diff --git a/docs/community.md b/docs/community.md index 7935d98..02cbec3 100644 --- a/docs/community.md +++ b/docs/community.md @@ -29,7 +29,7 @@ Participants are required to follow the [Adobe Code of Conduct](https://github.c ### Verify -The code for the [C2PA Verify website](https://verify.contentauthenticity.org/) is open source. For general information on using it, see [Using the Verify tool](getting-started/verify.mdx). +The code for the [C2PA Verify website](https://verify.contentauthenticity.org/) is open source. However, it currently uses the deprecated [Legacy JavaScript library](https://github.com/contentauth/c2pa-js-legacy). ### Related projects diff --git a/docs/getting-started/aca-inspect.mdx b/docs/getting-started/aca-inspect.mdx new file mode 100644 index 0000000..da49b50 --- /dev/null +++ b/docs/getting-started/aca-inspect.mdx @@ -0,0 +1,420 @@ +--- +id: inspect +title: Getting started with Content Credentials using Inspect +--- + +import aca_inspect from '@site/static/img/aca-inspect.png'; + +[**Adobe Content Authenticity - Inspect**](https://verify.contentauthenticity.org) (often referred to as "ACA Inspect" or simply "Inspect") displays Content Credentials and is a [C2PA conforming validator product](../conformance.mdx#validator-products). + + + +## How to use Inspect + +You can use Inspect to view Content Credentials for an asset in two ways: + +- [Upload an asset file](#uploading-an-asset) from your local computer. +- [Use an asset URL](#using-an-asset-url). + +Supported asset file types include: + +- **Image**: AVIF, DNG, GIF, HEIC, HEIF, JPEG, PNG, SVG, TIFF, and WebP. +- **Video and audio**: AVI, M4A, MOV, MP3, MP4, and WAV. +- **Document**: PDF. + +:::tip +When you first load the site and no asset is displayed on the page, Inspect shows the complete current list of supported file types. +::: + +### Uploading an asset + +Click **Select a file from your device** then use the native picker or drag and drop a file to upload it and display information from the associated Content Credentials (if any) such as the author, the tools used to create the asset, and so on. + +### Using an asset URL + +You can also display Content Credentials for an asset with a publicly-visible URL by using a URL with the following format: + +``` +https://contentauthenticity.adobe.com/inspect?source= +``` + +where `` is the URL of the asset. + +For example: https://contentauthenticity.adobe.com/inspect?source=https://contentauth.github.io/example-assets/images/car-es-Ps-Cr.jpg + +:::note +To use Inspect on an asset URL, the URL must not require any authentication and the hosting server must allow cross-origin resource sharing (CORS) in the `Access-Control-Allow-Origin` HTTP response header. +::: + +### Example assets + +The [example-assets](https://contentauth.github.io/example-assets/) repository contains some sample assets that demonstrate Content Credentials, including links to view the corresponding manifest reports generated by [C2PA Tool](../c2patool/readme.md) and to view the Content Credentials using Inspect. + +## Information displayed + +Once you've uploaded an asset or entered an asset URL, if the asset: + +- **Does not** have an associated manifest store, Inspect displays the message **No Content Credential**. +- **Does** have an associated manifest store, Inspect displays information from it in the three vertical panels, for example as shown below. + +import verify_sections from '@site/static/img/inspect-sections.png'; + + + + + + + + + + + + + + + + + + + +
+ Left panel ↑{' '} + + Center panel ↑ + + Right panel ↑ +
+ Shows the asset name from the title property in the active + manifest (may not be the same as the file name) and a thumbnail image. +
+
+ Cick Search for possible matches to search the Adobe Content + Credentials Cloud for similar content; see + Searching for matching Content Credentials + for more information. + 		+ Shows all the asset's ingredients in a tree-like layout. +
    +
  • + Click on an ingredient thumbnail to inspect its Content Credentials + in the right panel. +
    • +
  • + Click Compare to compare ingredients either + side-by-side or using a slider. +
    • +
+ You can zoom in and out in this view using the mouse wheel or trackpad + and pan by dragging. + + NOTE: The example above shows only one ingredient. + 		+ Shows information from the asset's manifest store, as described below: + +
+ +### Title and signing information + +import verify_title_date from '@site/static/img/verify-title-date.png'; + + + +The top of the right panel displays a thumbnail of the image with the title of the asset from the `title` property in the active manifest. The value of this property might not be the same as the file name. + +For example, suppose you downloaded a file from Adobe Stock and renamed it `my_stock_download.jpeg`. In Inspect it would appear as shown at right when the manifest store contains the `title` property shown in the snippet below. + +
