From f481ee7c455d137f09f5e8b176b3cc5a5c112fca Mon Sep 17 00:00:00 2001 From: Indivar Mishra Date: Thu, 30 Jan 2025 23:14:59 +0530 Subject: [PATCH 1/5] feat: add cyclonedx.model.crypto.ProtocolProperties.crypto_ref_array applied the fix recommended in the thread, to add crypto_ref_array as an argument to ProtocolProperties class Also updated bom1.6.SNAPSHOT.xsd from cryptoRef -> cryptoRefArray added testcase and BOM json from the mentioned issue. Signed-off-by: Indivar Mishra --- cyclonedx/model/crypto.py | 28 +++++++++++++++++++++- cyclonedx/schema/_res/bom-1.6.SNAPSHOT.xsd | 2 +- tests/_data/models.py | 28 ++++++++++++++++++++++ tests/test_deserialize_json.py | 2 +- 4 files changed, 57 insertions(+), 3 deletions(-) diff --git a/cyclonedx/model/crypto.py b/cyclonedx/model/crypto.py index d9fd8106..1d498d85 100644 --- a/cyclonedx/model/crypto.py +++ b/cyclonedx/model/crypto.py @@ -1309,11 +1309,13 @@ def __init__( version: Optional[str] = None, cipher_suites: Optional[Iterable[ProtocolPropertiesCipherSuite]] = None, ikev2_transform_types: Optional[Ikev2TransformTypes] = None, + crypto_ref_array: Optional[Iterable[BomRef]] = None, ) -> None: self.type = type self.version = version self.cipher_suites = cipher_suites or [] # type:ignore[assignment] self.ikev2_transform_types = ikev2_transform_types + self.crypto_ref_array = crypto_ref_array or [] # type:ignore[assignment] @property @serializable.xml_sequence(10) @@ -1376,13 +1378,37 @@ def ikev2_transform_types(self) -> Optional[Ikev2TransformTypes]: def ikev2_transform_types(self, ikev2_transform_types: Optional[Ikev2TransformTypes]) -> None: self._ikev2_transform_types = ikev2_transform_types + @property + @serializable.xml_array(serializable.XmlArraySerializationType.FLAT, 'cryptoRefArray') + @serializable.xml_sequence(40) + def crypto_ref_array(self) -> 'SortedSet[BomRef]': + """ + A list of protocol-related cryptographic assets. + + Returns: + `Iterable[BomRef]` + """ + return self._crypto_ref_array + + @crypto_ref_array.setter + def crypto_ref_array(self, crypto_ref_array: Iterable[BomRef]) -> None: + self._crypto_ref_array = SortedSet(crypto_ref_array) + def __eq__(self, other: object) -> bool: if isinstance(other, ProtocolProperties): return hash(other) == hash(self) return False def __hash__(self) -> int: - return hash((self.type, self.version, tuple(self.cipher_suites), self.ikev2_transform_types)) + return hash( + ( + self.type, + self.version, + tuple(self.cipher_suites), + self.ikev2_transform_types, + tuple(self.crypto_ref_array) + ) + ) def __repr__(self) -> str: return f'' diff --git a/cyclonedx/schema/_res/bom-1.6.SNAPSHOT.xsd b/cyclonedx/schema/_res/bom-1.6.SNAPSHOT.xsd index d6d57e31..4ea981ca 100644 --- a/cyclonedx/schema/_res/bom-1.6.SNAPSHOT.xsd +++ b/cyclonedx/schema/_res/bom-1.6.SNAPSHOT.xsd @@ -7429,7 +7429,7 @@ limitations under the License. - + A protocol-related cryptographic assets diff --git a/tests/_data/models.py b/tests/_data/models.py index 6bba3499..0b5d2f7a 100644 --- a/tests/_data/models.py +++ b/tests/_data/models.py @@ -708,6 +708,33 @@ def get_bom_for_issue_328_components() -> Bom: return bom +def get_bom_for_issue_692_components() -> Bom: + """regression test for issue #692 + see https://github.com/CycloneDX/cyclonedx-python-lib/issues/692 + """ + bom = _make_bom() + + comp_root = Component(type=ComponentType.APPLICATION, + name='my application', version='1') + comp_test = Component( + name='comp_test', + type=ComponentType.CRYPTOGRAPHIC_ASSET, + bom_ref='crypto/protocol/test', + crypto_properties=CryptoProperties( + asset_type=CryptoAssetType.PROTOCOL, + protocol_properties=ProtocolProperties( + type=ProtocolPropertiesType.TLS, + version='1.2', + crypto_ref_array=[BomRef(value='for-test')] + ), + oid='1.3.18.0.2.32.104', + )) + bom.metadata.component = comp_root + bom.register_dependency(comp_root, [comp_test]) + bom.components = [comp_test] + return bom + + def get_component_setuptools_complete(include_pedigree: bool = True) -> Component: component = get_component_setuptools_simple(bom_ref='my-specific-bom-ref-for-dings') component.supplier = get_org_entity_1() @@ -1449,4 +1476,5 @@ def get_bom_with_definitions_and_detailed_standards() -> Bom: get_bom_with_lifecycles, get_bom_with_definitions_standards, get_bom_with_definitions_and_detailed_standards, + get_bom_for_issue_692_components, } diff --git a/tests/test_deserialize_json.py b/tests/test_deserialize_json.py index 3883b7d7..0b6bf9d2 100644 --- a/tests/test_deserialize_json.py +++ b/tests/test_deserialize_json.py @@ -116,7 +116,7 @@ def test_regression_issue764(self) -> None: def test_regression_issue690(self) -> None: """ - regressio test for issue#690. + regression test for issue#690. see https://github.com/CycloneDX/cyclonedx-python-lib/issues/690 """ json_file = join(OWN_DATA_DIRECTORY, 'json', From cadd24add2e4345ba822ba3018f65a0b19ae2019 Mon Sep 17 00:00:00 2001 From: Indivar Mishra Date: Wed, 5 Feb 2025 23:13:13 +0530 Subject: [PATCH 2/5] resolve review comments resolve review comments Signed-off-by: Indivar Mishra --- cyclonedx/model/crypto.py | 20 ++++++++++---------- cyclonedx/schema/_res/bom-1.6.SNAPSHOT.xsd | 2 +- tests/_data/models.py | 2 +- 3 files changed, 12 insertions(+), 12 deletions(-) diff --git a/cyclonedx/model/crypto.py b/cyclonedx/model/crypto.py index 1d498d85..b1875f53 100644 --- a/cyclonedx/model/crypto.py +++ b/cyclonedx/model/crypto.py @@ -1309,13 +1309,13 @@ def __init__( version: Optional[str] = None, cipher_suites: Optional[Iterable[ProtocolPropertiesCipherSuite]] = None, ikev2_transform_types: Optional[Ikev2TransformTypes] = None, - crypto_ref_array: Optional[Iterable[BomRef]] = None, + crypto_refs: Optional[Iterable[BomRef]] = None, ) -> None: self.type = type self.version = version self.cipher_suites = cipher_suites or [] # type:ignore[assignment] self.ikev2_transform_types = ikev2_transform_types - self.crypto_ref_array = crypto_ref_array or [] # type:ignore[assignment] + self.crypto_refs = crypto_refs or [] # type:ignore[assignment] @property @serializable.xml_sequence(10) @@ -1379,20 +1379,20 @@ def ikev2_transform_types(self, ikev2_transform_types: Optional[Ikev2TransformTy self._ikev2_transform_types = ikev2_transform_types @property - @serializable.xml_array(serializable.XmlArraySerializationType.FLAT, 'cryptoRefArray') - @serializable.xml_sequence(40) - def crypto_ref_array(self) -> 'SortedSet[BomRef]': + @serializable.xml_array(serializable.XmlArraySerializationType.FLAT, 'cryptoRef') + @serializable.json_name('cryptoRefArray') + def