Skip to content

CBOM 1.7: Update test cases & a few schema fixes/extensions#661

Merged
stevespringett merged 6 commits intoCycloneDX:1.7-dev-cryptographyfrom
bhess:patch-4
Jul 24, 2025
Merged

CBOM 1.7: Update test cases & a few schema fixes/extensions#661
stevespringett merged 6 commits intoCycloneDX:1.7-dev-cryptographyfrom
bhess:patch-4

Conversation

@bhess
Copy link
Contributor

@bhess bhess commented Jul 17, 2025

Update schema test cases and fix validation issues for 1.7 CBOM.

This PR addresses two schema validation issues discovered while running ajv on the test cases:

  • ikev2TransformTypes: The array items were missing type definitions. This has been corrected.
  • certificateExtensions: The oneOf clause defined two objects (commonExtensions and customExtensions) with overlapping property names, which caused validation errors. The property names have been made unique within each object to resolve this.

Additionally, two new properties have been added to cryptoProperties.cipherSuites to support more precise TLS configurations: tlsGroups and tlsSignatureSchemes.

@bhess
- Schema fix: Avoid name collision in 'oneOf' of certificateExtensions
5ed95f6 
- Schema fix: Define items in ikeV2 arrays
- Schema extension: in protocolProperties/cipherSuites, adds explicit tlsGroups and tlsSignatureSchemes properties
- Updates valid-cryptography-full-1.7 and valid-cryptography-implementation.1.7 test cases

Signed-off-by: Basil Hess <bhe@zurich.ibm.com>
@bhess bhess requested a review from a team as a code owner July 17, 2025 08:54
@bhess bhess mentioned this pull request Jul 17, 2025
Merged
6 tasks
@bhess
Add certificate cases
22f8d2d 
Signed-off-by: Basil Hess <bhe@zurich.ibm.com>
@n1ckl0sk0rtge n1ckl0sk0rtge mentioned this pull request Jul 17, 2025
Closed
bhess added 3 commits July 24, 2025 14:26
@bhess
fix custom state schema
6e24424 
Signed-off-by: Basil Hess <bhe@zurich.ibm.com>
@bhess
Schema Fixes
94141ea 
Signed-off-by: Basil Hess <bhe@zurich.ibm.com>
@bhess
Adding 3GPP algorithms and protocols, thanks to Ian Deakin
4aa6f1a 
Signed-off-by: Basil Hess <bhe@zurich.ibm.com>
@bhess
Copy link
Contributor Author

bhess commented Jul 24, 2025

It appears that the Java workflow is currently failing with the following error:

JsonSchemaVerificationTest.lambda$dynamicTestsWithCollection$2:102->isValid:117 » InvalidSchema Schema from 'http://cyclonedx.org/schema/cryptography-defs.schema.json' is not allowed to be loaded.

From what I can tell, this may not indicate a real issue with the schema itself. The error suggests that the validator is attempting to load the schema from a remote URL, which is currently unavailable or disallowed by the validator's configuration. Since http://cyclonedx.org/schema/cryptography-defs.schema.json is not yet publicly accessible, this could be expected behavior.

stevespringett
stevespringett reviewed Jul 24, 2025
View reviewed changes
stevespringett
stevespringett reviewed Jul 24, 2025
View reviewed changes
@bhess
Add eap-aka-prime
e4de276 
Signed-off-by: Basil Hess <bhe@zurich.ibm.com>
@stevespringett stevespringett merged commit b213b8d into CycloneDX:1.7-dev-cryptography Jul 24, 2025
8 of 9 checks passed
jvdsn pushed a commit to jvdsn/specification that referenced this pull request Feb 23, 2026
@stevespringett
CBOM 1.7: Update test cases & a few schema fixes/extensions (CycloneD…
0d75659 
…X#661)

Update schema test cases and fix validation issues for 1.7 CBOM.

This PR addresses two schema validation issues discovered while running
ajv on the test cases:
- ikev2TransformTypes: The array items were missing type definitions.
This has been corrected.
- certificateExtensions: The oneOf clause defined two objects
(commonExtensions and customExtensions) with overlapping property names,
which caused validation errors. The property names have been made unique
within each object to resolve this.

Additionally, two new properties have been added to
cryptoProperties.cipherSuites to support more precise TLS
configurations: tlsGroups and tlsSignatureSchemes.

<!-- 
Thank you for taking the time to develop and contribute a core
enhancement or fix for a defect!

We kindly request that you create pull requests only for things that
have been discussed in a ticket first; exceptions may be made for
spelling or grammar fixes.
Read more about the process here:
https://cyclonedx.org/participate/standardization-process/#working-model

Please have the related ticket/issue ID ready. 
If there is none, feel free to create a new ticket:
https://github.com/CycloneDX/specification/issues/new/choose

-->

<!-- 

Please provide a brief description of what this pull request intends to
do and which ticket it fixes/closes.
Example: 
> As discussed in ticket CycloneDX#485, this PR adds Streebog to the hash
algorithm enum.
>
> fixes CycloneDX#485 

In case this is for a spelling or grammar improvement, please provide a
brief description.
Example:
> Fixe typo: color(AE) -> colour(BE)

-->
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@stevespringett stevespringett stevespringett left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@bhess @stevespringett