improve C2PA related metadata use and credentials setup

guardianproject · Dec 15, 2023 · c4dfe9f · c4dfe9f
1 parent 22ecb24
commit c4dfe9f
Show file tree

Hide file tree

Showing 4 changed files with 52 additions and 9 deletions.
diff --git a/android-libproofcam/src/main/java/org/witness/proofmode/camera/c2pa/C2paUtils.kt b/android-libproofcam/src/main/java/org/witness/proofmode/camera/c2pa/C2paUtils.kt
@@ -136,10 +136,21 @@ class C2paUtils {
             userCert = null
         }
 
+        fun importCredentials (mContext : Context, fileKey : File, fileCert : File) {
+
+        }
         /**
          * initialize the private keys and certificates for signing C2PA data
          */
-        fun initCredentials (mContext : Context, emailAddress: String, pgpFingerprint: String) {
+        fun initCredentials (mContext : Context, emailAddress: String?, pgpFingerprint: String?) {
+
+            emailAddress?.let {
+                _identityEmail = emailAddress
+            }
+
+            pgpFingerprint?.let {
+                _identityKey = pgpFingerprint
+            }
 
             var fileUserCert = File(mContext.filesDir, C2PA_CERT_PATH)
             var fileUserKey = File(mContext.filesDir, C2PA_KEY_PATH)
@@ -171,13 +182,13 @@ class C2paUtils {
                     fileParentCert.writeBytes(rootCert.getCertificateBytes())
 
                     var userCertType =
-                        CertificateType.ContentCredentials("ProofMode-User", CERT_VALIDITY_DAYS)
+                        CertificateType.ContentCredentials("ProofMode-User-$_identityKey", CERT_VALIDITY_DAYS)
                     var userCertOptions = CertificateOptions(
                         userKey,
                         userCertType,
                         rootCert,
-                        "test",
-                        "test"
+                        _identityEmail,
+                        _identityKey
                     )
 
                     userCert = createCertificate(userCertOptions)
@@ -234,8 +245,8 @@ class C2paUtils {
                 contentCreds?.addPermissiveAiTrainingAssertions()
 
             contentCreds?.addEmailAssertion(emailAddress, emailDisplay)
-            contentCreds?.addPgpAssertion(pgpFingerprint, pgpFingerprint)
-            contentCreds?.addWebsiteAssertion(webLink)
+         //   contentCreds?.addPgpAssertion(pgpFingerprint, pgpFingerprint)
+         //   contentCreds?.addWebsiteAssertion(webLink)
 
             var exifMake = Build.MANUFACTURER
             var exifModel = Build.MODEL

diff --git a/...bproofmode/src/main/java/org/witness/proofmode/crypto/pgp/DetachedSignatureProcessor.java b/...bproofmode/src/main/java/org/witness/proofmode/crypto/pgp/DetachedSignatureProcessor.java
@@ -10,6 +10,7 @@
 import org.bouncycastle.bcpg.sig.KeyFlags;
 import org.bouncycastle.crypto.generators.RSAKeyPairGenerator;
 import org.bouncycastle.crypto.params.RSAKeyGenerationParameters;
+import org.bouncycastle.jce.provider.BouncyCastleProvider;
 import org.bouncycastle.openpgp.PGPCompressedData;
 import org.bouncycastle.openpgp.PGPCompressedDataGenerator;
 import org.bouncycastle.openpgp.PGPEncryptedData;
@@ -130,8 +131,11 @@ public static void createSignature(
             out = new ArmoredOutputStream(out);
         }
 
-        PGPPrivateKey            pgpPrivKey = skey.extractPrivateKey(new JcePBESecretKeyDecryptorBuilder().setProvider(ProofMode.getProvider()).build(pass));
-        PGPSignatureGenerator sGen = new PGPSignatureGenerator(new JcaPGPContentSignerBuilder(skey.getPublicKey().getAlgorithm(), PGPUtil.SHA256).setProvider(ProofMode.getProvider()));
+        BouncyCastleProvider prov = ProofMode.getProvider();
+
+        PBESecretKeyDecryptor keyDecryptor = new JcePBESecretKeyDecryptorBuilder().setProvider(prov).build(pass);
+        PGPPrivateKey            pgpPrivKey = skey.extractPrivateKey(keyDecryptor);
+        PGPSignatureGenerator sGen = new PGPSignatureGenerator(new JcaPGPContentSignerBuilder(skey.getPublicKey().getAlgorithm(), PGPUtil.SHA256).setProvider(prov));
 
         sGen.init(PGPSignature.BINARY_DOCUMENT, pgpPrivKey);
 

diff --git a/app/src/main/java/org/witness/proofmode/MainActivity.kt b/app/src/main/java/org/witness/proofmode/MainActivity.kt
@@ -642,6 +642,9 @@ class MainActivity : AppCompatActivity(), NavigationView.OnNavigationItemSelecte
             "https://keys.openpgp.org/search?q=" + mPgpUtils?.publicKeyFingerprint
 
         C2paUtils.setC2PAIdentity(display, uri, email, key)
+        if (email != null && key != null) {
+                C2paUtils.initCredentials(this, email, key)
+        }
     }
 
     fun initPgpKey () {

diff --git a/app/src/main/java/org/witness/proofmode/SettingsActivity.kt b/app/src/main/java/org/witness/proofmode/SettingsActivity.kt
@@ -17,14 +17,15 @@ import org.witness.proofmode.PermissionActivity
 import org.witness.proofmode.PermissionActivity.Companion.hasPermissions
 import org.witness.proofmode.ProofMode.PREF_CREDENTIALS_PRIMARY
 import org.witness.proofmode.ProofMode.PREF_OPTION_AI_DEFAULT
+import org.witness.proofmode.camera.c2pa.C2paUtils
 import org.witness.proofmode.crypto.pgp.PgpUtils
 import org.witness.proofmode.databinding.ActivitySettingsBinding
 import org.witness.proofmode.util.GPSTracker
 
 
 class SettingsActivity : AppCompatActivity() {
     private lateinit var mPrefs: SharedPreferences
-    private val mPgpUtils: PgpUtils? = null
+    private var mPgpUtils: PgpUtils? = null
     private lateinit var switchLocation: CheckBox
     private lateinit var switchNetwork: CheckBox
     private lateinit var switchDevice: CheckBox
@@ -135,6 +136,8 @@ class SettingsActivity : AppCompatActivity() {
                 .commit()
             updateUI()
         }
+
+        mPgpUtils = PgpUtils.getInstance(this, null);
     }
 
     private val REQ_ACCOUNT_CHOOSER = 9999;
@@ -217,12 +220,34 @@ class SettingsActivity : AppCompatActivity() {
 
                 mPrefs.edit().putString(PREF_CREDENTIALS_PRIMARY, accountName).commit()
 
+                initContentCredentials(accountName)
+
             }
 
         }
     }
 
+    fun initContentCredentials (accountName : String?) {
+        val email = accountName;
+        var display : String? = null
+        var key : String? = "0x" + mPgpUtils?.publicKeyFingerprint
+        var uri : String? =  "https://keys.openpgp.org/search?q=" + mPgpUtils?.publicKeyFingerprint
+
+        if (email?.isNotEmpty() == true)
+        {
+            display = "${email.replace("@"," at ")}"
+            uri = "mailto://$email"
+        }
+
+        C2paUtils.setC2PAIdentity(display, uri, email, key)
+        if (email != null && key != null) {
+            C2paUtils.resetCredentials(this)
+            C2paUtils.initCredentials(this, email, key)
+        }
+    }
+
     override fun onBackPressed() {
+        super.onBackPressed()
         finish()
     }