crypto_refs(self) -> 'SortedSet[BomRef]': """ A list of protocol-related cryptographic assets. Returns: `Iterable[BomRef]` """ - return self._crypto_ref_array + return self._crypto_refs - @crypto_ref_array.setter - def crypto_ref_array(self, crypto_ref_array: Iterable[BomRef]) -> None: - self._crypto_ref_array = SortedSet(crypto_ref_array) + @crypto_refs.setter + def crypto_refs(self, crypto_refs: Iterable[BomRef]) -> None: + self._crypto_refs = SortedSet(crypto_refs) def __eq__(self, other: object) -> bool: if isinstance(other, ProtocolProperties): @@ -1406,7 +1406,7 @@ def __hash__(self) -> int: self.version, tuple(self.cipher_suites), self.ikev2_transform_types, - tuple(self.crypto_ref_array) + tuple(self.crypto_refs) ) ) diff --git a/cyclonedx/schema/_res/bom-1.6.SNAPSHOT.xsd b/cyclonedx/schema/_res/bom-1.6.SNAPSHOT.xsd index 4ea981ca..d6d57e31 100644 --- a/cyclonedx/schema/_res/bom-1.6.SNAPSHOT.xsd +++ b/cyclonedx/schema/_res/bom-1.6.SNAPSHOT.xsd @@ -7429,7 +7429,7 @@ limitations under the License. - + A protocol-related cryptographic assets diff --git a/tests/_data/models.py b/tests/_data/models.py index 0b5d2f7a..e9e8f023 100644 --- a/tests/_data/models.py +++ b/tests/_data/models.py @@ -725,7 +725,7 @@ def get_bom_for_issue_692_components() -> Bom: protocol_properties=ProtocolProperties( type=ProtocolPropertiesType.TLS, version='1.2', - crypto_ref_array=[BomRef(value='for-test')] + crypto_refs=[BomRef(value='for-test')] ), oid='1.3.18.0.2.32.104', )) From 41d807b5945d1fb4f009fe9af889298bafbe8164 Mon Sep 17 00:00:00 2001 From: Indivar Mishra Date: Wed, 5 Feb 2025 23:15:41 +0530 Subject: [PATCH 3/5] cryptographic-asset is only compatible with v1.6 so use applciation instead that is supported from v1.0 - v1.6 Signed-off-by: Indivar Mishra --- tests/_data/models.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/_data/models.py b/tests/_data/models.py index e9e8f023..34837626 100644 --- a/tests/_data/models.py +++ b/tests/_data/models.py @@ -718,7 +718,7 @@ def get_bom_for_issue_692_components() -> Bom: name='my application', version='1') comp_test = Component( name='comp_test', - type=ComponentType.CRYPTOGRAPHIC_ASSET, + type=ComponentType.APPLICATION, bom_ref='crypto/protocol/test', crypto_properties=CryptoProperties( asset_type=CryptoAssetType.PROTOCOL, From 465cd3aaf931923ef5d1e1c554a6f8d081882ded Mon Sep 17 00:00:00 2001 From: Indivar Mishra Date: Tue, 11 Feb 2025 22:36:10 +0530 Subject: [PATCH 4/5] add bom_ref to comp_root Signed-off-by: Indivar Mishra --- tests/_data/models.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/_data/models.py b/tests/_data/models.py index 34837626..c2c9d896 100644 --- a/tests/_data/models.py +++ b/tests/_data/models.py @@ -715,7 +715,7 @@ def get_bom_for_issue_692_components() -> Bom: bom = _make_bom() comp_root = Component(type=ComponentType.APPLICATION, - name='my application', version='1') + name='my application', version='1', bom_ref='my-project') comp_test = Component( name='comp_test', type=ComponentType.APPLICATION, From 412f67b18b8f74e397619711dd6e844eba2ed8db Mon Sep 17 00:00:00 2001 From: Indivar Mishra Date: Wed, 12 Feb 2025 20:49:32 +0530 Subject: [PATCH 5/5] add snapshot files Signed-off-by: Indivar Mishra --- ...t_bom_for_issue_692_components-1.0.xml.bin | 10 ++++ ...t_bom_for_issue_692_components-1.1.xml.bin | 9 +++ ..._bom_for_issue_692_components-1.2.json.bin | 35 ++++++++++++ ...t_bom_for_issue_692_components-1.2.xml.bin | 22 ++++++++ ..._bom_for_issue_692_components-1.3.json.bin | 35 ++++++++++++ ...t_bom_for_issue_692_components-1.3.xml.bin | 22 ++++++++ ..._bom_for_issue_692_components-1.4.json.bin | 34 ++++++++++++ ...t_bom_for_issue_692_components-1.4.xml.bin | 21 +++++++ ..._bom_for_issue_692_components-1.5.json.bin | 44 +++++++++++++++ ...t_bom_for_issue_692_components-1.5.xml.bin | 25 +++++++++ ..._bom_for_issue_692_components-1.6.json.bin | 55 +++++++++++++++++++ ...t_bom_for_issue_692_components-1.6.xml.bin | 34 ++++++++++++ 12 files changed, 346 insertions(+) create mode 100644 tests/_data/snapshots/get_bom_for_issue_692_components-1.0.xml.bin create mode 100644 tests/_data/snapshots/get_bom_for_issue_692_components-1.1.xml.bin create mode 100644 tests/_data/snapshots/get_bom_for_issue_692_components-1.2.json.bin create mode 100644 tests/_data/snapshots/get_bom_for_issue_692_components-1.2.xml.bin create mode 100644 tests/_data/snapshots/get_bom_for_issue_692_components-1.3.json.bin create mode 100644 tests/_data/snapshots/get_bom_for_issue_692_components-1.3.xml.bin create mode 100644 tests/_data/snapshots/get_bom_for_issue_692_components-1.4.json.bin create mode 100644 tests/_data/snapshots/get_bom_for_issue_692_components-1.4.xml.bin create mode 100644 tests/_data/snapshots/get_bom_for_issue_692_components-1.5.json.bin create mode 100644 tests/_data/snapshots/get_bom_for_issue_692_components-1.5.xml.bin create mode 100644 tests/_data/snapshots/get_bom_for_issue_692_components-1.6.json.bin create mode 100644 tests/_data/snapshots/get_bom_for_issue_692_components-1.6.xml.bin diff --git a/tests/_data/snapshots/get_bom_for_issue_692_components-1.0.xml.bin b/tests/_data/snapshots/get_bom_for_issue_692_components-1.0.xml.bin new file mode 100644 index 00000000..0b4f3121 --- /dev/null +++ b/tests/_data/snapshots/get_bom_for_issue_692_components-1.0.xml.bin @@ -0,0 +1,10 @@ + + + + + comp_test + + false + + + diff --git a/tests/_data/snapshots/get_bom_for_issue_692_components-1.1.xml.bin b/tests/_data/snapshots/get_bom_for_issue_692_components-1.1.xml.bin new file mode 100644 index 00000000..cdbdc649 --- /dev/null +++ b/tests/_data/snapshots/get_bom_for_issue_692_components-1.1.xml.bin @@ -0,0 +1,9 @@ + + + + + comp_test + + + + diff --git a/tests/_data/snapshots/get_bom_for_issue_692_components-1.2.json.bin b/tests/_data/snapshots/get_bom_for_issue_692_components-1.2.json.bin new file mode 100644 index 00000000..c85fed05 --- /dev/null +++ b/tests/_data/snapshots/get_bom_for_issue_692_components-1.2.json.bin @@ -0,0 +1,35 @@ +{ + "components": [ + { + "bom-ref": "crypto/protocol/test", + "name": "comp_test", + "type": "application", + "version": "" + } + ], + "dependencies": [ + { + "ref": "crypto/protocol/test" + }, + { + "dependsOn": [ + "crypto/protocol/test" + ], + "ref": "my-project" + } + ], + "metadata": { + "component": { + "bom-ref": "my-project", + "name": "my application", + "type": "application", + "version": "1" + }, + "timestamp": "2023-01-07T13:44:32.312678+00:00" + }, + "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", + "version": 1, + "$schema": "http://cyclonedx.org/schema/bom-1.2b.