Debugging
Use the debugging features built into the library
Print the Manifest Store JUMBF Structure
C2PA Manifests are stored in JUMBF boxes within the media file. The libc2pa code looks for specific values in the C2PA_DEBUG_BOXES environment variable. If set, then it will print out information (to stdout) about the structure of the JUMBF boxes that it finds while performing validation of a signed C2PA media file.
Valid values for C2PA_DEBUG_BOXES are:
table- Generates an ASCII table with information about each box found.pictorial- Generates an ASCII "picture" portraying the boxes found, and how they are nested.json- Generates a JSON document showing information about the boxes found.
Example of table output
table output$ C2PA_DEBUG_BOXES=table ./a.out image.jpg
BOX_DESC TYPE OFFSET SIZE SALT LABEL
Super jumb 0 26906
Super jumb 38 26868
Description jumd 46 83 com.truepic:urn:uuid:9f9ce6fd-cc11-472d-91e9-f1821c27955c
Super jumb 129 462
Description jumd 137 41 c2pa.assertions
Super jumb 178 197
Description jumd 186 85 YES com.truepic.libc2pa
Content cbor 271 104
Super jumb 375 216
Description jumd 383 80 YES c2pa.hash.data
Content cbor 463 128
Super jumb 591 659
Description jumd 599 36 c2pa.claim
Content cbor 635 615
Super jumb 1250 25656
Description jumd 1258 40 c2pa.signature
Content cbor 1298 25608
This shows the structure of the Manifest Store in image.jpg. It is 26906 bytes in size. It contains:
- A single Manifest,
com.truepic:urn:uuid:9f9ce6fd-cc11-472d-91e9-f1821c27955c, which is26868bytes in size. This Manifest contains:- An Assertion Store (
c2pa.assertions) which is462bytes in size. The Assertion Store contains:- A
com.truepic.libc2paassertion of size197with CBOR content of size104bytes. - A
c2pa.hash.dataassertion of size216with CBOR content of size128bytes.
- A
- A Claim (
c2pa.claim) which is659bytes in size with CBOR content of size615bytes. - A Signature (
c2pa.signature) which is25656bytes in size with CBOR content of size25608bytes.
- An Assertion Store (
Example of pictorial output
pictorial output$ C2PA_DEBUG_BOXES=pictorial ./a.out image.jpg
SSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSS
S Super S
S S
S Start: 0 S
S Type: jumb S
S Size: 26906 S
S S
S SSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSS S
S S Super S S
S S S S
S S Start: 38 S S
S S Type: jumb S S
S S Size: 26868 S S
S S S S
S S DDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDD S S
S S D Description D S S
S S D D S S
S S D Start: 46 D S S
S S D Type: jumd D S S
S S D Size: 83 D S S
S S D Label: com.truepic:urn:uuid:9f9ce6fd-cc11-472d-91e9-f1821c27955c D S S
S S D D S S
S S DDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDD S S
S S S S
S S SSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSS S S
S S S Super S S S
S S S S S S
S S S Start: 129 S S S
S S S Type: jumb S S S
S S S Size: 462 S S S
S S S S S S
S S S DDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDD S S S
S S S D Description D S S S
S S S D D S S S
S S S D Start: 137 D S S S
S S S D Type: jumd D S S S
S S S D Size: 41 D S S S
S S S D Label: c2pa.assertions D S S S
S S S D D S S S
S S S DDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDD S S S
S S S S S S
S S S SSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSS S S S
S S S S Super S S S S
S S S S S S S S
S S S S Start: 178 S S S S
S S S S Type: jumb S S S S
S S S S Size: 197 S S S S
S S S S S S S S
S S S S DDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDD S S S S
S S S S D Description D S S S S
S S S S D D S S S S
S S S S D Start: 186 D S S S S
S S S S D Type: jumd D S S S S
S S S S D Size: 85 D S S S S
S S S S D HAS SALT D S S S S
S S S S D Label: com.truepic.libc2pa D S S S S
S S S S D D S S S S
S S S S DDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDD S S S S
S S S S S S S S
S S S S CCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCC S S S S
S S S S C Content C S S S S
S S S S C C S S S S
S S S S C Start: 271 C S S S S
S S S S C Type: cbor C S S S S
S S S S C Size: 104 C S S S S
S S S S C C S S S S
S S S S CCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCC S S S S
S S S S S S S S
S S S SSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSS S S S
S S S S S S
S S S SSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSS S S S
S S S S Super S S S S
S S S S S S S S
S S S S Start: 375 S S S S
S S S S Type: jumb S S S S
S S S S Size: 216 S S S S
S S S S S S S S
S S S S DDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDD S S S S
S S S S D Description D S S S S
S S S S D D S S S S
S S S S D Start: 383 D S S S S
S S S S D Type: jumd D S S S S
S S S S D Size: 80 D S S S S
S S S S D HAS SALT D S S S S
S S S S D Label: c2pa.hash.data D S S S S
S S S S D D S S S S
S S S S DDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDD S S S S
S S S S S S S S
S S S S CCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCC S S S S
S S S S C Content C S S S S
S S S S C C S S S S
S S S S C Start: 463 C S S S S
S S S S C Type: cbor C S S S S
S S S S C Size: 128 C S S S S
S S S S C C S S S S
S S S S CCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCC S S S S
S S S S S S S S
S S S SSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSS S S S
S S S S S S
S S SSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSS S S
S S S S
S S SSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSS S S
S S S Super S S S
S S S S S S
S S S Start: 591 S S S
S S S Type: jumb S S S
S S S Size: 659 S S S
S S S S S S
S S S DDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDD S S S
S S S D Description D S S S
S S S D D S S S
S S S D Start: 599 D S S S
S S S D Type: jumd D S S S
S S S D Size: 36 D S S S
S S S D Label: c2pa.claim D S S S
S S S D D S S S
S S S DDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDD S S S
S S S S S S
S S S CCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCC S S S
S S S C Content C S S S
S S S C C S S S
S S S C Start: 635 C S S S
S S S C Type: cbor C S S S
S S S C Size: 615 C S S S
S S S C C S S S
S S S CCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCC S S S
S S S S S S
S S SSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSS S S
S S S S
S S SSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSS S S
S S S Super S S S
S S S S S S
S S S Start: 1250 S S S
S S S Type: jumb S S S
S S S Size: 25656 S S S
S S S S S S
S S S DDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDD S S S
S S S D Description D S S S
S S S D D S S S
S S S D Start: 1258 D S S S
S S S D Type: jumd D S S S
S S S D Size: 40 D S S S
S S S D Label: c2pa.signature D S S S
S S S D D S S S
S S S DDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDD S S S
S S S S S S
S S S CCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCC S S S
S S S C Content C S S S
S S S C C S S S
S S S C Start: 1298 C S S S
S S S C Type: cbor C S S S
S S S C Size: 25608 C S S S
S S S C C S S S
S S S CCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCC S S S
S S S S S S
S S SSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSS S S
S S S S
S SSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSS S
S S
SSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSS
This is the exact same image, and the same data, as in the table output above, but it makes the nesting of the boxes more obvious.
