🚀 Big News: Socket Acquires Coana to Bring Reachability Analysis to Every Appsec Team.Learn more

c2pa-python

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

c2pa-python

Python bindings for the C2PA Content Authenticity Initiative (CAI) library

0.6.1
92

Supply Chain Security

100

Vulnerability

100

Quality

100

Maintenance

80

License

Maintainers
2

C2PA Python library

The c2pa-python repository provides a Python library that can:

  • Read and validate C2PA manifest data from media files in supported formats.
  • Create and sign manifest data, and attach it to media files in supported formats.

Features:

  • Create and sign C2PA manifests using various signing algorithms.
  • Verify C2PA manifests and extract metadata.
  • Add assertions and ingredients to assets.
  • Examples and unit tests to demonstrate usage.

Prerequisites

This library requires Python version 3.10+.

Package installation

Install the c2pa-python package from PyPI by running:

pip install c2pa-python

To use the module in Python code, import the module like this:

import c2pa

Examples

See the examples directory for some helpful examples:

  • examples/sign.py shows how to sign and verify an asset with a C2PA manifest.
  • examples/training.py demonstrates how to add a "Do Not Train" assertion to an asset and verify it.

Contributing

Contributions are welcome! For more information, see Contributing to the project.

License

This project is licensed under the Apache License 2.0 and the MIT License. See the LICENSE-MIT and LICENSE-APACHE files for details.

FAQs

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts