github.com/CycloneDX/sbom-utility@v0.16.0/schema/jsf_signature.go (about) 1 // SPDX-License-Identifier: Apache-2.0 2 /* 3 * Licensed to the Apache Software Foundation (ASF) under one or more 4 * contributor license agreements. See the NOTICE file distributed with 5 * this work for additional information regarding copyright ownership. 6 * The ASF licenses this file to You under the Apache License, Version 2.0 7 * (the "License"); you may not use this file except in compliance with 8 * the License. You may obtain a copy of the License at 9 * 10 * http://www.apache.org/licenses/LICENSE-2.0 11 * 12 * Unless required by applicable law or agreed to in writing, software 13 * distributed under the License is distributed on an "AS IS" BASIS, 14 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 15 * See the License for the specific language governing permissions and 16 * limitations under the License. 17 */ 18 19 package schema 20 21 // See: https://github.com/CycloneDX/specification/blob/master/schema/jsf-0.82.schema.json 22 23 // Note: struct will contain "oneOf": []"Signers", "Chain", "Signature"] 24 type JSFSignature struct { 25 // "Unique top level property for Multiple Signatures." 26 Signers *[]JSFSigner `json:"signers,omitempty"` 27 // "Unique top level property for Signature Chains." 28 Chain *[]JSFSigner `json:"chain,omitempty"` 29 // "Unique top level property for simple signatures." 30 Signature *JSFSigner `json:"signature,omitempty"` 31 } 32 33 // Algorithm: "Signature algorithm. The currently recognized JWA [RFC7518] and RFC8037 34 // - constraint: "enum": ["RS256","RS384","RS512","PS256","PS384","PS512", 35 // "ES256","ES384","ES512","Ed25519","Ed448","HS256","HS384","HS512"] 36 // - OR contains a URI for custom algorithm (name) 37 // 38 // KeyId: "Optional. Application specific string identifying the signature key." 39 // PublicKey: "Optional. Public key object." 40 // CertificatePath: "Optional. Sorted array of X.509 [RFC5280] certificates, where the first element must contain the signature certificate. The certificate path must be contiguous but is not required to be complete." 41 // Excludes: "Optional. Array holding the names of one or more application level properties that must be excluded from the signature process. Note that the \"excludes\" property itself, must also be excluded from the signature process. Since both the \"excludes\" property and the associated data it points to are unsigned, a conforming JSF implementation must provide options for specifying which properties to accept." 42 // Value: "The signature data. Note that the binary representation must follow the JWA [RFC7518] specifications." 43 type JSFSigner struct { 44 Algorithm string `json:"algorithm,omitempty"` 45 KeyId string `json:"keyId,omitempty"` 46 PublicKey *JSFPublicKey `json:"publicKey,omitempty"` 47 CertificatePath *[]string `json:"certificatePath,omitempty"` 48 Excludes *[]string `json:"excludes,omitempty"` 49 Value string `json:"value,omitempty"` 50 } 51 52 // constraint: "enum": ["EC","OKP","RSA"] 53 type JSFKeyType string 54 55 // if kty (key type)== "EC" 56 // - required: "crv" (EC curve name), "x", "y" 57 // - constraint "crv": "enum": ["P-256","P-384","P-521"] 58 // 59 // else if kty == "OKP" 60 // - required: "crv" (EdDSA curve name), "x" 61 // - constraint "crv" : "enum": ["Ed25519","Ed448"] 62 // 63 // else if kty == "RSA" 64 // - required: n, e 65 type JSFPublicKey struct { 66 Kty *JSFKeyType `json:"kty,omitempty"` // Key Type 67 Crv string `json:"crv,omitempty"` // EC/OKP curve name 68 X string `json:"x,omitempty"` // X coordinate 69 Y string `json:"y,omitempty"` // Y coordinate 70 N string `json:"n,omitempty"` // RSA modulus 71 E string `json:"e,omitempty"` // RSA exponent 72 }