Configuring settings

JavaScript

Settings supports: trust, cawgTrust, verify, and builder.

Load settings as defined inline:

import { createC2pa } from '@contentauth/c2pa-web';
// With Vite (or similar), this resolves to the hosted WASM binary URL:
import wasmSrc from '@contentauth/c2pa-web/resources/c2pa.wasm?url';

const settings = {
  // Turn trust verification on/off (defaults to true)
  verify: { verifyTrust: true },

  // Configure trust (PEM text, a URL, or an array of URLs)
  trust: {
    // Example: load system trust anchors from a URL (PEM file)
    trustAnchors: 'https://example.com/trust_anchors.pem',
    // Optional user anchors (also PEM text or URLs)
    // userAnchors: '-----BEGIN CERTIFICATE-----\n...'
  },

  // Optional builder settings
  // builder: { generateC2paArchive: true },
};

const c2pa = await createC2pa({ wasmSrc, settings });

// Use the SDK (example: read an asset)
const res = await fetch('https://contentauth.github.io/example-assets/images/cloudscape-ACA-Cr.jpeg');
const blob = await res.blob();

const reader = await c2pa.reader.fromBlob(blob.type, blob);
const manifestStore = await reader.manifestStore();
console.log(manifestStore);

await reader.free();
c2pa.dispose();

To load settings from a JSON file:

import { createC2pa } from '@contentauth/c2pa-web';
import wasmSrc from '@contentauth/c2pa-web/resources/c2pa.wasm?url';

const settings = await fetch('/c2pa-settings.json').then(r => r.json());
const c2pa = await createC2pa({ wasmSrc, settings });

Where c2pa-settings.json is:

{
  "verify": { "verifyTrust": true },
  "trust": {
    "trustAnchors": "https://example.com/trust_anchors.pem",
    "userAnchors": "https://example.com/user_anchors.pem"
  },
  "builder": { "generateC2paArchive": true }
}

Python

try:
    settings = {
        "verify": {
            "verify_cert_anchors": True
        },
        "trust": {
            "trust_anchors": "some url"
        }
    }
    c2pa.load_settings(settings)
except Exception as e:
    print(f"Exception loading settings: {e}")

Node.js

import {
  createTrustSettings,
  createCawgTrustSettings,
  createVerifySettings,
  mergeSettings,
  settingsToJson,
  loadSettingsFromFile,
  loadSettingsFromUrl
} from '@contentauth/c2pa-node';

// Create trust settings
const trustSettings = createTrustSettings({
  verifyTrustList: true,
  userAnchors: "path/to/user-anchors.pem",
  trustAnchors: "path/to/trust-anchors.pem",
  allowedList: "path/to/allowed-list.pem"
});

// Create CAWG trust settings
const cawgTrustSettings = createCawgTrustSettings({
  verifyTrustList: true,
  trustAnchors: "path/to/cawg-anchors.pem"
});

// Create verify settings
const verifySettings = createVerifySettings({
  verifyAfterReading: false,
  verifyAfterSign: false,
  verifyTrust: true,
  verifyTimestampTrust: true,
  ocspFetch: true,
  remoteManifestFetch: true,
  skipIngredientConflictResolution: false,
  strictV1Validation: false
});

// Merge multiple settings
const combinedSettings = mergeSettings(trustSettings, verifySettings);

// Convert settings to JSON string
const jsonString = settingsToJson(combinedSettings);

// Load settings from file (JSON or TOML)
const fileSettings = await loadSettingsFromFile('./c2pa-settings.toml');
const reader = await Reader.fromAsset(inputAsset, fileSettings);

// Load settings from URL
const urlSettings = await loadSettingsFromUrl('https://example.com/c2pa-settings.json');
const builder = Builder.new(urlSettings);

C++

#include "c2pa.hpp"
// set settings to not generate thumbnails
c2pa::load_settings("{\"builder\": { \"thumbnail\":{\"enabled\": false}}}", "json");

Load from a file:

#include <fstream>
#include <sstream>
#include <iostream>
#include "c2pa.hpp"

int main(int argc, char** argv) {
    if (argc < 2) {
        std::cerr << "Usage: " << argv[0] << " /path/to/settings.json\n";
        return 1;
    }

    const std::string settings_path = argv[1];

    std::ifstream in(settings_path);
    if (!in) {
        std::cerr << "Failed to open settings file: " << settings_path << "\n";
        return 1;
    }

    std::ostringstream buffer;
    buffer << in.rdbuf();
    const std::string json = buffer.str();

    try {
        c2pa::load_settings(json, "json");  // format is "json"
        std::cout << "Loaded settings successfully. c2pa version: "
                  << c2pa::version() << "\n";
    } catch (const c2pa::C2paException& e) {
        std::cerr << "Failed to load settings: " << e.what() << "\n";
        return 1;
    }
    return 0;
}

Example settings.json:

{
  "builder": {
    "thumbnail": { "enabled": false },
    "actions": {
      "auto_placed_action": { "enabled": true }
    }
  }
}

Rust

use c2pa::{Context, Builder, Result};

fn main() -> Result<()> {
    // Create a Context with settings from a file
    let context = Context::new()
        .with_settings(include_str!("settings.json"))?;
    
    let builder = Builder::from_context(context);
    // ... use builder
    Ok(())
}