Example of json output
json output$ C2PA_DEBUG_BOXES=json ./a.out image.jpg
{
"JUMBF box": "Super",
"children": [
{
"JUMBF box": "Super",
"children": [
{
"JUMBF box": "Super",
"children": [
{
"JUMBF box": "Super",
"children": [
{
"JUMBF box": "Content",
"size": 104,
"start": 271,
"type": "cbor"
}
],
"description": {
"JUMBF box": "Description",
"hasSalt": true,
"label": "com.truepic.libc2pa",
"size": 85,
"start": 186,
"type": "jumd"
},
"size": 197,
"start": 178,
"type": "jumb"
},
{
"JUMBF box": "Super",
"children": [
{
"JUMBF box": "Content",
"size": 128,
"start": 463,
"type": "cbor"
}
],
"description": {
"JUMBF box": "Description",
"hasSalt": true,
"label": "c2pa.hash.data",
"size": 80,
"start": 383,
"type": "jumd"
},
"size": 216,
"start": 375,
"type": "jumb"
}
],
"description": {
"JUMBF box": "Description",
"hasSalt": false,
"label": "c2pa.assertions",
"size": 41,
"start": 137,
"type": "jumd"
},
"size": 462,
"start": 129,
"type": "jumb"
},
{
"JUMBF box": "Super",
"children": [
{
"JUMBF box": "Content",
"size": 615,
"start": 635,
"type": "cbor"
}
],
"description": {
"JUMBF box": "Description",
"hasSalt": false,
"label": "c2pa.claim",
"size": 36,
"start": 599,
"type": "jumd"
},
"size": 659,
"start": 591,
"type": "jumb"
},
{
"JUMBF box": "Super",
"children": [
{
"JUMBF box": "Content",
"size": 25608,
"start": 1298,
"type": "cbor"
}
],
"description": {
"JUMBF box": "Description",
"hasSalt": false,
"label": "c2pa.signature",
"size": 40,
"start": 1258,
"type": "jumd"
},
"size": 25656,
"start": 1250,
"type": "jumb"
}
],
"description": {
"JUMBF box": "Description",
"hasSalt": false,
"label": "com.truepic:urn:uuid:9f9ce6fd-cc11-472d-91e9-f1821c27955c",
"size": 83,
"start": 46,
"type": "jumd"
},
"size": 26868,
"start": 38,
"type": "jumb"
}
],
"size": 26906,
"start": 0,
"type": "jumb"
}
This is the same information again, this time in JSON representation. Because of the ordering of the fields, this might be a bit difficult to parse visually, but it becomes a bit clearer when viewing in it in a JSON Parser that supports collapsible structures.
Dump the C2PA Signature
The C2PA Signature box can be dumped by setting the C2PA_DEBUG_SIGNATURE environment variable. This will produce 3 binary files in the current directory:
$ C2PA_DEBUG_SIGNATURE=ON ./a.out image.jpg
$ ls -l *.bin
-rw-r--r-- 1 dan staff 25600 Aug 10 15:05 signature_data.bin
-rw-r--r-- 1 dan staff 64 Aug 10 15:05 signature_digest.bin
-rw-r--r-- 1 dan staff 972 Aug 10 15:05 signature_structure.bin
These three files contain different "views" of the C2PA Signature:
signature_data.bin- This is the full CBOR contents of the Signature box. It is aCOSE_Sign1_Taggedstructure, as described in Section 14.2.2 of the C2PA specification.signature_digest.bin- This is the cryptographic signature over theSig_structure.signature_structure.bin- This is the CBORSig_structure, constructed as described in Section 14.2.3 of the C2PA specification.
The CBOR structures can be examined with the xxd command line tool in combination with a CBOR parser such as cbor-diag or the cbor.me web site.
Examine the COSE_Sign1_Tagged structure
COSE_Sign1_Tagged structure$ xxd -p signature_data.bin | cbor-diag
18([
h'a2012618215901523082014e3081f4020101300a06082a8648ce3d0403023033310b30090603550406130255533110300e060355040a0c07547275657069633112301006035504030c096c6f63616c686f7374301e170d3232303130333232353535315a170d3232303431333232353535315a3033310b30090603550406130255533110300e060355040a0c07547275657069633112301006035504030c096c6f63616c686f73743059301306072a8648ce3d020106082a8648ce3d030107034200045efc002e9b884121735c4657e72a7da9a7708247d5c24b144e3aef5da2a068d4dcb34964d9a3f0bf3f0942ba7da65e07dfe02555e04f8b47eafce63973624faa300a06082a8648ce3d04030203490030460221009a64e5c2647505c803f59dbdf4abeca5f1829edbb8e371e5f7ef0164720cc37f022100b71de09745fbaf1569a02f1f1fc52d02c46848029315ba907cb92e6f0b2d7646',
{
"pad": h'0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000',
"sigTst": {
"tstTokens": [
{
"val": h'308215dc3003020100308215d306092a864886f70d010702a08215c4308215c0020103310d300b06096086480165030402023081f6060b2a864886f70d0109100104a081e60481e33081e0020101060c2b0601040181af080102032d3041300d06096086480165030402020500043073be08e3958e5e951c1566904ae5a19a84aa91a76e8e556f9d13064aac6dbb893cb31eba99cf1b369a8f5756355cea8f02107a0c4d7d8d24eda45fcdf5870e287418180f32303233303831303136333933325a3004800201f4a061a45f305d310b30090603550406130255533110300e060355040a0c0754727565706963310d300b060355040b0c044c656e73312d302b06035504030c2454727565706963204c656e732054696d652d5374616d70696e6720417574686f72697479a08210d63082056f30820357a003020102021441f24955c8de9d5b2a574e247b607afa732eb1ba300d06092a864886f70d01010c0500303f310f300d06035504030c06526f6f744341310d300b060355040b0c044c656e733110300e060355040a0c0754727565706963310b3009060355040613025553301e170d3231313230393230303431375a170d3336313230353230303431365a303f310f300d06035504030c06526f6f744341310d300b060355040b0c044c656e733110300e060355040a0c0754727565706963310b300906035504061302555330820222300d06092a864886f70d01010105000382020f003082020a0282020100e97662c2a845d54aa6f61958ab7906d64074e1f5fa374a36bdafd82b340807e22a84292ed696ffb30c598195611f103fded6d781172f2c5ea41364cfe7a9f12e38061b7a9265e77e4e969fef394af200cc7bf0cdacbc61