From 910a7f88a1511e3339de102201f69066ee4504bb Mon Sep 17 00:00:00 2001 From: Basil Hess Date: Thu, 10 Jul 2025 14:39:23 +0200 Subject: [PATCH 1/2] Update CBOM Algorithm/Dependency/Protocol examples to sync with 1.7 Signed-off-by: Basil Hess --- CBOM/Algorithm/bom.json | 74 +++++++++++++++++++++++-- CBOM/Example-With-Dependencies/bom.json | 5 +- CBOM/Protocol/bom.json | 36 +++++++----- 3 files changed, 92 insertions(+), 23 deletions(-) diff --git a/CBOM/Algorithm/bom.json b/CBOM/Algorithm/bom.json index a125269..d9828fd 100644 --- a/CBOM/Algorithm/bom.json +++ b/CBOM/Algorithm/bom.json @@ -1,10 +1,10 @@ { "bomFormat": "CycloneDX", - "specVersion": "1.6", + "specVersion": "1.7", "serialNumber": "urn:uuid:e8c355aa-2142-4084-a8c7-6d42c8610ba2", "version": 1, "metadata": { - "timestamp": "2024-01-09T12:00:00Z", + "timestamp": "2025-07-09T12:00:00Z", "component": { "type": "application", "name": "my application", @@ -14,10 +14,11 @@ "components": [ { "type": "cryptographic-asset", - "name": "AES-128-GCM", + "name": "AES-128-GCM-128-12", "cryptoProperties": { "assetType": "algorithm", "algorithmProperties": { + "algorithmFamily": "AES", "primitive": "ae", "parameterSetIdentifier": "128", "mode": "gcm", @@ -32,11 +33,12 @@ } }, { - "name": "SHA512withRSA", + "name": "RSA-PKCS1-1.5-SHA512-2048", "type": "cryptographic-asset", "cryptoProperties": { "assetType": "algorithm", "algorithmProperties": { + "algorithmFamily": "RSASSA-PKCS1", "primitive": "signature", "parameterSetIdentifier": "512", "executionEnvironment": "software-plain-ram", @@ -47,6 +49,68 @@ }, "oid": "1.2.840.113549.1.1.13" } + }, + { + "name": "ECDH-secp521r1", + "bom-ref": "ecdhsecp521r1", + "type": "cryptographic-asset", + "cryptoProperties": { + "assetType": "algorithm", + "algorithmProperties": { + "algorithmFamily": "ECDH", + "ellipticCurve": "secg/secp521r1", + "primitive": "key-agree", + "executionEnvironment": "software-plain-ram", + "implementationPlatform": "x86_64", + "certificationLevel": [ "none" ], + "cryptoFunctions": [ "keygen", "keyderive" ], + "nistQuantumSecurityLevel": 0 + }, + "oid": "1.3.132.0.35" + } + }, + { + "name": "ML-KEM-1024", + "bom-ref": "mlkem1024", + "type": "cryptographic-asset", + "cryptoProperties": { + "assetType": "algorithm", + "algorithmProperties": { + "algorithmFamily": "ML-KEM", + "primitive": "kem", + "executionEnvironment": "software-plain-ram", + "implementationPlatform": "x86_64", + "certificationLevel": [ "none" ], + "cryptoFunctions": [ "keygen", "keyderive" ], + "nistQuantumSecurityLevel": 5 + }, + "oid": "2.16.840.1.101.3.4.1.48" + } + }, + { + "name": "draft-ietf-tls-hybrid-design-13", + "bom-ref": "draftietftlshybriddesign13", + "type": "cryptographic-asset", + "cryptoProperties": { + "assetType": "algorithm", + "algorithmProperties": { + "algorithmFamily": "ECDH", + "ellipticCurve": "other/Curve25519", + "primitive": "combiner", + "executionEnvironment": "software-plain-ram", + "implementationPlatform": "x86_64", + "certificationLevel": [ "none" ], + "cryptoFunctions": [ "keygen", "keyderive" ], + "nistQuantumSecurityLevel": 0 + }, + "oid": "1.3.101.110" + } + } + ], + "dependencies": [ + { + "ref": "draftietftlshybriddesign13", + "dependsOn": ["mlkem1024", "ecdhsecp521r1"] } ] -} \ No newline at end of file +} diff --git a/CBOM/Example-With-Dependencies/bom.json b/CBOM/Example-With-Dependencies/bom.json index 53b9145..790d992 100644 --- a/CBOM/Example-With-Dependencies/bom.json +++ b/CBOM/Example-With-Dependencies/bom.json @@ -1,6 +1,6 @@ { "bomFormat": "CycloneDX", - "specVersion": "1.6", + "specVersion": "1.7", "serialNumber": "urn:uuid:3e671687-395b-41f5-a30f-a58921a69b79", "version": 1, "metadata": { @@ -15,12 +15,11 @@ { "type": "cryptographic-asset", "bom-ref": "aes128gcm", - "name": "AES", + "name": "AES-128-GCM-128-12", "cryptoProperties": { "assetType": "algorithm", "algorithmProperties": { "primitive": "ae", - "parameterSetIdentifier": "128", "executionEnvironment": "software-plain-ram", "implementationPlatform": "x86_64", "certificationLevel": [ "none" ], diff --git a/CBOM/Protocol/bom.json b/CBOM/Protocol/bom.json index d2a1643..cbc2103 100644 --- a/CBOM/Protocol/bom.json +++ b/CBOM/Protocol/bom.json @@ -1,10 +1,10 @@ { "bomFormat": "CycloneDX", - "specVersion": "1.6", + "specVersion": "1.7", "serialNumber": "urn:uuid:e8c355aa-2142-4084-a8c7-6d42c8610ba2", "version": 