Spaces:
Running
on
T4
Running
on
T4
updates
Browse files- main.py +6 -5
- scripts/sign.sh +5 -4
- scripts/verify.sh +8 -5
- static/index.html +2 -2
- static/style.css +5 -0
main.py
CHANGED
|
@@ -60,6 +60,7 @@ def generate_image(prompt, model):
|
|
| 60 |
[
|
| 61 |
"./scripts/sign.sh",
|
| 62 |
filename,
|
|
|
|
| 63 |
"--assertions-inline",
|
| 64 |
json_object
|
| 65 |
]
|
|
@@ -68,7 +69,7 @@ def generate_image(prompt, model):
|
|
| 68 |
subprocess.check_output(
|
| 69 |
[
|
| 70 |
"cp",
|
| 71 |
-
|
| 72 |
"static/" + filename,
|
| 73 |
]
|
| 74 |
)
|
|
@@ -81,7 +82,6 @@ def verify_image(fileUpload: UploadFile):
|
|
| 81 |
logging.warning("in verify")
|
| 82 |
logging.warning(fileUpload.filename)
|
| 83 |
|
| 84 |
-
|
| 85 |
# check if the file has been uploaded
|
| 86 |
if fileUpload.filename:
|
| 87 |
# strip the leading path from the file name
|
|
@@ -90,10 +90,14 @@ def verify_image(fileUpload: UploadFile):
|
|
| 90 |
# open read and write the file into the server
|
| 91 |
open(fn, "wb").write(fileUpload.file.read())
|
| 92 |
|
|
|
|
|
|
|
|
|
|
| 93 |
response = subprocess.check_output(
|
| 94 |
[
|
| 95 |
"./scripts/verify.sh",
|
| 96 |
fileUpload.filename,
|
|
|
|
| 97 |
]
|
| 98 |
)
|
| 99 |
|
|
@@ -114,9 +118,6 @@ def verify_image(fileUpload: UploadFile):
|
|
| 114 |
original_media = original_media[1].strip(" ").strip("'")
|
| 115 |
|
| 116 |
if c2pa == 'true':
|
| 117 |
-
fileupload_extension = file_extension(fileUpload.filename)
|
| 118 |
-
filename = str(uuid.uuid4()) + "." + fileupload_extension
|
| 119 |
-
|
| 120 |
response = subprocess.check_output(
|
| 121 |
[
|
| 122 |
"cp",
|
|
|
|
| 60 |
[
|
| 61 |
"./scripts/sign.sh",
|
| 62 |
filename,
|
| 63 |
+
filename,
|
| 64 |
"--assertions-inline",
|
| 65 |
json_object
|
| 66 |
]
|
|
|
|
| 69 |
subprocess.check_output(
|
| 70 |
[
|
| 71 |
"cp",
|
| 72 |
+
filename,
|
| 73 |
"static/" + filename,
|
| 74 |
]
|
| 75 |
)
|
|
|
|
| 82 |
logging.warning("in verify")
|
| 83 |
logging.warning(fileUpload.filename)
|
| 84 |
|
|
|
|
| 85 |
# check if the file has been uploaded
|
| 86 |
if fileUpload.filename:
|
| 87 |
# strip the leading path from the file name
|
|
|
|
| 90 |
# open read and write the file into the server
|
| 91 |
open(fn, "wb").write(fileUpload.file.read())
|
| 92 |
|
| 93 |
+
fileupload_extension = file_extension(fileUpload.filename)
|
| 94 |
+
filename = str(uuid.uuid4()) + "." + fileupload_extension
|
| 95 |
+
|
| 96 |
response = subprocess.check_output(
|
| 97 |
[
|
| 98 |
"./scripts/verify.sh",
|
| 99 |
fileUpload.filename,
|
| 100 |
+
filename
|
| 101 |
]
|
| 102 |
)
|
| 103 |
|
|
|
|
| 118 |
original_media = original_media[1].strip(" ").strip("'")
|
| 119 |
|
| 120 |
if c2pa == 'true':
|
|
|
|
|
|
|
|
|
|
| 121 |
response = subprocess.check_output(
|
| 122 |
[
|
| 123 |
"cp",
|
scripts/sign.sh
CHANGED
|
@@ -12,8 +12,9 @@ debug_echo() {
|
|
| 12 |
fi
|
| 13 |
}
|
| 14 |
|
| 15 |
-
|
| 16 |
MEDIA_FILE=$(readlink -f "$1")
|
|
|
|
|
|
|
| 17 |
shift
|
| 18 |
|
| 19 |
TRUEPIC_CLI=/home/user/app/truepic
|
|
@@ -128,7 +129,7 @@ debug_echo
|
|
| 128 |
debug_echo -n "Re-signing the watermarked media..."
