities: subject.verified_identities.clone(),
+            extra_properties: ica.extra_properties.clone(),
+        }
+    }
+}
diff --git a/cawg_identity/src/claim_aggregation/w3c_vc/serialization.rs b/cawg_identity/src/claim_aggregation/w3c_vc/serialization.rs
@@ -57,8 +57,6 @@ pub(crate) mod one_or_many {
         where
             M: de::MapAccess<'de>,
         {
-            eprintln!("Yo!");
-
             let one = Deserialize::deserialize(de::value::MapAccessDeserializer::new(map))?;
 
             Ok(nev!(one))

diff --git a/cawg_identity/src/identity_assertion/assertion.rs b/cawg_identity/src/identity_assertion/assertion.rs
@@ -18,8 +18,12 @@ use serde::{Deserialize, Serialize};
 use serde_bytes::ByteBuf;
 
 use crate::{
-    identity_assertion::signer_payload::SignerPayload, internal::debug_byte_slice::DebugByteSlice,
-    SignatureVerifier, ValidationError,
+    identity_assertion::{
+        report::{IdentityAssertionReport, IdentityAssertionsForManifest, SignerPayloadReport},
+        signer_payload::SignerPayload,
+    },
+    internal::debug_byte_slice::DebugByteSlice,
+    SignatureVerifier, ToCredentialSummary, ValidationError,
 };
 
 /// This struct represents the raw content of the identity assertion.
@@ -63,6 +67,81 @@ impl IdentityAssertion {
             .map(|a| a.to_assertion())
     }
 
+    /// Create a summary report from this `IdentityAssertion`.
+    ///
+    /// This will [`validate`] the assertion and then render the result as
+    /// an opaque [`Serialize`]-able struct that describes the decoded content
+    /// of the identity assertion.
+    ///
+    /// [`validate`]: Self::validate
+    pub async fn to_summary<SV: SignatureVerifier>(
+        &self,
+        manifest: &Manifest,
+        verifier: &SV,
+    ) -> impl Serialize
+    where
+        <SV as SignatureVerifier>::Output: 'static,
+    {
+        self.to_summary_impl(manifest, verifier).await
+    }
+
+    pub(crate) async fn to_summary_impl<SV: SignatureVerifier>(
+        &self,
+        manifest: &Manifest,
+        verifier: &SV,
+    ) -> IdentityAssertionReport<
+        <<SV as SignatureVerifier>::Output as ToCredentialSummary>::CredentialSummary,
+    >
+    where
+        <SV as SignatureVerifier>::Output: 'static,
+    {
+        match self.validate(manifest, verifier).await {
+            Ok(named_actor) => {
+                let summary = named_actor.to_summary();
+
+                IdentityAssertionReport {
+                    signer_payload: SignerPayloadReport::from_signer_payload(&self.signer_payload),
+                    named_actor: Some(summary),
+                }
+            }
+
+            Err(_err) => {
+                todo!("Handle summary report for failure case");
+            }
+        }
+    }
+
+    /// Summarize all of the identity assertions found for a [`Manifest`].
+    pub async fn summarize_all<SV: SignatureVerifier>(
+        manifest: &Manifest,
+        verifier: &SV,
+    ) -> impl Serialize {
+        // NOTE: We can't write this using .map(...).collect() because there are async
+        // calls.
+        let mut reports: Vec<
+            IdentityAssertionReport<
+                <<SV as SignatureVerifier>::Output as ToCredentialSummary>::CredentialSummary,
+            >,
+        > = vec![];
+
+        for assertion in Self::from_manifest(manifest) {
+            let report = match assertion {
+                Ok(assertion) => assertion.to_summary_impl(manifest, verifier).await,
+                Err(_) => {
+                    todo!("Handle assertion failed to parse case");
+                }
+            };
+
+            reports.push(report);
+        }
+
+        IdentityAssertionsForManifest::<
+            <<SV as SignatureVerifier>::Output as ToCredentialSummary>::CredentialSummary,
+        > {
+            assertion_reports: reports,
+        }
+    }
+
     /// Using the provided [`SignatureVerifier`], check the validity of this
     /// identity assertion.
     ///

diff --git a/cawg_identity/src/identity_assertion/mod.rs b/cawg_identity/src/identity_assertion/mod.rs
@@ -12,6 +12,7 @@
 // each license.
 
 pub(crate) mod assertion;
+pub(crate) mod report;
 pub(crate) mod signature_verifier;
 pub(crate) mod signer_payload;
 pub(crate) mod validation_error;