feat(sdk): Introduce new API to retrieve raw JUMBF manifest from C2paReader

[magaylor]

Adding an API to the Reader that allows clients to extract the RAW JUMBF Manifest from an asset.

This has been a feature I've been talking to @mauricefisher64 about for a month or two now. It's my understanding that contentauth is tracking this item, but internal Microsoft teams are beginning to become blocked on it not existing.

We are working on adding manifestData to ingredient assertions and have no clean way, without 3p tools, to get the Raw JUMBF manifest from the file.

Changes in this pull request

Adding raw jumbf method to the reader and exposing it to the bindings code.

Checklist

• This PR represents a single feature, fix, or change.
• All applicable changes have been documented.
• Any TO DO items (or similar) have been entered as GitHub issues and the link to that issue has been included in a comment.

[codspeed-hq]

CodSpeed Performance Report

Merging #1625 will not alter performance

_{Comparing magaylor:user/magaylor/20251120_add_raw_jumbf_extraction_to_reader (70409bf) with main (352a968)}

Summary

✅ 16 untouched
⏩ 2 skipped¹

Footnotes

1. 2 benchmarks were skipped, so the baseline results were used instead. If they were deleted from the codebase, click here and archive them to remove them from the performance reports. ↩

[tmathern]

(@magaylor I merged in latest changes to re-run tests with latest main)

[gpeacock]

Please explain the workflow you want to achieve. Are you trying to save pre-validated ingredient and add them to manifests later?

The right way is to add the ingredient to a Builder and then archive the builder until you need it. You then have two options, either reconstruct the builder using Builder::from_archive or you can add the archived builder as an ingredient using builder.add_ingredient_from_stream(). In this case, you can use the format "application/c2pa" and the parent ingredient in the archive will be added as the ingredient.

We are changing the format of archived builders to be a single application/c2pa (.c2pa) asset instead of a zipped folder archive.

[gpeacock]

It sounds like you want this to reconstruct an ingredient, but there are other ways to do that which are much safer and will add ingredients correctly. What exactly is the workflow you need here?

[magaylor]

@gpeacock sorry for the delayed response.

Our workflow is the predicament where we are building an asset off of a handful of other c2pa signed assets that we perhaps did not sign ourselves. We want to be able to use the C2paReader to extract both the Validation Results and the Raw Manifest in order to add them as manifestData to the ingredients we are creating. I have been unable to find another way to do this in the SDK and when I asked about it a few months ago I was told that 3P tools were used internally to grab manifests for those scenarios.