ae83cc4620e4d71893de90af6ca94c2035eea58003fbbfae3c776ca0c39f0c1d9ff2db40775cc82258cc1578cdb83c761f43f6e9cd8cf70241bd96b9876c5bbc022972e2315ed9be9523525b418828e83336b8f97b9775512b66bce7bf96662a1ca38db96b5c569effec258c4f8cb10136adc10e4009f2fcf80db2a719b460e26c0540ba4b63b6c62557d4d78c446c37eea33fca6413bc0f692d2c6406b4576576db1b546746bf2bee3b3fe073027f56ae689bbfbc3a4072882c39d1b8d4d5c691792e2af38d9566dd47c3a3f7314b1f8c7c9c1bec70630bb48c2e035e5d7109d9ee46d62561984ff139145023795de2dd9f20261c8948b648718a7f7ed9470d509505724cae476639aea00c599b25cdbdb6bcf575400b8107ec0714f8c9acc3cc5aec3adf0381a8b00f86994c529fff2316e8e915ee86ce5db8d9fb26ae852f1e44bbab193a217f32e1671a9bca5abd0bac690f6e773bc0f70531a7e1ffb1daf488401ac0f8b042ec8133567249723d8c4b112cbe0c7a6d17d9cb73ee920330cfcb8722a81d2d4914bf8de843ea14395dd4dcc985238c55251b4e2e46a22628984441537cfc0fc6190203010001a3633061300f0603551d130101ff040530030101ff301f0603551d2304183016801458baf1a9f20de745060ab029a75a9730ea273d0b301d0603551d0e0416041458baf1a9f20de745060ab029a75a9730ea273d0b300e0603551d0f0101ff040403020186300d06092a864886f70d01010c0500038202010083377feb931a5121c629d71004abd0c7db51938ad62e7c2b20ccdf93ad34e1eb5efe3ecf8ebc512e34b526188b3b68dada402f2824021d1d772c206b2386c0b68a474d089085706c41f8515868a51d502bb3d79a6aab17c3137bad13354891802e8d533ccac82219cc8cb97b84370b1f2e3273589e2694d133d979617da5646220f73b40e64f977a4050cb47305bf5cf95b0faf27a8941ca4901424aceafcbefdf76258b7dd82893a9af5dbc35104e89e83232a70654dbbe6fe4be1433d6f8d2e36a952764e9c92b68d723db086cc7b0fc7e95f02a3be409b8a15adf2581dd397cbffbb490673bf628aeb893b41aad52f88b9e74dcd221230b94baca8fc720458950bf952bc847e13beae1eed05b9282dbf845438d02c8e22eab440c7e39a5f94c29ff8cd6e8b18af8e034f55850d5d8a5ced5ef384fad668acf4f0cb908f4438b9323a2ee99432f0b6e149dceb8d52469846efffb6ec0c3c4707fccde176fc2ebb52f3d868183a30bbfcbfbe1a78fc81ae2bb88061bee62eb868d1797d1549dabe06129bfb4c87d52f719e07b3965e3a175baf971bc55283ac21b04ecefb53e988e09051e16768391c3f08cca32c5ee690edd0666af46214cb31d4739faff23e4a2d83d3806cb10cd5c5594adc22cfa3b87396a6138371f95ea105a2dcb680f6dcda38e6f9eb9c10c217705c56615c40f046178e747732809ee636e5ac29119308205773082035fa00302010202146c6d486f7474167aa6d72f3037b557ef60451d8c300d06092a864886f70d01010c0500303f310f300d06035504030c06526f6f744341310d300b060355040b0c044c656e733110300e060355040a0c0754727565706963310b3009060355040613025553301e170d3231313231373138343431385a170d3236313231363138343431375a30473117301506035504030c0e54696d657374616d70696e674341310d300b060355040b0c044c656e733110300e060355040a0c0754727565706963310b300906035504061302555330820222300d06092a864886f70d01010105000382020f003082020a0282020100b915f7e7111a376b13610f965109ee0b751769ffe44ed56277a5a280e9ecc53041e4b5c86368fc73a63216f169e8a7c428aaf25947213141357c9c37d37a99cf17a1bedf346236c460e55112b046ea5a450117ae74e6e3a30b316b21cd1459586d3b847d0a92616c2748fcd7ac843733771430e337f9bbdee6f871658c5a1c9615dd5e13831acd9a63afd06eb779e60dd5409a9cd28c68661a9afb39868e9183efd37dad0bc781b1d5ad74b5563d0c85432eee7c68de182be88a2493669dd4d45c1960d059b693fdb3ef5ea88ec5dba8b0274259cd34ab2c1703b591a8f1d0753edc78853e54d609093ebe760acee0dd106831e5181e57f77814b6e85805e3246a258f1ce0d8feecf77de7f966dfac8af9ade237de75b7cb39d3ad97a9843a87786125c8a2fa72888480244c3e18f69c55c4de291baf05d4542cc49360cd4b494a02728bf4bae3e2082660abe58bb95da105c8aa47c76991c09ae6bb5cab40741e68636294ca5d2523897490e2bae2d03c6f040fcb3d87f78cf02818ff3958fdcaf11727aba4e8726bf031b0e584b41b2ca99c955863155585c7c955ceeea0794d4522b3eb8cf809e6b48354987265dc48fe1d0d9ebfbf60ba08aab90a6c4e4497663120d6f5f60e632d8622bc757deb41303b5dfd4f35d8cb8335eadf02363396e9287d3e12722f92cbe7d8b05d3c16697436b45023d4f540420c01eff9b4050203010001a3633061300f0603551d130101ff040530030101ff301f0603551d2304183016801458baf1a9f20de745060ab029a75a9730ea273d0b301d0603551d0e041604140af983085aad17def1ef0645488b461027e78cb6300e0603551d0f0101ff040403020186300d06092a864886f70d01010c05000382020100a04d9ee863147f5bd8c7991f6c90f3f4f95bc4bcc628d9c02f8aeab801ecb54dd14acc2791450c30f61c191d626ac0d30fb044d80203e231550667d8a0a872dd7d7d9cbebda5254d62206b4259abdb981357e4db1df3abeae5d8a2c948c030523d4f6dba8c21e1410348e8b8370a94cd1e36fcadd01b5bd31d79dacd5250d3138c8373b5411fb9050ab62291e26403ffbc4bdedd2c6c007dbe89cdea588b5227bbfa40f12d7680fb7c85fc2d51571ecdb187bd9be0d09e3b8225573c76e6e04ca8415c104836d0d681df97c22ee41d36e7deb2573dc534b979ee8d4c7a97601bd40fcac55f210e020e9fbb4d663303a3c4a9913c5b378b71491d5ec0c5b389794f5dc4ceb99b3cbf0ceb5f8272f23d64b737d82af40c55b3629eb810317097725ecd6c07af62dcdc6807ae3c74ebc1e0c331800d08ae40136317cb3bd02b338c14a2cae659966fbc036004106c8f816fdac39233ff4a09d2f6ee492ccc4a7aec0472f9915941d96b56931de3b7ba57711f6360e5ba962dd414bba27f23e21f0349dc1aedfe3aeed9141cf747b790028bc5c589f1ce5e4dee0552e3dcb51022dda2dcd42f29051e159a2053661ed250a163797b80c8943ccd6b55b4a0981376d3149cc8caa1d3ffee1a71bb555c8da9bb64a788aef831c464a366079d8b7cf1cb6178e66bfa255e32e5b885e4e01b83cbb9bd15c20ee0e4cfb3c656115345294a308205e4308203cca0030201020214638222df041d7da5d1febfae99c11634265c5d64300d06092a864886f70d01010c050030473117301506035504030c0e54696d657374616d70696e674341310d300b060355040b0c044c656e733110300e060355040a0c0754727565706963310b3009060355040613025553301e170d3231313231373138353432395a170d3233313231373138353432385a305d310b30090603