Skip to content

feat: #80: investigation and correction of hash mismatches during the signing process#86

Open
aasheptunov wants to merge 64 commits into
developfrom
feature/#80-investigation-and-correction-of-hash-mismatches-during-the-signing-process
Open

feat: #80: investigation and correction of hash mismatches during the signing process#86
aasheptunov wants to merge 64 commits into
developfrom
feature/#80-investigation-and-correction-of-hash-mismatches-during-the-signing-process

Conversation

@aasheptunov
Copy link
Copy Markdown

@aasheptunov aasheptunov commented May 27, 2026

No description provided.

aasheptunov and others added 30 commits May 25, 2026 09:12
@aasheptunov
test: #80: refactor e2e test to make it cleaner
94262bd
@aasheptunov
test: #80: add a test to verify that specified exclusion value matche…
fb379a5 
…s size of serialized app11 segments
@aasheptunov
refactor: #80: refactor c2pa storage data hash exclusion calculation …
99d5d15 
…flow
@aasheptunov
test: #80: modify exclusion cover test so that it covers pdf case
904cd63
@aasheptunov
refactor: #80: refactor c2pa storage data hash exclusion calculation …
03ca728 
…flow
@aasheptunov
chore: #80: rename pdf test file so that filename more readability
c751c4a
@aasheptunov
refactor: #80: move logic for adding exclusions to C2PA structure int…
bb26494 
…o separate method
@aasheptunov
test: #80: add test to align serialized COSE_Sign1
e0cfcc7
@aasheptunov
feat: #80: add alignment logic for serialized COSE_Sign1
f7ad081
@aasheptunov
test: #80: update to Data Hash Assertion test, as pad size has been u…
836a96c 
…pdated
@aasheptunov
test: #80: update exclusion coverage test to reflect the changes made…
00a5a80 
… to the Data Hash Assertion constructor
docs(readme): bring test coverage score up to date
a08dccc
@aasheptunov
feat: #80: add handling for CBOR boundary violation cases for TSA tokens
1323202
@aasheptunov
refactor: #80: rework logic for handling CBOR boundary violations for…
31025d9 
… Data Hash Assertion
@aasheptunov
chore: #80: rename serialized_length to serialized_cose_sign1_length …
c62e2cb 
…so that make it more readability
@aasheptunov
fix: #80: correct of a typo in the condition
0ef4d7b
@aasheptunov
test: #80: add a test that checks for a ValueError exception if the d…
ab941f2 
…ifference exceeds the length of the pad
@aasheptunov
Merge branch 'feature/#80-investigation-and-correction-of-hash-mismat…
556284c 
…ches-during-the-signing-process' of https://github.com/TourmalineCore/c2pie into feature/#80-investigation-and-correction-of-hash-mismatches-during-the-signing-process
docs(readme): bring test coverage score up to date
0edc648
@aasheptunov
docs: #80: add a clarifying comment for the additional_exclusions par…
e9a364d 
…ameter in the Data Hash Assertion
@aasheptunov
test: #80: add a test to verify the CBOR tag in COSE_Sign1_Tagged
b3f25df
@aasheptunov
fix: #80: fix for an error related to the pad not changing when the C…
3c342ae 
…BOR boundary is violated
@aasheptunov
test: #80: move the test for checking additional_exclusions to the ap…
ef985d7 
…propriate file; comment them out
@aasheptunov
Merge branch 'feature/#80-investigation-and-correction-of-hash-mismat…
98b4d22 
…ches-during-the-signing-process' of https://github.com/TourmalineCore/c2pie into feature/#80-investigation-and-correction-of-hash-mismatches-during-the-signing-process
docs(readme): bring test coverage score up to date
36ec059
@aasheptunov
docs: #80: add a comment explaining how JPG_SEGMENT_MAX_PAYLOAD_LENGT…
0b0d678 
…H was determined
@aasheptunov
refactor: #80: move logic for emplacing the APP11 storage bytes into …
6cdb5ac 
…a separate method;
@aasheptunov
Merge branch 'feature/#80-investigation-and-correction-of-hash-mismat…
1c9f86a 
…ches-during-the-signing-process' of https://github.com/TourmalineCore/c2pie into feature/#80-investigation-and-correction-of-hash-mismatches-during-the-signing-process
docs(readme): bring test coverage score up to date
c949792
@aasheptunov
refactor: #80: minimize pad size for unprotected header, since the di…
849f3a6 
…fference is no more than 3 bytes
@aasheptunov
test: #80: add test for check redundant lenght byte was removed from …
388f10a 
…pad when exclusions array length exceed 23
@aasheptunov
Merge branch 'feature/#80-investigation-and-correction-of-hash-mismat…
71d45ed 
…ches-during-the-signing-process' of https://github.com/TourmalineCore/c2pie into feature/#80-investigation-and-correction-of-hash-mismatches-during-the-signing-process
@aasheptunov
test: #80: change hash in the test schema override for Data Hash Asse…
743808f 
…rtion
JDRkow
JDRkow reviewed Jun 1, 2026
View reviewed changes
Comment thread c2pie/c2pa/assertion.py Outdated
Comment thread c2pie/c2pa/assertion.py
Comment thread c2pie/c2pa_injection/pdf_injection.py Outdated
Comment thread c2pie/c2pa/assertion.py Outdated
@JDRkow
Copy link
Copy Markdown
Contributor

JDRkow commented Jun 1, 2026

please delete commented code and tests if its not usable anymore

lasnown
lasnown reviewed Jun 1, 2026
View reviewed changes
Comment thread c2pie/c2pa/assertion.py
lasnown
lasnown reviewed Jun 1, 2026
View reviewed changes
Comment thread c2pie/c2pa_injection/pdf_injection.py
lasnown
lasnown reviewed Jun 1, 2026
View reviewed changes
Comment thread c2pie/c2pa_injection/pdf_injection.py
lasnown
lasnown reviewed Jun 1, 2026
View reviewed changes
Comment thread c2pie/c2pa_injection/pdf_injection.py Outdated
lasnown
lasnown reviewed Jun 1, 2026
View reviewed changes
Comment thread c2pie/c2pa_injection/pdf_injection.py Outdated
lasnown
lasnown reviewed Jun 1, 2026
View reviewed changes
Comment thread c2pie/c2pa_injection/pdf_injection.py Outdated
lasnown
lasnown reviewed Jun 1, 2026
View reviewed changes
Comment thread c2pie/interface.py
lasnown
lasnown reviewed Jun 1, 2026
View reviewed changes
Comment thread tests/c2pa/assertions/data_hash_assertion_test.py Outdated
lasnown
lasnown reviewed Jun 1, 2026
View reviewed changes
Comment thread tests/c2pa/claim_signature_test.py Outdated
lasnown
lasnown reviewed Jun 1, 2026
View reviewed changes
Comment thread tests/c2pa/e2e_test.py Outdated
@aasheptunov
Copy link
Copy Markdown
Author

aasheptunov commented Jun 2, 2026

please delete commented code and tests if its not usable anymore

If you're referring to additional_exclusions, this code works, but without the logic to account for exclusions when calculating the hash, it results in an invalid signature. I've commented out the relevant parameter to prevent unexpected errors, and the tests have been adjusted correspondingly.

Once the logic for handling exclusions is implemented, the commented-out code can be restored.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@JDRkow JDRkow JDRkow left review comments

@lasnown lasnown lasnown left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@aasheptunov @JDRkow @lasnown