c2pa_sign
Signing module to work in conjunction with the c2patool command line utility to sign media files.
Content Credentials is a concept created by the Coalition for Content Provenance and Authenticity (C2PA) to help authenticate media assets.
Features
- Signing of media files upon upload (integrated with the file widget).
- Signing of media files upon content publication.
- Signing of image derivatives (image styles) upon creation.
Currently c2patool doesn't support using outside signers (KMS or HSM services) the tool will only sign/embed manifest data if the cert/key are available to the tool. When the tool gains the ability to package a manifest and output the data for a third party tool to sign, then incorporate that manifest that feature will be added.
Post-Installation
Go to /admin/config/media/c2pa_sign and enter in the location of cert/key pair compatible with the tool and the location of the c2patool command line utility.
Additional Requirements
Certificate/Key pair for signing and the tool - see "PostInstallation"
Recommended modules/libraries
- The Content Authenticity Initiative has created a reference Drupal module which provides an image formatter to show provenance of images, if available.
- C2PA Sign AWS KMS allows you to use Amazon's AWS Key Management Service (KMS) to sign manifests.
Similar projects
None of which I am aware.
Supporting this Module
Contribute ideas, bugs, patches.
Community Documentation
Not yet.