550406130255533110300e060355040a0c0754727565706963310d300b060355040b0c044c656e73312d302b06035504030c2454727565706963204c656e732054696d652d5374616d70696e6720417574686f7269747930820222300d06092a864886f70d01010105000382020f003082020a0282020100c0bf7b0013cabe5d989a1a6f963dc0b87ff7d66e8ed547ff7b11306878857e46bfdd5e7635f96eb70b18b4444c4a6980a272f4f9ea2a693dac21506e0fc935630f1ea16afdf0bd5ec4d16dd85a92bd89e127aefc4529e6f92cade5f2db5810983c55aa7496a5b624b0ef22c1aed9b25059636fad23f95d4c52021be90b37f0191e41b98b76acb65bcf0fb6cd71492c0d94878e1e3d069b8f2e92a622758715c343042e5b8c716c47721e8e250b337368c534d04bfa0bb93adc7f61f33966fe03378c089773f1072b7291363f7e4fd64b81b512eeb2b5292f3702367b7b7b7965471246256a2878fac641b94c702fc8c6a41e14b72b3c2404eddb8e07482f6b6fdd5d0ac081a93377734038a281ad268901dfad8a1727d33f55e5c3110020dd46d12f80e22c1cb2792838e0a3256675a2b662cd165c831d84662b6c68e5835e3af19b6906f26f3f46441cca1fd0f808ff2a10f628dae10fc7ad9e2acb918c94ef42d3746cb618e887b88c08f463df636c5f383c35cf03230e9546b86ca698768e1cdbc69ccc5520617bcbb23ca727a722b2fbbc1108b0a8b4beddab361096ef7476237a83bbf954f303395fcfbd6a56ca766e6c5f951c143a48f911cb0e5e95f2526b744749bc6bb00049f0b736107a52d1aaa6ebdb527b0f97b3883e408b8bc5d46ffb77ee2e442b278318ac9055024c18ff855ff2d0e83f30f3febed85f965b0203010001a381b13081ae300c0603551d130101ff04023000301f0603551d230418301680140af983085aad17def1ef0645488b461027e78cb6303606082b06010505070101042a3028302606082b06010505073001861a687474703a2f2f76612e747275657069632e636f6d2f6f63737030160603551d250101ff040c300a06082b06010505070308301d0603551d0e041604148ef7c0a2beecf1c78a6f5e5d15d0496dcf4edd54300e0603551d0f0101ff0404030205a0300d06092a864886f70d01010c0500038202010026b996e61fc6b5317c4a3f490b87935c310823c1a6e3328e53af5bba7fcbfab98b25257bbe3a852b186faf00c619496bbd596625449898fe13721b4d0a8e00b57bd9e04f0a0ac635abe8bfc1772712b607b1236cdc0061661f9b428fa57b5717733de7d896ebc3e41770155bc894c21b0b73c06b623d6a4fe5a8ded14820bb7f495d93e70c2163a9f92fe5b6ddc8890e9ee27d96eb01ec3c5dcb5672a3caf5f0e50c9981ab8bf271f58ed92985607c804cad6c4b07bb4e3e46514a36199803e124632735488428bd25570d89948476ddca9ed60cd7ed54d522c00697f3d7e9ccad5f49bfd15e188810c7f1af77e28a27c6c1570beaef5bf89f828cd237f4deca5f911012d16e841228a5f5ddecf918abb19a18b96edf7a6df87aa542852d7bfe9cb5c13009dedce874d95aa48b0aca871b039fa2d4d484b41913a3ae39c0ff9f719d89401da0005038b4c114f16b16624cd5139b76432f043cd9a0ca5b920aa25854c46b1c147c5556e9b5bde5ef70eae0e951e462fb838a72d6e9308a074d1a36f2e774975443f24bb5575bb722ec99f4516d40f78f2318da7742eb533c302afce79e8f1a8a38c980296dee0a9a968ec57bcb85e2ca76df2cdc0f1c0e1fdcc22897c35c7677a278ffa700035ee27050aee561be54c421744cfcb290ccbeba3777f6feff025d0073011f99ffd34c1884c71134e0b8a79ac36fd3b6a9c8df1cf3318203d7308203d3020101305f30473117301506035504030c0e54696d657374616d70696e674341310d300b060355040b0c044c656e733110300e060355040a0c0754727565706963310b30090603550406130255530214638222df041d7da5d1febfae99c11634265c5d64300b0609608648016503040202a082014b301a06092a864886f70d010903310d060b2a864886f70d0109100104301c06092a864886f70d010905310f170d3233303831303136333933325a302b06092a864886f70d010934311e301c300b0609608648016503040202a10d06092a864886f70d01010c0500303f06092a864886f70d01090431320430c4e8852fb7bf50f5a46ef9ff3947a053687aeb97ec6e035e7191a8b4cd7da015859bd97cc5885ddbc37c57e6df115d213081a0060b2a864886f70d010910022f31819030818d30818a30818704208cae605f0a42219b8931c11b32de765ec3fa008c9bec693d5be6649e1086a9773063304ba44930473117301506035504030c0e54696d657374616d70696e674341310d300b060355040b0c044c656e733110300e060355040a0c0754727565706963310b30090603550406130255530214638222df041d7da5d1febfae99c11634265c5d64300d06092a864886f70d01010c05000482020093687093bde9d038df1095630a5726c29e64e706653912df5cb4fe612d469f53270ce36083af0a7a24d984104b7c45cc57fd2c6b752c4d8297ed6820b0b87ae50fa15bacbdabb2a77360e4b0b1d736d81d1da86476067d0a51c111007a2337ab5dcad3f58816f103b649ba0d60bdce776b738454b8aa28671d9d9ca9d50a01088d32b6d89595d0a6b27ac57b966dcf3b8972bde10df822404b9111e1e13a6cb9562e2c0f341196429547b674a1f466b865a653726fb0f15058d118e9077e4450bd5b7d91a3d9b39c47a37ae51a44e33f7ed4d1b1ed9fda4f54211db487075c2192e08f95b1eab33e10da810930045bb42213dad57d58d88283eace2558788340e47a6bf47ccf8b4d89ba37b4869b305ce39a5c26a887facea12f60c894efd5658d746dcd57740081dc083ad6e9e81c0c9e1aea431d80dff013acdce55dc13007d06332bb2ad683812a14a09f57c817d48866c0273b050d74fc10925bb0d11453049c605a26e04c2304a89b728de3875e7a681bd833a1f24cc77b89576ed2066727e46c7299a0f7ce63c64878fb3dc9cebe39a90dab57c7350f7190c770cb2f73d85ecbb86c7c8ad311d403526749eef7573f8ee5f936c67764fe8e2ad340901fb495328af34b20c78140f47bf467efb89bffe29037f4a5a3d7c1b51de445fd5fd10e90488a6ab2bf40324210e51e85f0dd56c31a8dab1005ecdb307d92557052',
},
],
},
},
null,
h'116fc947a4087b922441f7716f4391390fcc3f032847a46bcdccf7cf1c0a83246a64296890a834c794dca521465476fa4feca23c0b92a77e5334878f95ea16b9',
])
According to the specifications, this data is:
protected- A byte array of more CBOR data.unprotected- A structure containing multiple elements:pad- Just used to pad the structure during creation, as described in the C2PA specification.sigTst- The TSA (time stamp) token.
payload- This is always empty (null) for C2PA.signature- This is the cryptographic signature, the same as thesignature_digest.binfile, in hexadecimal format.
The protected field can be further examined:
echo "3082014e3081f4020101300a06082a8648ce3d0403023033310b30090603550406130255533110300e060355040a0c07547275657069633112301006035504030c096c6f63616c686f7374301e170d3232303130333232353535315a170d3232303431333232353535315a3033310b30090603550406130255533110300e060355040a0c07547275657069633112301006035504030c096c6f63616c686f73743059301306072a8648ce3d020106082a8648ce3d030107034200045efc002e9b884121735c4657e72a7da9a7708247d5c24b144e3aef5da2a068d4dcb34964d9a3f0bf3f0942ba7da65e07dfe02555e04f8b47eafce63973624faa300a06082a8648ce3d04030203490030460221009a64e5c2647505c803f59dbdf4abeca5f1829edbb8e371e5f7ef0164720cc37f022100b71de09745fbaf1569a02f1f1fc52d02c46848029315ba907cb92e6f0b2d7646" | cbor-diag
{
1: -7,
33_0: h'3082014e3081f4020101300a06082a8648ce3d0403023033310b30090603550406130255533110300e060355040a0c07547275657069633112301006035504030c096c6f63616c686f7374301e170d3232303130333232353535315a170d3232303431333232353535315a3033310b30090603550406130255533110300e060355040a0c07547275657069633112301006035504030c096c6f63616c686f73743059301306072a8648ce3d020106082a8648ce3d030107034200045efc002e9b884121735c4657e72a7da9a7708247d5c24b144e3aef5da2a068d4dcb34964d9a3f0bf3f0942ba7da65e07dfe02555e04f8b47eafce63973624faa300a06082a8648ce3d04030203490030460221009a64e5c2647505c803f59dbdf4abeca5f1829edbb8e371e5f7ef0164720cc37f022100b71de09745fbaf1569a02f1f1fc52d02c46848029315ba907cb92e6f0b2d7646',
}
This has two fields in it:
1- This is the signature algorithm (alg). In this case, the value-7indicates ECDSA w/ SHA-256 (reference).33- This is the certificate chain, in DER format, represented as a hexadecimal string.
The certificate can be examined:
$ openssl x509 -inform DER -noout -text -in <(echo "3082014e3081f4020101300a06082a8648ce3d0403023033310b30090603550406130255533110300e060355040a0c07547275657069633112301006035504030c096c6f63616c686f7374301e170d3232303130333232353535315a170d3232303431333232353535315a3033310b30090603550406130255533110300e060355040a0c07547275657069633112301006035504030c096c6f63616c686f73743059301306072a8648ce3d020106082a8648ce3d030107034200045efc002e9b884121735c4657e72a7da9a7708247d5c24b144e3aef5da2a068d4dcb34964d9a3f0bf3f0942ba7da65e07dfe02555e04f8b47eafce63973624faa300a06082a8648ce3d04030203490030460221009a64e5c2647505c803f59dbdf4abeca5f1829edbb8e371e5f7ef0164720cc37f022100b71de09745fbaf1569a02f1f1fc52d02c46848029315ba907cb92e6f0b2d7646" | xxd -r -p)
Certificate:
Data:
Version: 1 (0x0)
Serial Number: 1 (0x1)
Signature Algorithm: ecdsa-with-SHA256
Issuer: C = US, O = Truepic, CN = localhost
Validity
Not Before: Jan 3 22:55:51 2022 GMT
Not After : Apr 13 22:55:51 2022 GMT
Subject: C = US, O = Truepic, CN = localhost
Subject Public Key Info:
Public Key Algorithm: id-ecPublicKey
Public-Key: (256 bit)
pub:
04:5e:fc:00:2e:9b:88:41:21:73:5c:46:57:e7:2a:
7d:a9:a7:70:82:47:d5:c2:4b:14:4e:3a:ef:5d:a2:
a0:68:d4:dc:b3:49:64:d9:a3:f0:bf:3f:09:42:ba:
7d:a6:5e:07:df:e0:25:55:e0:4f:8b:47:ea:fc:e6:
39:73:62:4f:aa
ASN1 OID: prime256v1
NIST CURVE: P-256
Signature Algorithm: ecdsa-with-SHA256
Signature Value:
30:46:02:21:00:9a:64:e5:c2:64:75:05:c8:03:f5:9d:bd:f4:
ab:ec:a5:f1:82:9e:db:b8:e3:71:e5:f7:ef:01:64:72:0c:c3:
7f:02:21:00:b7:1d:e0:97:45:fb:af:15:69:a0:2f:1f:1f:c5:
2d:02:c4:68:48:02:93:15:ba:90:7c:b9:2e:6f:0b:2d:76:46
The timestamp can also be examined:
$ openssl ts -reply -text -in <(echo "308215dc3003020100308215d306092a864886f70d010702a08215c4308215c0020103310d300b06096086480165030402023081f6060b2a864886f70d0109100104a081e60481e33081e0020101060c2b0601040181af080102032d3041300d06096086480165030402020500043073be08e3958e5e951c1566904ae5a19a84aa91a76e8e556f9d13064aac6dbb893cb31eba99cf1b369a8f5756355cea8f02107a0c4d7d8d24eda45fcdf5870e287418180f32303233303831303136333933325a3004800201f4a061a45f305d310b30090603550406130255533110300e060355040a0c0754727565706963310d300b060355040b0c044c656e73312d302b06035504030c2454727565706963204c656e732054696d652d5374616d70696e6720417574686f72697479a08210d63082056f30820357a003020102021441f24955c8de9d5b2a574e247b607afa732eb1ba300d06092a864886f70d01010c0500303f310f300d06035504030c06526f6f744341310d300b060355040b0c044c656e733110300e060355040a0c0754727565706963310b3009060355040613025553301e170d3231313230393230303431375a170d3336313230353230303431365a303f310f300d06035504030c06526f6f744341310d300b060355040b0c044c656e733110300e060355040a0c0754727565706963310b300906035504061302555330820222300d06092a864886f70d01010105000382020f003082020a0282020100e97662c2a845d54aa6f61958ab7906d64074e1f5fa374a36bdafd82b340807e22a84292ed696ffb30c598195611f103fded6d781172f2c5ea41364cfe7a9f12e38061b7a9265e77e4e969fef394af200cc7bf0cdacbc61ae83cc4620e4d71893de90af6ca94c2035eea58003fbbfae3c776ca0c39f0c1d9ff2db40775cc82258cc1578cdb83c761f43f6e9cd8cf70241bd96b9876c5bbc022972e2315ed9be9523525b418828e83336b8f97b9775512b66bce7bf96662a1ca38db96b5c569effec258c4f8cb10136adc10e4009f2fcf80db2a719b460e26c0540ba4b63b6c62557d4d78c446c37eea33fca6413bc0f692d2c6406b4576576db1b546746bf2bee3b3fe073027f56ae689bbfbc3a4072882