+ +```json + "manifests": { + "adobe:urn:uuid:f2513d23-8ca4-4135-82e8-15344e800ca6": { + "claim_generator": "Adobe_Stock c2pa-rs/0.4.2", + "title": "AdobeStock_135017891.jpeg", + ... + } + } +``` + +#### Signing information + +If the Content Credential was signed by a certificate that is NOT on the [known certificate list](verify-known-cert-list), such as one of the SDK's [test certificates](signing/test-certs.md), then Inspect displays "Unrecognized" at the top of this section with this notice: + +import verify_unknown_source from '@site/static/img/verify-cc-unknown-source.png'; + + + +However, if the Content Credential was signed by a certificate on the [known certificate list](verify-known-cert-list), then this section displays the name of the issuer of the claim signature from the `signature_info.issuer` property in the active manifest, as shown in the example snippet below. + +:::note +This section shows the organization name only if the signing certificate includes the "O" or [Organization Name attribute](https://www.alvestrand.no/objectid/2.5.4.10.html) (OID value 2.5.4.10) in the certificate's distinguished name information. +::: + +For signers on the known certificate list, this section also displays the time of the claim signature from the `signature_info.time` property in the active manifest, as shown in the example snippet below. The date is converted from UTC to the local time zone. + +```json +"signature_info": { + "issuer": "Adobe Inc.", + "cert_serial_number": "121561926467332750920512530884092488196", + "time": "2022-10-26T16:46:46+00:00" +}, +``` + +If the issuer string is too long, then the date might be truncated or not shown at all. If so, refer to the [**About this Content Credential**](#about-this-content-credential) section for the full date. + +### Validation status + +If the manifest has [validation errors](manifest/reading/validation.md), then Inspect displays this notice: + +import verify_validation_error from '@site/static/img/verify-validation-error.png'; + + + +Inspect displays this warning if the `validation_status` array contains any elements. For example, here is an snippet from the manifest of an image with a hard binding hash mismatch error, + + + +``` +"validation_status": [ + { + "code": "assertion.dataHash.mismatch", + "url": "self#jumbf=/c2pa/contentauth:urn:uuid:04cdf4ec-f713-4e47-a8d6-7af56501ce4b/c2pa.assertions/c2pa.hash.data", + "explanation": "asset hash error, name: jumbf manifest, error: hash verification( Hashes do not match )" + } + ] +``` + + + +Another example that can result in this message is a missing referenced claim, as shown in snippet of manifest data: + +``` +"validation_status": [ + { + "code": "assertion.hashedURI.mismatch", + "url": "self#jumbf=c2pa.assertions/c2pa.ingredient__1", + "explanation": "hash does not match assertion data: self#jumbf=c2pa.assertions/c2pa.ingredient__1" + }, + { + "code": "claim.missing", + "url": "self#jumbf=/c2pa/contentbeef:urn:uuid:8bb8ad50-ef2f-4f75-b709-a0e302d58019", + "explanation": "ingredient not found" + } + ] +``` + +### Process + +The **Process** section displays information about the process used to create the asset, divided into the following subsections: + +- [App or device used](#app-or-device-used) +- [Actions](#actions) +- [Ingredients](#ingredients) +- [AI-generated content](#ai-generated-content) (if the active manifest includes a [generative AI action](../manifest/writing/assertions-actions.md#generative-ai-action)) + +For example: + +import verify_process from '@site/static/img/verify-process.png'; + + + + + +#### App or device used + +The value shown for **App or device used** is derived from the `claim_generator` property in the active manifest. The string is truncated at the first space character and then underscore and slash characters are converted to spaces. In the above example, `"claim_generator": "make_test_images/0.16.1 c2pa-rs/0.16.1"` is displayed as **make test images 0.16.1**. + +#### Actions + +The **Actions** subsection lists [actions](https://opensource.contentauthenticity.org/docs/manifest/assertions-actions#actions) in the active manifest. For example, here is the `actions` array for the above example: + +
+Show manifest code + +```json +"actions": [ + { + "action": "c2pa.opened", + "instanceId": "xmp.iid:813ee422-9736-4cdc-9be6-4e35ed8e41cb", + "parameters": { + "ingredient": { + "hash": "tTBD4/E0R0AjLUdJFpsVz3lE/KJUq22Vz0UGqzhEpVs=", + "url": "self#jumbf=c2pa.assertions/c2pa.ingredient" + } + } + }, + { + "action": "c2pa.color_adjustments", + "parameters": { + "name": "brightnesscontrast" + } + }, + { + "action": "c2pa.placed", + "instanceId": "xmp.iid:8a00de7a-e694-43b2-a7e6-ed950421a21a", + "parameters": { + "ingredient": { + "hash": "EMeeY5a+lvy1msl+9i5DOcOoeQowrqD7NyV0d8fwAX0=", + "url": "self#jumbf=c2pa.assertions/c2pa.ingredient__1" + } + } + }, + { + "action": "c2pa.resized" + } +] +``` + +
