C2PA Sign
This module allows you to sign media files using the c2patool command-line utility to embed content credential information. It can sign files upon upload, publication, or when image derivatives are created, helping to authenticate media assets.
Signing module to work in conjunction with the c2patool command line utility to sign media files.
Content Credentials is a concept created by the Coalition for Content Provenance and Authenticity (C2PA) to help authenticate media assets.
Features
- Signing of media files upon upload (integrated with the file widget).
- Signing of media files upon content publication.
- Signing of image derivatives (image styles) upon creation.
Currently c2patool doesn't support using outside signers (KMS or HSM services) the tool will only sign/embed manifest data if the cert/key are available to the tool. When the tool gains the ability to package a manifest and output the data for a third party tool to sign, then incorporate that manifest that feature will be added.
Post-Installation
Go to /admin/config/media/c2pa_sign and enter in the location of cert/key pair compatible with the tool and the location of the c2patool command line utility.
Additional Requirements
Certificate/Key pair for signing and the tool - see "PostInstallation"
Recommended modules/libraries
- The Content Authenticity Initiative has created a reference Drupal module which provides an image formatter to show provenance of images, if available.
- C2PA Sign AWS KMS allows you to use Amazon's AWS Key Management Service (KMS) to sign manifests.
Similar projects
None of which I am aware.
Supporting this Module
Contribute ideas, bugs, patches.
Community Documentation
Not yet.