[1.7] - Updates from CBOM working group #657
Draft
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Signed-off-by: Steve Springett <[email protected]>
- Adds a few more algorithm - Converts urls to standards to doi links, where available. - Checks if urls work Signed-off-by: Basil Hess <[email protected]>
Signed-off-by: Basil Hess <[email protected]>
- Adds a few more algorithm - Converts urls to standards to doi links, where available. - Checks if urls work ---- TODO / progress - [x] JSON schema - [ ] XML schema - [ ] ProtoBugf schema <!-- Thank you for taking the time to develop and contribute a core enhancement or fix for a defect! We kindly request that you create pull requests only for things that have been discussed in a ticket first; exceptions may be made for spelling or grammar fixes. Read more about the process here: https://cyclonedx.org/participate/standardization-process/#working-model Please have the related ticket/issue ID ready. If there is none, feel free to create a new ticket: https://github.com/CycloneDX/specification/issues/new/choose --> <!-- Please provide a brief description of what this pull request intends to do and which ticket it fixes/closes. Example: > As discussed in ticket #485, this PR adds Streebog to the hash algorithm enum. > > fixes #485 In case this is for a spelling or grammar improvement, please provide a brief description. Example: > Fixe typo: color(AE) -> colour(BE) -->
Signed-off-by: Basil Hess <[email protected]>
- Changes schma for crypto-defs to allow different variant patterns corresponding to different primitives - Adds "key-wrap" as a new primitive Signed-off-by: Basil Hess <[email protected]>
Signed-off-by: Basil Hess <[email protected]>
- Extends cryptography-defs.json list with algorithms from PKCS11 - Changes schma for crypto-defs to allow different variant patterns corresponding to different primitives - Adds "key-wrap" as a new primitive
Signed-off-by: Nicklas Körtge <[email protected]>
{placeholder} -> required parameter with placeholder
(option1|option2) -> required parameter with fixed alternatives
[parameter] -> optional parameter
[-{placeholder}] -> optional paremeter with literal separator
Signed-off-by: Basil Hess <[email protected]>
Signed-off-by: Basil Hess <[email protected]>
…phy-defs.schema.json
This PR will add a python script that can be used to generate an enum-object for the cyclonedx json schema that reflects algorithm families defined in `cryptography-defs.json`.
The following rules apply for the patterns:
{placeholder} -> required parameter with placeholder
(option1|option2) -> required parameter with fixed alternatives
[parameter] -> optional parameter
[-{placeholder}] -> optional parameter with literal separator
<!--
Thank you for taking the time to develop and contribute a core
enhancement or fix for a defect!
We kindly request that you create pull requests only for things that
have been discussed in a ticket first; exceptions may be made for
spelling or grammar fixes.
Read more about the process here:
https://cyclonedx.org/participate/standardization-process/#working-model
Please have the related ticket/issue ID ready.
If there is none, feel free to create a new ticket:
https://github.com/CycloneDX/specification/issues/new/choose
-->
<!--
Please provide a brief description of what this pull request intends to
do and which ticket it fixes/closes.
Example:
> As discussed in ticket #485, this PR adds Streebog to the hash
algorithm enum.
>
> fixes #485
In case this is for a spelling or grammar improvement, please provide a
brief description.
Example:
> Fixe typo: color(AE) -> colour(BE)
-->
Signed-off-by: Steve Springett <[email protected]>
Signed-off-by: Steve Springett <[email protected]>
Signed-off-by: Steve Springett <[email protected]>
Signed-off-by: Steve Springett <[email protected]>
Signed-off-by: Steve Springett <[email protected]>
Signed-off-by: Nicklas Körtge <[email protected]>
Signed-off-by: Nicklas Körtge <[email protected]>
It looks like we missed some key changes from the `1.7-dev-cryptography` branch. This PR will put them back in. Thanks @JoeyLupo for pointing that out!
jkowalleck
changed the title
Signed-off-by: steve.springett <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
The cryptography working group has received feedback from real-world usage and have made some minor enhancements to the CBOM specificaiton.
Closes #569
TODO/DONE