|
| 129 |
${TRUEPIC_CLI} sign --profile steg ${watermarked_image} \
|
| 130 |
--ingredient-manifest-store ${no_watermark_manifest} \
|
| 131 |
-
--output
|
| 132 |
--assertions-inline '{
|
| 133 |
"assertions": [
|
| 134 |
{
|
|
@@ -148,13 +149,13 @@ ${TRUEPIC_CLI} sign --profile steg ${watermarked_image} \
|
|
| 148 |
}
|
| 149 |
]
|
| 150 |
}' > /dev/null 2>&1
|
| 151 |
-
debug_echo " -->
|
| 152 |
rm -f ${no_watermark_manifest}
|
| 153 |
|
| 154 |
debug_echo
|
| 155 |
debug_echo -n "Extracting new manifest..."
|
| 156 |
with_watermark_manifest=$(mktemp).bin
|
| 157 |
-
${TRUEPIC_CLI} manifest extract
|
| 158 |
debug_echo " --> ${with_watermark_manifest}"
|
| 159 |
|
| 160 |
debug_echo
|
|
|
|
| 12 |
fi
|
| 13 |
}
|
| 14 |
|
|
|
|
| 15 |
MEDIA_FILE=$(readlink -f "$1")
|
| 16 |
+
OUTPUT_FILE=$2
|
| 17 |
+
shift
|
| 18 |
shift
|
| 19 |
|
| 20 |
TRUEPIC_CLI=/home/user/app/truepic
|
|
|
|
| 129 |
debug_echo -n "Re-signing the watermarked media..."
|
| 130 |
${TRUEPIC_CLI} sign --profile steg ${watermarked_image} \
|
| 131 |
--ingredient-manifest-store ${no_watermark_manifest} \
|
| 132 |
+
--output "${OUTPUT_FILE}" \
|
| 133 |
--assertions-inline '{
|
| 134 |
"assertions": [
|
| 135 |
{
|
|
|
|
| 149 |
}
|
| 150 |
]
|
| 151 |
}' > /dev/null 2>&1
|
| 152 |
+
debug_echo " --> ${OUTPUT_FILE}"
|
| 153 |
rm -f ${no_watermark_manifest}
|
| 154 |
|
| 155 |
debug_echo
|
| 156 |
debug_echo -n "Extracting new manifest..."
|
| 157 |
with_watermark_manifest=$(mktemp).bin
|
| 158 |
+
${TRUEPIC_CLI} manifest extract "${OUTPUT_FILE}" --output ${with_watermark_manifest} > /dev/null 2>&1
|
| 159 |
debug_echo " --> ${with_watermark_manifest}"
|
| 160 |
|
| 161 |
debug_echo
|
scripts/verify.sh
CHANGED
|
@@ -13,6 +13,7 @@ debug_echo() {
|
|
| 13 |
}
|
| 14 |
|
| 15 |
MEDIA_FILE=$(readlink -f "$1")
|
|
|
|
| 16 |
|
| 17 |
TRUEPIC_CLI=/home/user/app/truepic
|
| 18 |
STEG_SCRIPTS=/home/user/app/scripts/
|
|
@@ -123,14 +124,14 @@ debug_echo " --> ${downloaded_manifest}"
|
|
| 123 |
|
| 124 |
debug_echo
|
| 125 |
debug_echo -n "Inserting new manifest into media file..."
|
| 126 |
-
${TRUEPIC_CLI} manifest insert ${downloaded_manifest} ${downloaded_original} --output
|
| 127 |
-
debug_echo " -->
|
| 128 |
rm -f ${downloaded_original}
|
| 129 |
rm -f ${downloaded_manifest}
|
| 130 |
|
| 131 |
debug_echo
|
| 132 |
debug_echo "Checking the manifest."
|
| 133 |
-
verification_json=$(${TRUEPIC_CLI} verify
|
| 134 |
|
| 135 |
hash_status=$(
|
| 136 |
echo "${verification_json}" | \
|
|
@@ -162,12 +163,14 @@ public_key=$(
|
|
| 162 |
)
|
| 163 |
|
| 164 |
debug_echo -n "Checking watermark signature... ${thumbnail_hash}|${timestamp} ... ${watermark_signature} ..."
|
|
|
|
| 165 |
signature_verification=$(
|
| 166 |
openssl dgst -sha256 \
|
| 167 |
-verify <(echo "${public_key}") \
|
| 168 |
-signature <(echo "${watermark_signature}" | base64 -d) \
|
| 169 |
<(echo "${thumbnail_hash}|${timestamp}")
|
| 170 |
)
|
|
|
|
| 171 |
|
| 172 |
if [ "${signature_verification}" != "Verified OK" ]; then
|
| 173 |
debug_echo " FAILED"
|
|
@@ -183,8 +186,8 @@ if [ "$hash_status" = "VALID" ]; then
|
|
| 183 |
|
| 184 |
echo "Contains C2PA manifest: ${c2pa_manifest_found}"
|
| 185 |
echo "Contains watermark: true"
|
| 186 |
-
echo "Original watermarked media:
|
| 187 |
exit 0
|
| 188 |
fi
|
| 189 |
debug_echo " hashes DON'T match!"
