npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

@binlebin/c2pa-ssl

v1.1.4

Published

Node.js wrapper for C2PA content authentication using Rust CLI backend

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

binlebinbinlebin

Keywords

c2pacontent-authenticationdigital-signaturesprovenanceclirustopensslfirebase-functions

Readme

C2PA SSL - Content Authentication Service

A Node.js wrapper for C2PA (Coalition for Content Provenance and Authenticity) content signing using a Rust CLI backend.

Architecture

This package uses a CLI-based architecture for optimal performance:

  • Rust CLI Binary: Fast, native C2PA signing tool
  • Node.js Wrapper: Simple interface for certificate management and CLI execution
  • Direct File Processing: No HTTP overhead, direct file-to-file signing

Platform Support

Currently Supported:

  • ✅ macOS (darwin) - Native binary included
  • ✅ Linux (x86_64) - Cross-compiled binary via Docker

Not Yet Supported:

  • ❌ Windows (requires cross-compilation setup)

Note: Linux support was added via Docker cross-compilation. The Linux binary is compatible with Firebase Functions and other Linux environments.

Installation

npm install @binlebin/c2pa-ssl

Environment Variables

# Required: Your private key content
export C2PA_PRIVATE_KEY="-----BEGIN PRIVATE KEY-----
...your private key content...
-----END PRIVATE KEY-----"

Usage

Basic Usage

const C2PAService = require("@binlebin/c2pa-ssl");

async function signContent() {
  const service = new C2PAService();

  try {
    // Initialize service (sets up certificates)
    await service.start();

    // Sign a file
    const result = await service.signFile(
      "input.jpg",
      "signed_output.jpg",
      {
        title: "My Signed Image",
        description: "Image signed with C2PA",
        author: "Your Name",
      },
    );

    console.log("Signing result:", result);
  } finally {
    // Clean up
    await service.stop();
  }
}

Firebase Functions Integration

import C2PAService = require("@binlebin/c2pa-ssl"); // eslint-disable-line

export const downloadMedia = onCall(async (request) => {
  const c2paService = new C2PAService();
  
  try {
    await c2paService.start();
    
    // Download and sign media
    const tempInput = `/tmp/input_${Date.now()}`;
    const tempOutput = `/tmp/signed_${Date.now()}`;
    
    // ... download logic ...
    
    await c2paService.signFile(tempInput, tempOutput, {
      title: mediaTitle,
      description: mediaDescription,
      author: 'visflow.ai'
    });
    
    // ... upload signed file ...
    
    return { success: true, c2paSigned: true };
  } finally {
    await c2paService.stop();
  }
});

API Reference

Class: C2PAService

Methods

constructor()

Creates a new C2PA service instance.

async start()

Initializes the service by setting up certificates. Must be called before signing files.

Throws:

  • Error if C2PA_PRIVATE_KEY environment variable is not set
  • Error if platform is not supported
  • Error if CLI binary is not found
async stop()

Cleans up temporary files and certificates.

async signFile(inputPath, outputPath, metadata)

Signs a file with C2PA authentication.

Parameters:

  • inputPath (string): Path to input file
  • outputPath (string): Path where signed file will be saved
  • metadata (object): Optional metadata
    • title (string): Content title (default: "Signed Content")
    • description (string): Content description (default: "Content signed with C2PA")
    • author (string): Content author (default: "C2PA-CLI")

Returns: Promise resolving to:

{
  success: boolean,
  message: string,
  stdout: string,
  stderr: string
}

Supported File Formats

Images

  • JPEG/JPG
  • PNG
  • WebP
  • TIFF
  • BMP

Videos

  • MP4
  • MOV (QuickTime)
  • AVI
  • WebM

Audio

  • MP3
  • WAV
  • M4A

Performance

The CLI approach provides excellent performance:

Image Signing

  • Small images (11KB): ~151% size increase
  • Processing time: < 1 second

Video Signing

  • Medium videos (1.2MB): ~1.4% size increase
  • Processing time: < 2 seconds

Testing

# Set up environment
export C2PA_PRIVATE_KEY="$(cat path/to/your/private.key)"

# Run tests
npm test

Development

Building the Rust CLI

For macOS (native):

cd rust-c2pa-service
cargo build --release
cp target/release/c2pa-cli ../c2pa-ssl/bin/

For Linux (via Docker cross-compilation):

cd rust-c2pa-service
docker build -f Dockerfile.linux -t c2pa-cli-linux .
docker create --name temp-container c2pa-cli-linux
docker cp temp-container:/output/c2pa-cli-linux .
docker rm temp-container
cp c2pa-cli-linux ../c2pa-ssl/bin/

Adding Platform Support

To add support for other platforms:

  1. Windows: Set up cross-compilation toolchain or Docker
  2. Update getBinaryPath() method in index.js
  3. Add binary to package.json files array

Error Handling

Common errors and solutions:

Platform Not Supported

Platform 'linux' is not currently supported

Solution: Use macOS or set up cross-compilation

Missing Private Key

C2PA_PRIVATE_KEY environment variable is required

Solution: Set the environment variable with your private key content

Binary Not Found

CLI binary not found at /path/to/binary

Solution: Ensure the binary exists and has execute permissions

License

MIT License - see LICENSE file for details.