chore: Enable sync CAWG validation#2120
Merged
Merged
Conversation
Merging this PR will not alter performance
Comparing 
Footnotes
|
tmathern
approved these changes
May 8, 2026
Sync and async paths in validate_partial_claim now run equivalently, so callers no longer need to call post_validate_async / CawgValidator as a separate step after loading a Reader. Removes the post_validate wrapper from c2pa_c_ffi, the validate_cawg helper from c2patool, and the manual post_validate_async call from the SDK integration test. Adds fn check_signature (sync) alongside the renamed async fn check_signature_async on SignatureVerifier and all implementations (IcaSignatureVerifier, X509SignatureVerifier, BuiltInSignatureVerifier, NaiveSignatureVerifier). IcaSignatureVerifier uses async_generic to unify the two check_issuer_signature variants; did:web is sync-guarded. Tests that need raw CBOR access use read_manifest with decode_identity_assertions=false.
Codecov Report❌ Patch coverage is Additional details and impacted files@@ Coverage Diff @@
## main #2120 +/- ##
========================================
Coverage 78.28% 78.28%
========================================
Files 177 177
Lines 45599 45735 +136
========================================
+ Hits 35695 35805 +110
- Misses 9904 9930 +26 ☔ View full report in Codecov by Sentry. 🚀 New features to boost your workflow:
|
gpeacock
changed the title
3 tasks
Contributor
|
For even more improvements, please consider: #2152 (Other topic, other PR). |
scouten-adobe
approved these changes
May 15, 2026
Collaborator
scouten-adobe
left a comment
scouten-adobe
left a comment
There was a problem hiding this comment.
This looks really good. Thank you!
scouten-adobe
changed the title
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
We currently will auto validate CAWG identity when the verify apis are called async, but not when they are called synchronously (it silently logs a warning and skips validation).
This allows cawg verification in sync calls by default. Identity validation can be disabled with a setting.
c_ffi no longer needs a tokio runtime to block on async validation.