Skip to content

Commit

Permalink
Generate CBOM with unique bom-ref
Browse files Browse the repository at this point in the history
Signed-off-by: Pravek Sharma <sharmapravek@gmail.com>
  • Loading branch information
praveksharma committed Apr 9, 2024
1 parent 96901e8 commit cef32f7
Show file tree
Hide file tree
Showing 2 changed files with 22 additions and 16 deletions.
30 changes: 15 additions & 15 deletions docs/cbom.json
Original file line number Diff line number Diff line change
@@ -1,23 +1,23 @@
{
"bomFormat": "CBOM",
"specVersion": "1.4-cbom-1.0",
"serialNumber": "urn:uuid:42e1aede-649a-4dec-b7d4-e78f71a822c8",
"serialNumber": "urn:uuid:58a975ac-ea6b-4ce9-a5ae-80d35105db30",
"version": 1,
"metadata": {
"timestamp": "2024-04-09T19:42:40.158663",
"timestamp": "2024-04-09T21:46:17.101849",
"component": {
"type": "library",
"bom-ref": "pkg:github/open-quantum-safe/liboqs@b7ef00469b3e7d26aafb7390fd73e3b15674ae22",
"bom-ref": "pkg:github/open-quantum-safe/liboqs@2fd65d9ec99a2608149713e5fcaeb9b6402e5872",
"name": "liboqs",
"version": "b7ef00469b3e7d26aafb7390fd73e3b15674ae22"
"version": "2fd65d9ec99a2608149713e5fcaeb9b6402e5872"
}
},
"components": [
{
"type": "library",
"bom-ref": "pkg:github/open-quantum-safe/liboqs@b7ef00469b3e7d26aafb7390fd73e3b15674ae22",
"bom-ref": "pkg:github/open-quantum-safe/liboqs@2fd65d9ec99a2608149713e5fcaeb9b6402e5872",
"name": "liboqs",
"version": "b7ef00469b3e7d26aafb7390fd73e3b15674ae22"
"version": "2fd65d9ec99a2608149713e5fcaeb9b6402e5872"
},
{
"type": "crypto-asset",
Expand Down Expand Up @@ -841,7 +841,7 @@
},
{
"type": "crypto-asset",
"bom-ref": "alg:Kyber512:x86_64",
"bom-ref": "alg:Kyber512:jasmin:x86_64",
"name": "Kyber",
"cryptoProperties": {
"assetType": "algorithm",
Expand All @@ -861,7 +861,7 @@
},
{
"type": "crypto-asset",
"bom-ref": "alg:Kyber512:x86_64",
"bom-ref": "alg:Kyber512:jasmin:avx2:x86_64",
"name": "Kyber",
"cryptoProperties": {
"assetType": "algorithm",
Expand Down Expand Up @@ -941,7 +941,7 @@
},
{
"type": "crypto-asset",
"bom-ref": "alg:Kyber768:x86_64",
"bom-ref": "alg:Kyber768:jasmin:x86_64",
"name": "Kyber",
"cryptoProperties": {
"assetType": "algorithm",
Expand All @@ -961,7 +961,7 @@
},
{
"type": "crypto-asset",
"bom-ref": "alg:Kyber768:x86_64",
"bom-ref": "alg:Kyber768:jasmin:avx2:x86_64",
"name": "Kyber",
"cryptoProperties": {
"assetType": "algorithm",
Expand Down Expand Up @@ -2248,7 +2248,7 @@
],
"dependencies": [
{
"ref": "pkg:github/open-quantum-safe/liboqs@b7ef00469b3e7d26aafb7390fd73e3b15674ae22",
"ref": "pkg:github/open-quantum-safe/liboqs@2fd65d9ec99a2608149713e5fcaeb9b6402e5872",
"dependsOn": [
"alg:BIKE-L1:x86_64",
"alg:BIKE-L3:x86_64",
Expand Down Expand Up @@ -2291,13 +2291,13 @@
"alg:Kyber512:generic",
"alg:Kyber512:x86_64",
"alg:Kyber512:armv8-a",
"alg:Kyber512:x86_64",
"alg:Kyber512:x86_64",
"alg:Kyber512:jasmin:x86_64",
"alg:Kyber512:jasmin:avx2:x86_64",
"alg:Kyber768:generic",
"alg:Kyber768:x86_64",
"alg:Kyber768:armv8-a",
"alg:Kyber768:x86_64",
"alg:Kyber768:x86_64",
"alg:Kyber768:jasmin:x86_64",
"alg:Kyber768:jasmin:avx2:x86_64",
"alg:Kyber1024:generic",
"alg:Kyber1024:x86_64",
"alg:Kyber1024:armv8-a",
Expand Down
8 changes: 7 additions & 1 deletion scripts/update_cbom.py
Original file line number Diff line number Diff line change
Expand Up @@ -118,7 +118,13 @@ def add_cbom_component(out, kem_yaml, parameter_set):
if plat['architecture'] in dic.keys():
algorithmProperties['implementationPlatform'] = dic[plat['architecture']]
component_cpy = copy.deepcopy(component)
component_cpy['bom-ref'] += ":" + algorithmProperties['implementationPlatform']
if 'upstream' in impl and impl['upstream'] == 'libjade':
tag = ":jasmin:"
if any('required_flags' in i for i in impl['supported-platforms']):
tag += impl['upstream-id'] + ':'
component_cpy['bom-ref'] += tag + algorithmProperties['implementationPlatform']
else:
component_cpy['bom-ref'] += ":" + algorithmProperties['implementationPlatform']
cbom_components.append(component_cpy)
bom_algs_bomrefs.append(component_cpy['bom-ref'])
if dep:
Expand Down

0 comments on commit cef32f7

Please sign in to comment.