Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Support CycloneDX 1.6.1 #370

Open
wants to merge 6 commits into
base: main
Choose a base branch
from
Open

Support CycloneDX 1.6.1 #370

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
6 commits
Select commit Hold shift + click to select a range
b457bb9
Update schema and tests to version 1.6.1
andreas-hilti Nov 24, 2024
cbccb81
Fix downgrading of external references
andreas-hilti Nov 24, 2024
2bbda79
Add CryptoRefArray in ProtocolProperties
andreas-hilti Nov 24, 2024
cacc25f
Change Data in Component to a List
andreas-hilti Nov 24, 2024
d2664be
Fix xml serialization of component (order of elements)
andreas-hilti Nov 24, 2024
bbf8d47
Add missing snapshot
andreas-hilti Nov 24, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
236 changes: 229 additions & 7 deletions src/CycloneDX.Core/BomUtils.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,7 @@
using System;
using System.Collections.Generic;
using System.Linq;
using System.Security.Claims;
using CycloneDX.Models;
using CycloneDX.Models.Vulnerabilities;
using static CycloneDX.Models.EvidenceIdentity;
Expand Down Expand Up @@ -332,6 +333,20 @@ internal static Bom CopyBomAndDowngrade(Bom bom)
licenseChoice.Acknowledgement = null;
});

EnumerateAllExternalReferences(bomCopy, (externalReference) =>
{
if (externalReference != null)
{
if (externalReference.Type == ExternalReference.ExternalReferenceType.Source_Distribution
|| externalReference.Type == ExternalReference.ExternalReferenceType.Electronic_Signature
|| externalReference.Type == ExternalReference.ExternalReferenceType.Digital_Signature
|| externalReference.Type == ExternalReference.ExternalReferenceType.Rfc_9116)
{
externalReference.Type = ExternalReference.ExternalReferenceType.Other;
}
}
});

}

// triggers a bunch of stuff, don't remove unless you know what you are doing
Expand All @@ -353,7 +368,7 @@ public static void EnqueueMany<T>(this Queue<T> queue, IEnumerable<T> items)
{
foreach (var item in items.Where(item => item != null))
{
queue.Enqueue(item);
queue.Enqueue(item);
}
}
}
Expand All @@ -365,7 +380,7 @@ public static void EnumerateAllComponents(Bom bom, Action<Component> callback)
q.Enqueue(bom.Metadata?.Component);
q.EnqueueMany(bom.Metadata?.Tools?.Components);
q.EnqueueMany(bom.Components);
q.EnqueueMany(bom.Annotations?.Select(an => an.Annotator).Where(anor => anor.Component != null).Select(anor => anor.Component) ?? new List<Component>());
q.EnqueueMany(bom.Annotations?.Select(an => an.Annotator).Where(anor => anor.Component != null).Select(anor => anor.Component) ?? new List<Component>());
q.EnqueueMany(bom.Declarations?.Targets?.Components);
q.EnqueueMany(bom.Formulation?.Where(f => f.Components != null).SelectMany(f => f.Components));
q.EnqueueMany(bom.Vulnerabilities?.Where(v => v.Tools?.Components != null).SelectMany(v => v.Tools.Components));
Expand All @@ -392,7 +407,7 @@ public static void EnumerateAllServices(Bom bom, Action<Service> callback)
q.EnqueueMany(bom.Metadata?.Tools?.Services);
q.EnqueueMany(bom.Services);
q.EnqueueMany(bom.Annotations?.Select(an => an.Annotator).Where(anor => anor.Service != null).Select(anor => anor.Service) ?? new List<Service>());
q.EnqueueMany(bom.Declarations?.Targets?.Services);
q.EnqueueMany(bom.Declarations?.Targets?.Services);
q.EnqueueMany(bom.Formulation?.Where(f => f.Services != null).SelectMany(f => f.Services));
q.EnqueueMany(bom.Vulnerabilities?.Where(v => v.Tools?.Services != null).SelectMany(v => v.Tools.Services));