c39d1b8d4d5c691792e2af38d9566dd47c3a3f7314b1f8c7c9c1bec70630bb48c2e035e5d7109d9ee46d62561984ff139145023795de2dd9f20261c8948b648718a7f7ed9470d509505724cae476639aea00c599b25cdbdb6bcf575400b8107ec0714f8c9acc3cc5aec3adf0381a8b00f86994c529fff2316e8e915ee86ce5db8d9fb26ae852f1e44bbab193a217f32e1671a9bca5abd0bac690f6e773bc0f70531a7e1ffb1daf488401ac0f8b042ec8133567249723d8c4b112cbe0c7a6d17d9cb73ee920330cfcb8722a81d2d4914bf8de843ea14395dd4dcc985238c55251b4e2e46a22628984441537cfc0fc6190203010001a3633061300f0603551d130101ff040530030101ff301f0603551d2304183016801458baf1a9f20de745060ab029a75a9730ea273d0b301d0603551d0e0416041458baf1a9f20de745060ab029a75a9730ea273d0b300e0603551d0f0101ff040403020186300d06092a864886f70d01010c0500038202010083377feb931a5121c629d71004abd0c7db51938ad62e7c2b20ccdf93ad34e1eb5efe3ecf8ebc512e34b526188b3b68dada402f2824021d1d772c206b2386c0b68a474d089085706c41f8515868a51d502bb3d79a6aab17c3137bad13354891802e8d533ccac82219cc8cb97b84370b1f2e3273589e2694d133d979617da5646220f73b40e64f977a4050cb47305bf5cf95b0faf27a8941ca4901424aceafcbefdf76258b7dd82893a9af5dbc35104e89e83232a70654dbbe6fe4be1433d6f8d2e36a952764e9c92b68d723db086cc7b0fc7e95f02a3be409b8a15adf2581dd397cbffbb490673bf628aeb893b41aad52f88b9e74dcd221230b94baca8fc720458950bf952bc847e13beae1eed05b9282dbf845438d02c8e22eab440c7e39a5f94c29ff8cd6e8b18af8e034f55850d5d8a5ced5ef384fad668acf4f0cb908f4438b9323a2ee99432f0b6e149dceb8d52469846efffb6ec0c3c4707fccde176fc2ebb52f3d868183a30bbfcbfbe1a78fc81ae2bb88061bee62eb868d1797d1549dabe06129bfb4c87d52f719e07b3965e3a175baf971bc55283ac21b04ecefb53e988e09051e16768391c3f08cca32c5ee690edd0666af46214cb31d4739faff23e4a2d83d3806cb10cd5c5594adc22cfa3b87396a6138371f95ea105a2dcb680f6dcda38e6f9eb9c10c217705c56615c40f046178e747732809ee636e5ac29119308205773082035fa00302010202146c6d486f7474167aa6d72f3037b557ef60451d8c300d06092a864886f70d01010c0500303f310f300d06035504030c06526f6f744341310d300b060355040b0c044c656e733110300e060355040a0c0754727565706963310b3009060355040613025553301e170d3231313231373138343431385a170d3236313231363138343431375a30473117301506035504030c0e54696d657374616d70696e674341310d300b060355040b0c044c656e733110300e060355040a0c0754727565706963310b300906035504061302555330820222300d06092a864886f70d01010105000382020f003082020a0282020100b915f7e7111a376b13610f965109ee0b751769ffe44ed56277a5a280e9ecc53041e4b5c86368fc73a63216f169e8a7c428aaf25947213141357c9c37d37a99cf17a1bedf346236c460e55112b046ea5a450117ae74e6e3a30b316b21cd1459586d3b847d0a92616c2748fcd7ac843733771430e337f9bbdee6f871658c5a1c9615dd5e13831acd9a63afd06eb779e60dd5409a9cd28c68661a9afb39868e9183efd37dad0bc781b1d5ad74b5563d0c85432eee7c68de182be88a2493669dd4d45c1960d059b693fdb3ef5ea88ec5dba8b0274259cd34ab2c1703b591a8f1d0753edc78853e54d609093ebe760acee0dd106831e5181e57f77814b6e85805e3246a258f1ce0d8feecf77de7f966dfac8af9ade237de75b7cb39d3ad97a9843a87786125c8a2fa72888480244c3e18f69c55c4de291baf05d4542cc49360cd4b494a02728bf4bae3e2082660abe58bb95da105c8aa47c76991c09ae6bb5cab40741e68636294ca5d2523897490e2bae2d03c6f040fcb3d87f78cf02818ff3958fdcaf11727aba4e8726bf031b0e584b41b2ca99c955863155585c7c955ceeea0794d4522b3eb8cf809e6b48354987265dc48fe1d0d9ebfbf60ba08aab90a6c4e4497663120d6f5f60e632d8622bc757deb41303b5dfd4f35d8cb8335eadf02363396e9287d3e12722f92cbe7d8b05d3c16697436b45023d4f540420c01eff9b4050203010001a3633061300f0603551d130101ff040530030101ff301f0603551d2304183016801458baf1a9f20de745060ab029a75a9730ea273d0b301d0603551d0e041604140af983085aad17def1ef0645488b461027e78cb6300e0603551d0f0101ff040403020186300d06092a864886f70d01010c05000382020100a04d9ee863147f5bd8c7991f6c90f3f4f95bc4bcc628d9c02f8aeab801ecb54dd14acc2791450c30f61c191d626ac0d30fb044d80203e231550667d8a0a872dd7d7d9cbebda5254d62206b4259abdb981357e4db1df3abeae5d8a2c948c030523d4f6dba8c21e1410348e8b8370a94cd1e36fcadd01b5bd31d79dacd5250d3138c8373b5411fb9050ab62291e26403ffbc4bdedd2c6c007dbe89cdea588b5227bbfa40f12d7680fb7c85fc2d51571ecdb187bd9be0d09e3b8225573c76e6e04ca8415c104836d0d681df97c22ee41d36e7deb2573dc534b979ee8d4c7a97601bd40fcac55f210e020e9fbb4d663303a3c4a9913c5b378b71491d5ec0c5b389794f5dc4ceb99b3cbf0ceb5f8272f23d64b737d82af40c55b3629eb810317097725ecd6c07af62dcdc6807ae3c74ebc1e0c331800d08ae40136317cb3bd02b338c14a2cae659966fbc036004106c8f816fdac39233ff4a09d2f6ee492ccc4a7aec0472f9915941d96b56931de3b7ba57711f6360e5ba962dd414bba27f23e21f0349dc1aedfe3aeed9141cf747b790028bc5c589f1ce5e4dee0552e3dcb51022dda2dcd42f29051e159a2053661ed250a163797b80c8943ccd6b55b4a0981376d3149cc8caa1d3ffee1a71bb555c8da9bb64a788aef831c464a366079d8b7cf1cb6178e66bfa255e32e5b885e4e01b83cbb9bd15c20ee0e4cfb3c656115345294a308205e4308203cca0030201020214638222df041d7da5d1febfae99c11634265c5d64300d06092a864886f70d01010c050030473117301506035504030c0e54696d657374616d70696e674341310d300b060355040b0c044c656e733110300e060355040a0c0754727565706963310b3009060355040613025553301e170d3231313231373138353432395a170d3233313231373138353432385a305d310b30090603550406130255533110300e060355040a0c0754727565706963310d300b060355040b0c044c656e73312d302b06035504030c2454727565706963204c656e732054696