|
| 190 |
-
rm -f
|
|
|
|
| 13 |
}
|
| 14 |
|
| 15 |
MEDIA_FILE=$(readlink -f "$1")
|
| 16 |
+
OUTPUT_FILE=$2
|
| 17 |
|
| 18 |
TRUEPIC_CLI=/home/user/app/truepic
|
| 19 |
STEG_SCRIPTS=/home/user/app/scripts/
|
|
|
|
| 124 |
|
| 125 |
debug_echo
|
| 126 |
debug_echo -n "Inserting new manifest into media file..."
|
| 127 |
+
${TRUEPIC_CLI} manifest insert ${downloaded_manifest} ${downloaded_original} --output "${OUTPUT_FILE}" > /dev/null 2>&1
|
| 128 |
+
debug_echo " --> ${OUTPUT_FILE}"
|
| 129 |
rm -f ${downloaded_original}
|
| 130 |
rm -f ${downloaded_manifest}
|
| 131 |
|
| 132 |
debug_echo
|
| 133 |
debug_echo "Checking the manifest."
|
| 134 |
+
verification_json=$(${TRUEPIC_CLI} verify "${OUTPUT_FILE}")
|
| 135 |
|
| 136 |
hash_status=$(
|
| 137 |
echo "${verification_json}" | \
|
|
|
|
| 163 |
)
|
| 164 |
|
| 165 |
debug_echo -n "Checking watermark signature... ${thumbnail_hash}|${timestamp} ... ${watermark_signature} ..."
|
| 166 |
+
set +e
|
| 167 |
signature_verification=$(
|
| 168 |
openssl dgst -sha256 \
|
| 169 |
-verify <(echo "${public_key}") \
|
| 170 |
-signature <(echo "${watermark_signature}" | base64 -d) \
|
| 171 |
<(echo "${thumbnail_hash}|${timestamp}")
|
| 172 |
)
|
| 173 |
+
set -e
|
| 174 |
|
| 175 |
if [ "${signature_verification}" != "Verified OK" ]; then
|
| 176 |
debug_echo " FAILED"
|
|
|
|
| 186 |
|
| 187 |
echo "Contains C2PA manifest: ${c2pa_manifest_found}"
|
| 188 |
echo "Contains watermark: true"
|
| 189 |
+
echo "Original watermarked media: ${OUTPUT_FILE}"
|
| 190 |
exit 0
|
| 191 |
fi
|
| 192 |
debug_echo " hashes DON'T match!"
|
| 193 |
+
rm -f "${OUTPUT_FILE}"
|
static/index.html
CHANGED
|
@@ -89,8 +89,8 @@
|
|
| 89 |
<div class="alert alert-secondary action-menu" role="alert">
|
| 90 |
<div class="row">
|
| 91 |
<div class="col">
|
| 92 |
-
<p><strong>Non consectetur erat in non et in?</strong></p>
|
| 93 |
-
<p>Ornare a est accumsan et platea quis rhoncus.</p>
|
| 94 |
</div>
|
| 95 |
<div class="col flex-grow-0">
|
| 96 |
<a id="download-button" class="btn btn-outline-primary"
|
|
|
|
| 89 |
<div class="alert alert-secondary action-menu" role="alert">
|
| 90 |
<div class="row">
|
| 91 |
<div class="col">
|
| 92 |
+
<p class="mb-0"><strong>Non consectetur erat in non et in?</strong></p>
|
| 93 |
+
<p class="mb-0">Ornare a est accumsan et platea quis rhoncus.</p>
|
| 94 |
</div>
|
| 95 |
<div class="col flex-grow-0">
|
| 96 |
<a id="download-button" class="btn btn-outline-primary"
|
static/style.css
CHANGED
|
@@ -156,6 +156,11 @@ img.thumbnail {
|
|
| 156 |
|
| 157 |
.action-menu {
|
| 158 |
display: none;
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 159 |
}
|
| 160 |
|
| 161 |
.action-menu button,
|
|
|
|
| 156 |
|
| 157 |
.action-menu {
|
| 158 |
display: none;
|
| 159 |
+
margin: 2rem 2rem 0 0;
|
| 160 |
+
}
|
| 161 |
+
|
| 162 |
+
.action-menu .row {
|
| 163 |
+
align-items: center;
|
| 164 |
}
|
| 165 |
|
| 166 |
.action-menu button,
|