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.2" +} \ No newline at end of file diff --git a/tests/_data/snapshots/get_bom_for_issue_692_components-1.2.xml.bin b/tests/_data/snapshots/get_bom_for_issue_692_components-1.2.xml.bin new file mode 100644 index 00000000..7159c20c --- /dev/null +++ b/tests/_data/snapshots/get_bom_for_issue_692_components-1.2.xml.bin @@ -0,0 +1,22 @@ + + + + 2023-01-07T13:44:32.312678+00:00 + + my application + 1 + + + + + comp_test + + + + + + + + + + diff --git a/tests/_data/snapshots/get_bom_for_issue_692_components-1.3.json.bin b/tests/_data/snapshots/get_bom_for_issue_692_components-1.3.json.bin new file mode 100644 index 00000000..0e73c637 --- /dev/null +++ b/tests/_data/snapshots/get_bom_for_issue_692_components-1.3.json.bin @@ -0,0 +1,35 @@ +{ + "components": [ + { + "bom-ref": "crypto/protocol/test", + "name": "comp_test", + "type": "application", + "version": "" + } + ], + "dependencies": [ + { + "ref": "crypto/protocol/test" + }, + { + "dependsOn": [ + "crypto/protocol/test" + ], + "ref": "my-project" + } + ], + "metadata": { + "component": { + "bom-ref": "my-project", + "name": "my application", + "type": "application", + "version": "1" + }, + "timestamp": "2023-01-07T13:44:32.312678+00:00" + }, + "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", + "version": 1, + "$schema": "http://cyclonedx.org/schema/bom-1.3a.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.3" +} \ No newline at end of file diff --git a/tests/_data/snapshots/get_bom_for_issue_692_components-1.3.xml.bin b/tests/_data/snapshots/get_bom_for_issue_692_components-1.3.xml.bin new file mode 100644 index 00000000..1a345752 --- /dev/null +++ b/tests/_data/snapshots/get_bom_for_issue_692_components-1.3.xml.bin @@ -0,0 +1,22 @@ + + + + 2023-01-07T13:44:32.312678+00:00 + + my application + 1 + + + + + comp_test + + + + + + + + + + diff --git a/tests/_data/snapshots/get_bom_for_issue_692_components-1.4.json.bin b/tests/_data/snapshots/get_bom_for_issue_692_components-1.4.json.bin new file mode 100644 index 00000000..de8c1ced --- /dev/null +++ b/tests/_data/snapshots/get_bom_for_issue_692_components-1.4.json.bin @@ -0,0 +1,34 @@ +{ + "components": [ + { + "bom-ref": "crypto/protocol/test", + "name": "comp_test", + "type": "application" + } + ], + "dependencies": [ + { + "ref": "crypto/protocol/test" + }, + { + "dependsOn": [ + "crypto/protocol/test" + ], + "ref": "my-project" + } + ], + "metadata": { + "component": { + "bom-ref": "my-project", + "name": "my application", + "type": "application", + "version": "1" + }, + "timestamp": "2023-01-07T13:44:32.312678+00:00" + }, + "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", + "version": 1, + "$schema": "http://cyclonedx.org/schema/bom-1.4.