+ +#### Ingredients + +**Ingredients** shows the resources used to create the asset, derived from the `ingredients` array in the active manifest. A thumbnail image is shown for each ingredient, if applicable. If an ingredient itself had Content Credentials, the "cr" icon is shown next to the thumbnail. In the above example, the asset was created by combining two ingredients, `CAI.jpg` and `A.jpg`, the first of which had Content Credentials. + +#### AI-generated content + +import verify_process_ai from '@site/static/img/verify-process-ai.png'; + + + +If one or more of the asset's ingredients was generated by artificial intelligence, as specified by the [generative AI action](../manifest/writing/assertions-actions.md#generative-ai-action), then a **Content summary** is shown and the **Process** section will also show the **AI tool used**, as shown in the example above. + +### About this Content Credential + +This section displays the same information as described in [Title and singing information](#title-and-signing-information). + +### Camera capture details + +If the active manifest includes [Exif metadata assertions](../manifest/writing/assertions-actions.md#cawg-metadata-assertions), then an additional **Camera capture details** section shows information about the device used to create the asset, as illustrated below: + +import verify_exif from '@site/static/img/verify-exif.png'; + + + +The Exif metadata assertions from the JSON manifest for the above example is shown below: + +
+Show manifest code + +```json +"assertions": [ + { + "label": "com.truepic.libc2pa", + "data": { + "git_hash": "023bb51", + "lib_name": "Truepic C2PA C++ Library", + "lib_version": "2.5.1", + "target_spec_version": "1.2" + }, + "kind": "Json" + }, + { + "label": "stds.exif", + "data": { + "@context": { + "EXIF": "http://ns.adobe.com/EXIF/1.0/", + "EXIFEX": "http://cipa.jp/EXIF/2.32/", + "dc": "http://purl.org/dc/elements/1.1/", + "rdf": "http://www.w3.org/1999/02/22-rdf-syntax-ns#", + "tiff": "http://ns.adobe.com/tiff/1.0/", + "xmp": "http://ns.adobe.com/xap/1.0/" + }, + "EXIF:GPSAltitude": "123.5", + "EXIF:GPSHorizontalAccuracy": "16.4", + "EXIF:GPSLatitude": "43.152093900000", + "EXIF:GPSLongitude": "-77.580532800000", + "EXIF:GPSTimeStamp": "2023-02-12T18:44:26Z" + }, + "kind": "Json" + }, + { + "label": "stds.exif", + "data": { + "@context": { + "EXIF": "http://ns.adobe.com/EXIF/1.0/", + "EXIFEX": "http://cipa.jp/EXIF/2.32/", + "dc": "http://purl.org/dc/elements/1.1/", + "rdf": "http://www.w3.org/1999/02/22-rdf-syntax-ns#", + "tiff": "http://ns.adobe.com/tiff/1.0/", + "xmp": "http://ns.adobe.com/xap/1.0/" + }, + "EXIF:Make": "Google", + "EXIF:Model": "Pixel 5" + }, + "instance": 1, + "kind": "Json" + }, + { + "label": "stds.exif", + "data": { + "@context": { + "EXIF": "http://ns.adobe.com/EXIF/1.0/", + "EXIFEX": "http://cipa.jp/EXIF/2.32/", + "dc": "http://purl.org/dc/elements/1.1/", + "rdf": "http://www.w3.org/1999/02/22-rdf-syntax-ns#", + "tiff": "http://ns.adobe.com/tiff/1.0/", + "xmp": "http://ns.adobe.com/xap/1.0/" + }, + "EXIF:DateTimeOriginal": "2023-02-12T18:44:26Z" + }, + "instance": 2, + "kind": "Json" + }, + ... +] +``` + +
+ +## Searching for matching Content Credentials + +Adobe products can save manifest stores in the [Adobe Content Credentials Cloud](getting-started#storing-a-manifest-in-the-cloud). +Click **Search for possible matches** to search the Adobe Content Credentials Cloud for content similar to the asset's ingredients, as described in the [Ingredients](#ingredients) section above. diff --git a/sidebars.js b/sidebars.js index bed2e8b..6976097 100644 --- a/sidebars.js +++ b/sidebars.js @@ -17,11 +17,8 @@ const sidebars = { }, { type: 'doc', - id: 'getting-started/verify', - }, - { - type: 'doc', - id: 'getting-started/verify-known-cert-list', + label: 'Using ACA Inspect', + id: 'getting-started/inspect', }, ], }, @@ -392,10 +389,18 @@ const sidebars = { ], }, { - type: 'doc', + type: 'category', label: 'C2PA conformance program', - id: 'conformance', + link: { type: 'doc', id: 'conformance' }, + collapsed: true, + items: [ + { + type: 'doc', + id: 'getting-started/verify-known-cert-list', + }, + ], }, + { type: 'category', label: 'Durable Content Credentials', diff --git a/static/img/aca-inspect.png b/static/img/aca-inspect.png new file mode 100644 index 0000000..8575888 Binary files /dev/null and b/static/img/aca-inspect.png differ diff --git a/static/img/inspect-sections.png b/static/img/inspect-sections.png new file mode 100644 index 0000000..7119ef6 Binary files /dev/null and b/static/img/inspect-sections.png differ