Expand Down Expand Up @@ -539,7 +554,7 @@ public static void EnumerateAllOrganizationalEntity(Bom bom, Action<Organization
if (energyProvider?.Organization != null)
{
callback(energyProvider.Organization);
}
}
}));


Expand Down Expand Up @@ -607,9 +622,9 @@ public static void EnumerateAllDependencies(Bom bom, Action<Dependency> callback
{
var q = new Queue<Dependency>();


q.EnqueueMany(bom.Dependencies);


while (q.Count > 0)
{
Expand All @@ -625,12 +640,219 @@ public static void EnumerateAllDependencies(Bom bom, Action<Dependency> callback

public static void EnumerateAllDatasetChoices(Bom bom, Action<DatasetChoices> callback)
{
EnumerateAllComponents(bom, (component) => {
EnumerateAllComponents(bom, (component) =>
{
if (component?.ModelCard?.ModelParameters?.Datasets != null)
{
callback(component.ModelCard.ModelParameters.Datasets);
}
});
}

public static void EnumerateAllExternalReferences(Bom bom, Action<ExternalReference> callback)
{
if (bom.ExternalReferences != null)
{
foreach (var item in bom.ExternalReferences)
{
callback(item);
}
}

EnumerateAllComponents(bom, (component) =>
{
if (component?.ExternalReferences != null)
{
foreach (var item in component.ExternalReferences)
{
callback(item);
}
}
if (component?.ModelCard?.Considerations?.EnvironmentalConsiderations?.EnergyConsumptions != null)
{
foreach (var energyConsumption in component.ModelCard.Considerations.EnvironmentalConsiderations.EnergyConsumptions)
{
if (energyConsumption?.EnergyProviders != null)
{
foreach (var energyProvider in energyConsumption.EnergyProviders)
{
if (energyProvider?.ExternalReferences != null)
{
foreach (var item in energyProvider.ExternalReferences)
{
callback(item);
}
}
}
}
}
}
});

EnumerateAllServices(bom, (service) =>
{
if (service?.ExternalReferences != null)
{
foreach (var item in service.ExternalReferences)
{
callback(item);
}
}
});


EnumerateAllToolChoices(bom, (toolsChoice) =>
{
if (toolsChoice?.Tools != null)
{
foreach (var tool in toolsChoice.Tools)
{
if (tool.ExternalReferences != null)
{
foreach (var item in tool.ExternalReferences)
{
callback(item);
}
}
}
}
});

if (bom.Declarations?.Claims != null)
{
foreach (var claim in bom.Declarations.Claims)
{
if (claim?.ExternalReferences != null)
{
foreach (var item in claim.ExternalReferences)
{
callback(item);
}
}
}
}

if (bom.Declarations?.Affirmation?.Signatories != null)
{
foreach (var signatory in bom.Declarations?.Affirmation?.Signatories)
{
if (signatory?.ExternalReference != null)
{
callback(signatory.ExternalReference);
}
}
}

if (bom.Definitions?.Standards != null)
{
foreach (var standard in bom.Definitions.Standards)
{
if (standard?.ExternalReferences != null)
{
foreach (var item in standard.ExternalReferences)
{
callback(item);
}
}
}
}

EnumerateAllResourceReferenceChoices(bom, (resoureReferenceChoice) =>
{
if (resoureReferenceChoice?.ExternalReference != null)
{
callback(resoureReferenceChoice.ExternalReference);
}
});

}

public static void EnumerateAllWorkflows(Bom bom, Action<Workflow> callback)
{
if (bom.Formulation != null)
{
foreach (var formulation in bom.Formulation)
{
if (formulation?.Workflows != null)
{
foreach (var workflow in formulation.Workflows)
{
callback(workflow);
}
}
}
}
}

