This project provides iOS bindings to the C2PA (Content Authenticity Initiative) libraries. It wraps the C2PA Rust implementation (c2pa-rs) using its C API bindings.
C2PA iOS offers:
- iOS/macOS support via Swift Package/XCFramework
- Native Swift APIs for reading, verifying, and signing content with C2PA manifests
- Stream-based APIs for flexible data handling
- Builder APIs for creating custom manifests
- Comprehensive test suite with example application
- Hardware-backed signing with Secure Enclave (iOS devices)
c2pa-ios/
├── Library/ # Swift Package containing the C2PA library
│ ├── Sources/ # Library source code
│ │ └── C2PA/ # Main library implementation
│ ├── Frameworks/ # Pre-built XCFramework
│ │ └── C2PAC.xcframework/
│ └── Tests/ # Unit tests
│ └── C2PATests/ # Test implementations
├── TestApp/ # iOS app for running tests with UI
├── ExampleApp/ # Sample iOS app for implementation reference
├── TestShared/ # Shared test utilities and fixtures
├── SigningServer/ # Local test server for signing operations
├── C2PA.xcworkspace/ # Xcode workspace tying everything together
└── Makefile # Build automation (wraps xcodebuild/swift commands)
- iOS 15.0+ / macOS 11.0+
- Xcode 13.0+
- Swift 5.9+
- Xcode Command Line Tools
- Make
# Build the complete library with XCFramework
make library
# Build iOS framework (release configuration)
make ios-framework
# Run all tests
make test
# Run library tests only
make test-library
# Generate test coverage
make coverage# Run the test app in iOS Simulator
make run-test-app
# Run the example app in iOS Simulator
make run-example-app
# Build entire workspace
make workspace-build# Start the local signing server
make signing-server-start
# Check server status
make signing-server-status
# Stop the server
make signing-server-stop
# Run tests with signing server
make tests-with-serverYou can add C2PA iOS as a Swift Package Manager dependency:
dependencies: [
.package(url: "https://github.com/contentauth/c2pa-ios.git", from: "0.0.1")
]In your target, add the dependency:
targets: [
.target(
name: "YourTarget",
dependencies: [.product(name: "C2PA", package: "c2pa-ios")]
)
]For local development without using a released version:
- Clone the repository
- Open
C2PA.xcworkspacein Xcode - Build using the workspace schemes or use the Makefile commands
import C2PA
// Read C2PA data from a file
do {
let manifestJSON = try C2PA.readFile(at: imageURL)
print("C2PA manifest: \(manifestJSON)")
} catch {
print("Error reading C2PA data: \(error)")
}
// Sign a file with C2PA data
let signerInfo = SignerInfo(
algorithm: .es256,
certificatePEM: certificatePEM,
privateKeyPEM: privateKeyPEM,
tsaURL: nil
)
let manifestJSON = """
{
"claim_generator": "MyApp/1.0",
"title": "Signed Image",
"format": "image/jpeg"
}
"""
try C2PA.signFile(
source: inputURL,
destination: outputURL,
manifestJSON: manifestJSON,
signerInfo: signerInfo
)// Create stream from data
let imageData = try Data(contentsOf: imageURL)
let stream = try Stream(data: imageData)
// Read with Reader API
let reader = try Reader(format: "image/jpeg", stream: stream)
let manifestJSON = try reader.json()
// Sign with Builder API
let builder = try Builder(manifestJSON: manifestJSON)
let signer = try Signer(info: signerInfo)
let sourceStream = try Stream(data: imageData)
let destStream = try Stream(fileURL: outputURL)
let manifestData = try builder.sign(
format: "image/jpeg",
source: sourceStream,
destination: destStream,
signer: signer
)-
Clone this repository:
git clone https://github.com/contentauth/c2pa-ios.git cd c2pa-ios -
Build the iOS framework:
# Build library framework make library # Or build entire workspace make workspace-build
-
Run tests:
# Run all tests make test # Run with coverage make coverage
The project includes a comprehensive Makefile with various targets:
library- Build the C2PA library frameworkios-framework- Build iOS framework (release configuration)test- Run all tests (alias for test-library)test-library- Run library unit tests onlytests- Run all tests including UI testscoverage- Generate test coverage reportworkspace-build- Build entire workspacerun-test-app- Run test app in simulatorrun-example-app- Run example app in simulatorsigning-server-start- Start signing serversigning-server-stop- Stop signing serversigning-server-status- Check server statustests-with-server- Run tests with signing serverclean- Clean build artifactslint- Run SwiftLint on the codebasehelp- Show all available targets
The app includes comprehensive tests covering all major C2PA operations. Run the app and tap "Run All Tests" to see the library in action.
- C2PA Library Version - Display current library version
- Error Handling - Proper error handling for invalid files
- Reading C2PA Data - Extract manifest data from signed images
- Stream APIs - Demonstrate flexible stream-based operations
- Builder APIs - Sign images with custom manifest data
- No-Embed Manifests - Create cloud/sidecar manifests
- Resource Management - Add and extract resources (thumbnails, etc.)
- Ingredient Support - Handle ingredient relationships
- Archive Operations - Work with C2PA archives
- Custom Signers - Implement callback-based signing
- Hardware Signing - Use Secure Enclave for signing (iOS devices)
For testing certificate enrollment and C2PA signing, a Swift-based signing server is included:
# Start the test server
make signing-server-startThe server runs on http://localhost:8080 and provides:
- Certificate Authority: Signs Certificate Signing Requests (CSRs) for testing
- C2PA Signing: Server-side C2PA manifest signing
- Bearer Token Authentication: For development/testing only
GET /health- Health checkPOST /api/v1/certificates/sign- Sign a CSRPOST /api/v1/c2pa/sign- Sign image with C2PA manifest
This project is licensed under the Apache License, Version 2.0 and MIT - see the LICENSE-APACHE and LICENSE-MIT files for details.