1, "metadata": { - "timestamp": "2024-01-09T12:00:00Z", + "timestamp": "2025-07-09T12:00:00Z", "component": { "type": "application", "name": "my application", @@ -59,17 +59,19 @@ } }, { - "name": "SHA512withRSA", + "name": "RSA-PKCS1-1.5-SHA512", "type": "cryptographic-asset", "bom-ref": "crypto/algorithm/sha-512-rsa@1.2.840.113549.1.1.13", "cryptoProperties": { "assetType": "algorithm", "algorithmProperties": { + "algorithmFamily": "RSASSA-PKCS1", + "primitive": "signature", "parameterSetIdentifier": "512", "executionEnvironment": "software-plain-ram", "implementationPlatform": "x86_64", "certificationLevel": [ "none" ], - "cryptoFunctions": [ "digest" ], + "cryptoFunctions": [ "sign", "verify" ], "nistQuantumSecurityLevel": 0 }, "oid": "1.2.840.113549.1.1.13" @@ -86,7 +88,7 @@ "id": "2e9ef09e-dfac-4526-96b4-d02f31af1b22", "state": "active", "size": 2048, - "algorithmRef": "crypto/algorithm/rsa-2048@1.2.840.113549.1.1.1", + "algorithmRef": "crypto/algorithm/rsa-2048@1.2.840.113549.1.1.11", "securedBy": { "mechanism": "Software", "algorithmRef": "crypto/algorithm/aes-256-gcm@2.16.840.1.101.3.4.1.46" @@ -94,17 +96,19 @@ "creationDate": "2016-11-21T08:00:00Z", "activationDate": "2016-11-21T08:20:00Z" }, - "oid": "1.2.840.113549.1.1.1" + "oid": "1.2.840.113549.1.1.11" } }, { - "name": "ECDH", + "name": "X25519", "type": "cryptographic-asset", "bom-ref": "crypto/algorithm/ecdh-curve25519@1.3.132.1.12", "cryptoProperties": { "assetType": "algorithm", "algorithmProperties": { - "curve": "curve25519", + "algorithmFamily": "ECDH", + "primitive": "key-agree", + "ellipticCurve": "other/Curve25519", "executionEnvironment": "software-plain-ram", "implementationPlatform": "x86_64", "certificationLevel": [ "none" ], @@ -114,19 +118,20 @@ } }, { - "name": "RSA-2048", + "name": "RSA-PKCS1-1.5-SHA256-2048", "type": "cryptographic-asset", - "bom-ref": "crypto/algorithm/rsa-2048@1.2.840.113549.1.1.1", + "bom-ref": "crypto/algorithm/rsa-2048@1.2.840.113549.1.1.11", "cryptoProperties": { "assetType": "algorithm", "algorithmProperties": { - "parameterSetIdentifier": "2048", + "algorithmFamily": "RSASSA-PKCS1", + "primitive": "signature", "executionEnvironment": "software-plain-ram", "implementationPlatform": "x86_64", "certificationLevel": [ "none" ], - "cryptoFunctions": [ "encapsulate", "decapsulate" ] + "cryptoFunctions": [ "sign", "verify" ] }, - "oid": "1.2.840.113549.1.1.1" + "oid": "1.2.840.113549.1.1.11" } }, { @@ -136,8 +141,8 @@ "cryptoProperties": { "assetType": "algorithm", "algorithmProperties": { - "parameterSetIdentifier": "256", "primitive": "ae", + "algorithmFamily": "AES", "mode": "gcm", "executionEnvironment": "software-plain-ram", "implementationPlatform": "x86_64", @@ -150,12 +155,13 @@ } }, { - "name": "SHA384", + "name": "SHA-384", "type": "cryptographic-asset", "bom-ref": "crypto/algorithm/sha-384@2.16.840.1.101.3.4.2.9", "cryptoProperties": { "assetType": "algorithm", "algorithmProperties": { + "algorithmFamily": "SHA-2", "parameterSetIdentifier": "384", "executionEnvironment": "software-plain-ram", "implementationPlatform": "x86_64", From 34c5090c41f1801da02458031be3da1b10ec4218 Mon Sep 17 00:00:00 2001 From: Basil Hess Date: Thu, 10 Jul 2025 16:06:50 +0200 Subject: [PATCH 2/2] Fixes --- CBOM/Algorithm/bom.json | 2 -- CBOM/Example-With-Dependencies/bom.json | 1 + 2 files changed, 1 insertion(+), 2 deletions(-) diff --git a/CBOM/Algorithm/bom.json b/CBOM/Algorithm/bom.json index d9828fd..cf58acd 100644 --- a/CBOM/Algorithm/bom.json +++ b/CBOM/Algorithm/bom.json @@ -94,8 +94,6 @@ "cryptoProperties": { "assetType": "algorithm", "algorithmProperties": { - "algorithmFamily": "ECDH", - "ellipticCurve": "other/Curve25519", "primitive": "combiner", "executionEnvironment": "software-plain-ram", "implementationPlatform": "x86_64", diff --git a/CBOM/Example-With-Dependencies/bom.json b/CBOM/Example-With-Dependencies/bom.json index 790d992..dcf310d 100644 --- a/CBOM/Example-With-Dependencies/bom.json +++ b/CBOM/Example-With-Dependencies/bom.json @@ -20,6 +20,7 @@ "assetType": "algorithm", "algorithmProperties": { "primitive": "ae", + "algorithmFamily": "AES", "executionEnvironment": "software-plain-ram", "implementationPlatform": "x86_64", "certificationLevel": [ "none" ],