public static void EnumerateAllResourceReferenceChoices(Bom bom, Action<ResourceReferenceChoice> callback)
{
EnumerateAllWorkflows(bom, (workflow) =>
{
if (workflow?.ResourceReferences != null)
{
foreach (var resourceReference in workflow.ResourceReferences)
{
callback(resourceReference);
}
}
if (workflow?.Inputs != null)
{
foreach (var input in workflow.Inputs)
{
if (input.Resource != null) { callback(input.Resource); }
if (input.Source != null) { callback(input.Source); }
if (input.Target != null) { callback(input.Target); }
}
}
if (workflow?.Outputs != null)
{
foreach (var output in workflow.Outputs)
{
if (output.Resource != null) { callback(output.Resource); }
if (output.Source != null) { callback(output.Source); }
if (output.Target != null) { callback(output.Target); }
}
}
if (workflow?.Trigger?.Event != null)
{
if (workflow.Trigger.Event.Source != null) { callback(workflow.Trigger.Event.Source); }
if (workflow.Trigger.Event.Target != null) { callback(workflow.Trigger.Event.Target); }
}

foreach (var task in workflow.Tasks)
{
if (task?.ResourceReferences != null)
{
foreach (var resourceReference in task.ResourceReferences)
{
callback(resourceReference);
}
}
if (task?.Inputs != null)
{
foreach (var input in task.Inputs)
{
if (input.Resource != null) { callback(input.Resource); }
if (input.Source != null) { callback(input.Source); }
if (input.Target != null) { callback(input.Target); }
}
}
if (task?.Outputs != null)
{
foreach (var output in task.Outputs)
{
if (output.Resource != null) { callback(output.Resource); }
if (output.Source != null) { callback(output.Source); }
if (output.Target != null) { callback(output.Target); }
}
}
if (task?.Trigger?.Event != null)
{
if (task.Trigger.Event.Source != null) { callback(task.Trigger.Event.Source); }
if (task.Trigger.Event.Target != null) { callback(task.Trigger.Event.Target); }
}
}
});
}
}
}
22 changes: 11 additions & 11 deletions src/CycloneDX.Core/Models/Component.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -194,6 +194,16 @@ public LicenseChoiceList LicensesSerialized
[ProtoMember(16)]
public string Purl { get; set; }

[XmlElement("omniborId")]
[ProtoMember(31)]
public List<string> OmniborId { get; set; }
public bool ShouldSerializeOmniborId() { return OmniborId?.Count > 0; }

[XmlElement("swhid")]
[ProtoMember(32)]
public List<string> Swhid { get; set; }
public bool ShouldSerializeSwhid() { return Swhid?.Count > 0; }

[XmlElement("swid")]
[ProtoMember(17)]
public Swid Swid { get; set; }
Expand Down Expand Up @@ -256,7 +266,7 @@ public bool NonNullableModified

[XmlElement("data")]
[ProtoMember(26)]
public Data Data { get; set; }
public List<Data> Data { get; set; }

[XmlElement("cryptoProperties")]
[ProtoMember(27)]
Expand All @@ -268,16 +278,6 @@ public bool NonNullableModified
public List<string> Tags { get; set; }
public bool ShouldSerializeTags() { return Tags?.Count > 0; }

[XmlElement("omniborId")]
[ProtoMember(31)]
public List<string> OmniborId { get; set; }
public bool ShouldSerializeOmniborId() { return OmniborId?.Count > 0; }

[XmlElement("swhid")]
[ProtoMember(32)]
public List<string> Swhid { get; set; }
public bool ShouldSerializeSwhid() { return Swhid?.Count > 0; }

[XmlAnyElement("Signature", Namespace = "http://www.w3.org/2000/09/xmldsig#")]
[JsonIgnore]
public XmlElement XmlSignature { get; set; }
Expand Down
4 changes: 4 additions & 0 deletions src/CycloneDX.Core/Models/Crypto/ProtocolProperties.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -40,6 +40,10 @@ public class ProtocolProperties
[XmlElement("ikev2TransformTypes")]
[ProtoMember(4)]
public Ikev2TransformTypes Ikev2TransformTypes { get; set; }

[XmlElement("cryptoRef")]
[ProtoMember(5)]
public List<string> CryptoRefArray { get; set; }
}


Expand Down
Loading
Loading