d652d5374616d70696e6720417574686f7269747930820222300d06092a864886f70d01010105000382020f003082020a0282020100c0bf7b0013cabe5d989a1a6f963dc0b87ff7d66e8ed547ff7b11306878857e46bfdd5e7635f96eb70b18b4444c4a6980a272f4f9ea2a693dac21506e0fc935630f1ea16afdf0bd5ec4d16dd85a92bd89e127aefc4529e6f92cade5f2db5810983c55aa7496a5b624b0ef22c1aed9b25059636fad23f95d4c52021be90b37f0191e41b98b76acb65bcf0fb6cd71492c0d94878e1e3d069b8f2e92a622758715c343042e5b8c716c47721e8e250b337368c534d04bfa0bb93adc7f61f33966fe03378c089773f1072b7291363f7e4fd64b81b512eeb2b5292f3702367b7b7b7965471246256a2878fac641b94c702fc8c6a41e14b72b3c2404eddb8e07482f6b6fdd5d0ac081a93377734038a281ad268901dfad8a1727d33f55e5c3110020dd46d12f80e22c1cb2792838e0a3256675a2b662cd165c831d84662b6c68e5835e3af19b6906f26f3f46441cca1fd0f808ff2a10f628dae10fc7ad9e2acb918c94ef42d3746cb618e887b88c08f463df636c5f383c35cf03230e9546b86ca698768e1cdbc69ccc5520617bcbb23ca727a722b2fbbc1108b0a8b4beddab361096ef7476237a83bbf954f303395fcfbd6a56ca766e6c5f951c143a48f911cb0e5e95f2526b744749bc6bb00049f0b736107a52d1aaa6ebdb527b0f97b3883e408b8bc5d46ffb77ee2e442b278318ac9055024c18ff855ff2d0e83f30f3febed85f965b0203010001a381b13081ae300c0603551d130101ff04023000301f0603551d230418301680140af983085aad17def1ef0645488b461027e78cb6303606082b06010505070101042a3028302606082b06010505073001861a687474703a2f2f76612e747275657069632e636f6d2f6f63737030160603551d250101ff040c300a06082b06010505070308301d0603551d0e041604148ef7c0a2beecf1c78a6f5e5d15d0496dcf4edd54300e0603551d0f0101ff0404030205a0300d06092a864886f70d01010c0500038202010026b996e61fc6b5317c4a3f490b87935c310823c1a6e3328e53af5bba7fcbfab98b25257bbe3a852b186faf00c619496bbd596625449898fe13721b4d0a8e00b57bd9e04f0a0ac635abe8bfc1772712b607b1236cdc0061661f9b428fa57b5717733de7d896ebc3e41770155bc894c21b0b73c06b623d6a4fe5a8ded14820bb7f495d93e70c2163a9f92fe5b6ddc8890e9ee27d96eb01ec3c5dcb5672a3caf5f0e50c9981ab8bf271f58ed92985607c804cad6c4b07bb4e3e46514a36199803e124632735488428bd25570d89948476ddca9ed60cd7ed54d522c00697f3d7e9ccad5f49bfd15e188810c7f1af77e28a27c6c1570beaef5bf89f828cd237f4deca5f911012d16e841228a5f5ddecf918abb19a18b96edf7a6df87aa542852d7bfe9cb5c13009dedce874d95aa48b0aca871b039fa2d4d484b41913a3ae39c0ff9f719d89401da0005038b4c114f16b16624cd5139b76432f043cd9a0ca5b920aa25854c46b1c147c5556e9b5bde5ef70eae0e951e462fb838a72d6e9308a074d1a36f2e774975443f24bb5575bb722ec99f4516d40f78f2318da7742eb533c302afce79e8f1a8a38c980296dee0a9a968ec57bcb85e2ca76df2cdc0f1c0e1fdcc22897c35c7677a278ffa700035ee27050aee561be54c421744cfcb290ccbeba3777f6feff025d0073011f99ffd34c1884c71134e0b8a79ac36fd3b6a9c8df1cf3318203d7308203d3020101305f30473117301506035504030c0e54696d657374616d70696e674341310d300b060355040b0c044c656e733110300e060355040a0c0754727565706963310b30090603550406130255530214638222df041d7da5d1febfae99c11634265c5d64300b0609608648016503040202a082014b301a06092a864886f70d010903310d060b2a864886f70d0109100104301c06092a864886f70d010905310f170d3233303831303136333933325a302b06092a864886f70d010934311e301c300b0609608648016503040202a10d06092a864886f70d01010c0500303f06092a864886f70d01090431320430c4e8852fb7bf50f5a46ef9ff3947a053687aeb97ec6e035e7191a8b4cd7da015859bd97cc5885ddbc37c57e6df115d213081a0060b2a864886f70d010910022f31819030818d30818a30818704208cae605f0a42219b8931c11b32de765ec3fa008c9bec693d5be6649e1086a9773063304ba44930473117301506035504030c0e54696d657374616d70696e674341310d300b060355040b0c044c656e733110300e060355040a0c0754727565706963310b30090603550406130255530214638222df041d7da5d1febfae99c11634265c5d64300d06092a864886f70d01010c05000482020093687093bde9d038df1095630a5726c29e64e706653912df5cb4fe612d469f53270ce36083af0a7a24d984104b7c45cc57fd2c6b752c4d8297ed6820b0b87ae50fa15bacbdabb2a77360e4b0b1d736d81d1da86476067d0a51c111007a2337ab5dcad3f58816f103b649ba0d60bdce776b738454b8aa28671d9d9ca9d50a01088d32b6d89595d0a6b27ac57b966dcf3b8972bde10df822404b9111e1e13a6cb9562e2c0f341196429547b674a1f466b865a653726fb0f15058d118e9077e4450bd5b7d91a3d9b39c47a37ae51a44e33f7ed4d1b1ed9fda4f54211db487075c2192e08f95b1eab33e10da810930045bb42213dad57d58d88283eace2558788340e47a6bf47ccf8b4d89ba37b4869b305ce39a5c26a887facea12f60c894efd5658d746dcd57740081dc083ad6e9e81c0c9e1aea431d80dff013acdce55dc13007d06332bb2ad683812a14a09f57c817d48866c0273b050d74fc10925bb0d11453049c605a26e04c2304a89b728de3875e7a681bd833a1f24cc77b89576ed2066727e46c7299a0f7ce63c64878fb3dc9cebe39a90dab57c7350f7190c770cb2f73d85ecbb86c7c8ad311d403526749eef7573f8ee5f936c67764fe8e2ad340901fb495328af34b20c78140f47bf467efb89bffe29037f4a5a3d7c1b51de445fd5fd10e90488a6ab2bf40324210e51e85f0dd56c31a8dab1005ecdb307d92557052" | xxd -r -p)
Using configuration from /opt/homebrew/etc/openssl@3/openssl.cnf
Status info:
Status: Granted.
Status description: unspecified
Failure info: unspecified
TST info:
Version: 1
Policy OID: 1.3.6.1.4.1.22408.1.2.3.45
Hash Algorithm: sha384
Message data:
0000 - 73 be 08 e3 95 8e 5e 95-1c 15 66 90 4a e5 a1 9a s.....^...f.J...
0010 - 84 aa 91 a7 6e 8e 55 6f-9d 13 06 4a ac 6d bb 89 ....n.Uo...J.m..
0020 - 3c b3 1e ba 99 cf 1b 36-9a 8f 57 56 35 5c ea 8f <......6..WV5\..
