Warning
This library is currently in alpha and the API will likely change. Do not use for anything other than early testing.
This project provides iOS bindings to the C2PA (Content Authenticity Initiative) libraries. It wraps the C2PA Rust implementation (c2pa-rs) using its C API bindings.
C2PA iOS offers:
- iOS/macOS support via Swift Package/XCFramework
- Native Swift APIs for reading, verifying, and signing content with C2PA manifests
- Stream-based APIs for flexible data handling
- Builder APIs for creating custom manifests
- Comprehensive test suite with example application
- Hardware-backed signing with Secure Enclave (iOS devices)
c2pa-ios/
├── Library/ # Swift Package containing the C2PA library
│ ├── Sources/ # Library source code
│ │ └── C2PA/ # Main library implementation
│ ├── Frameworks/ # Pre-built XCFramework
│ │ └── C2PAC.xcframework/
│ └── Tests/ # Unit tests
│ └── C2PATests/ # Test implementations
├── TestApp/ # iOS app for running tests with UI
├── ExampleApp/ # Sample iOS app for implementation reference
├── TestShared/ # Shared test utilities and fixtures
├── SigningServer/ # Local test server for signing operations
├── C2PA.xcworkspace/ # Xcode workspace tying everything together
└── Makefile # Build automation (wraps xcodebuild/swift commands)
- iOS 15.0+ / macOS 11.0+
- Xcode 13.0+
- Swift 5.9+
- Xcode Command Line Tools
- Make
# Build the complete library with XCFramework
make library
# Build iOS framework (release configuration)
make ios-framework
# Run all tests
make test
# Run library tests only
make test-library
# Generate test coverage
make coverage# Run the test app in iOS Simulator
make run-test-app
# Run the example app in iOS Simulator
make run-example-app
# Build entire workspace
make workspace-build# Start the local signing server
make signing-server-start
# Check server status
make signing-server-status
# Stop the server
make signing-server-stop
# Run tests with signing server
make tests-with-serverYou can add C2PA iOS as a Swift Package Manager dependency:
dependencies: [
.package(url: "https://github.com/contentauth/c2pa-ios.git", from: "0.0.1")
]In your target, add the dependency:
targets: [
.target(
name: "YourTarget",
dependencies: [.product(name: "C2PA", package: "c2pa-ios")]
)
]For local development without using a released version:
- Clone the repository
- Open
C2PA.xcworkspacein Xcode - Build using the workspace schemes or use the Makefile commands
import C2PA
// Read C2PA data from a file
do {
let manifestJSON = try C2PA.readFile(at: imageURL)
print("C2PA manifest: \(manifestJSON)")
} catch {
print("Error reading C2PA data: \(error)")
}
// Sign a file with C2PA data
let signerInfo = SignerInfo(
algorithm: .es256,
certificatePEM: certificatePEM,
privateKeyPEM: privateKeyPEM,
tsaURL: nil
)
let manifestJSON = """
{
"claim_generator": "MyApp/1.0",
"title": "Signed Image",
"format": "image/jpeg"
}
"""
try C2PA.signFile(
source: inputURL,
destination: outputURL,
manifestJSON: manifestJSON,
signerInfo: signerInfo
)// Create stream from data
let imageData = try Data(contentsOf: imageURL)
let stream = try Stream(data: imageData)
// Read with Reader API
let reader = try Reader(format: "image/jpeg", stream: stream)
let manifestJSON = try reader.json()
// Sign with Builder API
let builder = try Builder(manifestJSON: manifestJSON)
let signer = try Signer(info: signerInfo)
let sourceStream = try Stream(data: imageData)
let destStream = try Stream(fileURL: outputURL)
let manifestData = try builder.sign(
format: "image/jpeg",
source: sourceStream,
destination: destStream,
signer: signer
)-
Clone this repository:
git clone https://github.com/contentauth/c2pa-ios.git cd c2pa-ios -
Build the iOS framework:
# Build library framework make library # Or build entire workspace make workspace-build
-
Run tests:
# Run all tests make test # Run with coverage make coverage
The project includes a comprehensive Makefile with various targets:
library- Build the C2PA library frameworkios-framework- Build iOS framework (release configuration)test- Run all tests (alias for test-library)test-library- Run library unit tests onlytests- Run all tests including UI testscoverage- Generate test coverage reportworkspace-build- Build entire workspacerun-test-app- Run test app in simulatorrun-example-app- Run example app in simulatorsigning-server-start- Start signing serversigning-server-stop- Stop signing serversigning-server-status- Check server statustests-with-server- Run tests with signing serverclean- Clean build artifactslint- Run SwiftLint on the codebasehelp- Show all available targets
The app includes comprehensive tests covering all major C2PA operations. Run the app and tap "Run All Tests" to see the library in action.
- C2PA Library Version - Display current library version
- Error Handling - Proper error handling for invalid files
- Reading C2PA Data - Extract manifest data from signed images
- Stream APIs - Demonstrate flexible stream-based operations
- Builder APIs - Sign images with custom manifest data
- No-Embed Manifests - Create cloud/sidecar manifests
- Resource Management - Add and extract resources (thumbnails, etc.)
- Ingredient Support - Handle ingredient relationships
- Archive Operations - Work with C2PA archives
- Custom Signers - Implement callback-based signing
- Hardware Signing - Use Secure Enclave for signing (iOS devices)
For testing certificate enrollment and C2PA signing, a Swift-based signing server is included:
# Start the test server
make signing-server-startThe server runs on http://localhost:8080 and provides:
- Certificate Authority: Signs Certificate Signing Requests (CSRs) for testing
- C2PA Signing: Server-side C2PA manifest signing
- Bearer Token Authentication: For development/testing only
GET /health- Health checkPOST /api/v1/certificates/sign- Sign a CSRPOST /api/v1/c2pa/sign- Sign image with C2PA manifest
This project is licensed under the Apache License, Version 2.0 and MIT - see the LICENSE-APACHE and LICENSE-MIT files for details.
![@github-actions[bot]](https://avatars.githubusercontent.com/in/15368?s=64&v=4){kind=small}