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.4" +} \ No newline at end of file diff --git a/tests/_data/snapshots/get_bom_for_issue_692_components-1.4.xml.bin b/tests/_data/snapshots/get_bom_for_issue_692_components-1.4.xml.bin new file mode 100644 index 00000000..790a9c18 --- /dev/null +++ b/tests/_data/snapshots/get_bom_for_issue_692_components-1.4.xml.bin @@ -0,0 +1,21 @@ + + + + 2023-01-07T13:44:32.312678+00:00 + + my application + 1 + + + + + comp_test + + + + + + + + + diff --git a/tests/_data/snapshots/get_bom_for_issue_692_components-1.5.json.bin b/tests/_data/snapshots/get_bom_for_issue_692_components-1.5.json.bin new file mode 100644 index 00000000..2e82d6fe --- /dev/null +++ b/tests/_data/snapshots/get_bom_for_issue_692_components-1.5.json.bin @@ -0,0 +1,44 @@ +{ + "components": [ + { + "bom-ref": "crypto/protocol/test", + "name": "comp_test", + "type": "application" + } + ], + "dependencies": [ + { + "ref": "crypto/protocol/test" + }, + { + "dependsOn": [ + "crypto/protocol/test" + ], + "ref": "my-project" + } + ], + "metadata": { + "component": { + "bom-ref": "my-project", + "name": "my application", + "type": "application", + "version": "1" + }, + "timestamp": "2023-01-07T13:44:32.312678+00:00" + }, + "properties": [ + { + "name": "key1", + "value": "val1" + }, + { + "name": "key2", + "value": "val2" + } + ], + "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", + "version": 1, + "$schema": "http://cyclonedx.org/schema/bom-1.5.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.5" +} \ No newline at end of file diff --git a/tests/_data/snapshots/get_bom_for_issue_692_components-1.5.xml.bin b/tests/_data/snapshots/get_bom_for_issue_692_components-1.5.xml.bin new file mode 100644 index 00000000..c762bfa1 --- /dev/null +++ b/tests/_data/snapshots/get_bom_for_issue_692_components-1.5.xml.bin @@ -0,0 +1,25 @@ + + + + 2023-01-07T13:44:32.312678+00:00 + + my application + 1 + + + + + comp_test + + + + + + + + + + val1 + val2 + + diff --git a/tests/_data/snapshots/get_bom_for_issue_692_components-1.6.json.bin b/tests/_data/snapshots/get_bom_for_issue_692_components-1.6.json.bin new file mode 100644 index 00000000..0e0cba5d --- /dev/null +++ b/tests/_data/snapshots/get_bom_for_issue_692_components-1.6.json.bin @@ -0,0 +1,55 @@ +{ + "components": [ + { + "bom-ref": "crypto/protocol/test", + "cryptoProperties": { + "assetType": "protocol", + "oid": "1.3.18.0.2.32.104", + "protocolProperties": { + "cryptoRefArray": [ + "for-test" + ], + "type": "tls", + "version": "1.2" + } + }, + "name": "comp_test", + "type": "application" + } + ], + "dependencies": [ + { + "ref": "crypto/protocol/test" + }, + { + "dependsOn": [ + "crypto/protocol/test" + ], + "ref": "my-project" + } + ], + "metadata": { + "component": { + "bom-ref": "my-project", + "name": "my application", + "type": "application", + "version": "1" + }, + "timestamp": "2023-01-07T13:44:32.312678+00:00" + }, + "properties": [ + { + "name": "key1", + "value": "val1" + }, + { + "name": "key2", + "value": "val2" + } + ], + "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", + "version": 1, + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6" +} \ No newline at end of file diff --git a/tests/_data/snapshots/get_bom_for_issue_692_components-1.6.xml.bin b/tests/_data/snapshots/get_bom_for_issue_692_components-1.6.xml.bin new file mode 100644 index 00000000..7b536be5 --- /dev/null +++ b/tests/_data/snapshots/get_bom_for_issue_692_components-1.6.xml.bin @@ -0,0 +1,34 @@ + + + + 2023-01-07T13:44:32.312678+00:00 + + my application + 1 + + + + + comp_test + + protocol + + tls + 1.2 + for-test + + 1.3.18.0.2.32.104 + + + + + + + + + + + val1 + val2 + +