Serial number: 0x7A0C4D7D8D24EDA45FCDF5870E287418
Time stamp: Aug 10 16:39:32 2023 GMT
Accuracy: unspecified seconds, 0x01F4 millis, unspecified micros
Ordering: no
Nonce: unspecified
TSA: DirName:/C=US/O=Truepic/OU=Lens/CN=Truepic Lens Time-Stamping Authority
Extensions:
Examine the Sig_structure
Sig_structureThis structure is made up of many of the same parts as the COSE_Sign1_Tagged structure:
$ xxd -p signature_structure.bin | cbor-diag
[
"Signature1",
h'a2012618215901523082014e3081f4020101300a06082a8648ce3d0403023033310b30090603550406130255533110300e060355040a0c07547275657069633112301006035504030c096c6f63616c686f7374301e170d3232303130333232353535315a170d3232303431333232353535315a3033310b30090603550406130255533110300e060355040a0c07547275657069633112301006035504030c096c6f63616c686f73743059301306072a8648ce3d020106082a8648ce3d030107034200045efc002e9b884121735c4657e72a7da9a7708247d5c24b144e3aef5da2a068d4dcb34964d9a3f0bf3f0942ba7da65e07dfe02555e04f8b47eafce63973624faa300a06082a8648ce3d04030203490030460221009a64e5c2647505c803f59dbdf4abeca5f1829edbb8e371e5f7ef0164720cc37f022100b71de09745fbaf1569a02f1f1fc52d02c46848029315ba907cb92e6f0b2d7646',
h'',
h'a863616c67667368613235366a617373657274696f6e7382a363616c676673686132353664686173685820d5cc63e54d5e88a9c5ae31cbfc6671307a4de3a5d9f87622070997007232a1af6375726c786e73656c66236a756d62663d2f633270612f636f6d2e747275657069633a75726e3a757569643a39663963653666642d636331312d343732642d393165392d6631383231633237393535632f633270612e617373657274696f6e732f636f6d2e747275657069632e6c696263327061a363616c67667368613235366468617368582025b396aaa3c2969b44d981acadf2f818ac60b853848eb93f1edf5454b77a23636375726c786973656c66236a756d62663d2f633270612f636f6d2e747275657069633a75726e3a757569643a39663963653666642d636331312d343732642d393165392d6631383231633237393535632f633270612e617373657274696f6e732f633270612e686173682e646174616f636c61696d5f67656e657261746f72782342756c6b5f433250415f546f6f6c2f302e312e32206c6962633270612f332e312e333674636c61696d5f67656e657261746f725f696e666f81a2646e616d656e42756c6b204332504120546f6f6c6776657273696f6e65302e312e326964633a666f726d61746a696d6167652f6a7065676864633a7469746c65606a696e7374616e6365494460697369676e6174757265785973656c66236a756d62663d2f633270612f636f6d2e747275657069633a75726e3a757569643a39663963653666642d636331312d343732642d393165392d6631383231633237393535632f633270612e7369676e6174757265',
]
This contains:
context- AlwaysSignature1.body_protected- The same as theprotectedfield in theCOSE_Sign1_Taggedstructure.external_aad- Always empty.payload- This is the C2PA Claim structure.
The Claim can be examined:
$ echo "a863616c67667368613235366a617373657274696f6e7382a363616c676673686132353664686173685820d5cc63e54d5e88a9c5ae31cbfc6671307a4de3a5d9f87622070997007232a1af6375726c786e73656c66236a756d62663d2f633270612f636f6d2e747275657069633a75726e3a757569643a39663963653666642d636331312d343732642d393165392d6631383231633237393535632f633270612e617373657274696f6e732f636f6d2e747275657069632e6c696263327061a363616c67667368613235366468617368582025b396aaa3c2969b44d981acadf2f818ac60b853848eb93f1edf5454b77a23636375726c786973656c66236a756d62663d2f633270612f636f6d2e747275657069633a75726e3a757569643a39663963653666642d636331312d343732642d393165392d6631383231633237393535632f633270612e617373657274696f6e732f633270612e686173682e646174616f636c61696d5f67656e657261746f72782342756c6b5f433250415f546f6f6c2f302e312e32206c6962633270612f332e312e333674636c61696d5f67656e657261746f725f696e666f81a2646e616d656e42756c6b204332504120546f6f6c6776657273696f6e65302e312e326964633a666f726d61746a696d6167652f6a7065676864633a7469746c65606a696e7374616e6365494460697369676e6174757265785973656c66236a756d62663d2f633270612f636f6d2e747275657069633a75726e3a757569643a39663963653666642d636331312d343732642d393165392d6631383231633237393535632f633270612e7369676e6174757265" | cbor-di
ag
{
"alg": "sha256",
"assertions": [
{
"alg": "sha256",
"hash": h'd5cc63e54d5e88a9c5ae31cbfc6671307a4de3a5d9f87622070997007232a1af',
"url": "self#jumbf=/c2pa/com.truepic:urn:uuid:9f9ce6fd-cc11-472d-91e9-f1821c27955c/c2pa.assertions/com.truepic.libc2pa",
},
{
"alg": "sha256",
"hash": h'25b396aaa3c2969b44d981acadf2f818ac60b853848eb93f1edf5454b77a2363',
"url": "self#jumbf=/c2pa/com.truepic:urn:uuid:9f9ce6fd-cc11-472d-91e9-f1821c27955c/c2pa.assertions/c2pa.hash.data",
},
],
"claim_generator": "Bulk_C2PA_Tool/0.1.2 libc2pa/3.1.36",
"claim_generator_info": [{"name": "Bulk C2PA Tool", "version": "0.1.2"}],
"dc:format": "image/jpeg",
"dc:title": "",
"instanceID": "",
"signature": "self#jumbf=/c2pa/com.truepic:urn:uuid:9f9ce6fd-cc11-472d-91e9-f1821c27955c/c2pa.signature",
}
You can see that this structure has the same two assertions (com.truepic.libc2pa and c2pa.hash.data) as shown in the C2PA_DEBUG_BOXES output in the previous section.
Verify the signature
You can extract the public key from the certificate:
$ openssl x509 -inform DER -pubkey -noout -in <(echo "3082014e3081f4020101300a06082a8648ce3d0403023033310b30090603550406130255533110300e060355040a0c07547275657069633112301006035504030c096c6f63616c686f7374301e170d3232303130333232353535315a170d3232303431333232353535315a3033310b30090603550406130255533110300e060355040a0c07547275657069633112301006035504030c096c6f63616c686f73743059301306072a8648ce3d020106082a8648ce3d030107034200045efc002e9b884121735c4657e72a7da9a7708247d5c24b144e3aef5da2a068d4dcb34964d9a3f0bf3f0942ba7da65e07dfe02555e04f8b47eafce63973624faa300a06082a8648ce3d04030203490030460221009a64e5c2647505c803f59dbdf4abeca5f1829edbb8e371e5f7ef0164720cc37f022100b71de09745fbaf1569a02f1f1fc52d02c46848029315ba907cb92e6f0b2d7646" | xxd -r -p) | tee pubkey.pem
-----BEGIN PUBLIC KEY-----
MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEXvwALpuIQSFzXEZX5yp9qadwgkfV
wksUTjrvXaKgaNTcs0lk2aPwvz8JQrp9pl4H3+AlVeBPi0fq/OY5c2JPqg==
-----END PUBLIC KEY-----
Then you can use that public key to check the signature. Unfortunately, the ECDSA signature is a 64-byte r + s concatenated value in the C2PA signature, but the openssl tool expects the r and s values to be in a DER-encoded SEQUENCE. So we will need to do that first:
$ openssl asn1parse -genconf <(echo "asn1=SEQUENCE:ecdsa_signature\n\n[ecdsa_signature]\nfield1=INTEGER:0x$(xxd -p -c 32 signature_digest.bin | head -n 1)\nfield2=INTEGER:0x$(xxd -p -c 32 signature_digest.bin | tail -n 1)\n") -out signature_digest.der
0:d=0 hl=2 l= 68 cons: SEQUENCE
2:d=1 hl=2 l= 32 prim: INTEGER :116FC947A4087B922441F7716F4391390FCC3F032847A46BCDCCF7CF1C0A8324
36:d=1 hl=2 l= 32 prim: INTEGER :6A64296890A834C794DCA521465476FA4FECA23C0B92A77E5334878F95EA16B9
Now we can verify our signature:
$ openssl dgst -sha256 -verify pubkey.pem -signature signature_digest.der signature_structure.bin
Verified OK
Updated 21 days ago