Changes for attestation

Signed-off-by: Author Name <aalzate@sonatype.com>

Author: mr-zepol

src/main/java/org/cyclonedx/model/Bom.java

@@ -56,8 +56,8 @@
         "vulnerabilities",
         "annotations",
         "formulation",
-        "attestations",
-        "definition"
+        "declarations",
+        "definitions",
         "signature"
 })
 public class Bom extends ExtensibleElement {
@@ -88,7 +88,10 @@ public class Bom extends ExtensibleElement {
     private List<Formula> formulation;
 
     @VersionFilter(versions = {"1.0", "1.1", "1.2", "1.3", "1.4", "1.5"})
-    private Definition definition;
+    private Declarations declarations;
+
+    @VersionFilter(versions = {"1.0", "1.1", "1.2", "1.3", "1.4", "1.5"})
+    private Definition definitions;
 
     @VersionFilter(versions = {"1.0", "1.1", "1.2", "1.3"})
     @JsonDeserialize(using = VulnerabilityDeserializer.class)
@@ -243,6 +246,22 @@ public void addProperty(Property property) {
         this.properties.add(property);
     }
 
+    public Declarations getDeclarations() {
+        return declarations;
+    }
+
+    public void setDeclarations(final Declarations declarations) {
+        this.declarations = declarations;
+    }
+
+    public Definition getDefinitions() {
+        return definitions;
+    }
+
+    public void setDefinitions(final Definition definitions) {
+        this.definitions = definitions;
+    }
+
     public int getVersion() {
         return version;
     }

src/main/java/org/cyclonedx/model/attestation/Assessor.java

@@ -1,9 +1,18 @@
 package org.cyclonedx.model.attestation;
 
+import com.fasterxml.jackson.annotation.JsonIgnoreProperties;
+import com.fasterxml.jackson.annotation.JsonInclude;
 import com.fasterxml.jackson.annotation.JsonProperty;
+import com.fasterxml.jackson.annotation.JsonPropertyOrder;
 import com.fasterxml.jackson.dataformat.xml.annotation.JacksonXmlProperty;
 import org.cyclonedx.model.OrganizationalEntity;
 
+@JsonIgnoreProperties(ignoreUnknown = true)
+@JsonInclude(JsonInclude.Include.NON_EMPTY)
+@JsonPropertyOrder({
+    "thirdParty",
+    "organization"
+})
 public class Assessor
 {
   @JacksonXmlProperty(isAttribute = true, localName = "bom-ref")

src/main/java/org/cyclonedx/model/attestation/Attestation.java

@@ -7,10 +7,8 @@
 import com.fasterxml.jackson.annotation.JsonProperty;
 import com.fasterxml.jackson.annotation.JsonPropertyOrder;
 import com.fasterxml.jackson.dataformat.xml.annotation.JacksonXmlProperty;
-import com.fasterxml.jackson.dataformat.xml.annotation.JacksonXmlRootElement;
 import org.cyclonedx.model.Signature;
 
-@JacksonXmlRootElement(localName = "conformance")
 @JsonIgnoreProperties(ignoreUnknown = true)
 @JsonInclude(JsonInclude.Include.NON_EMPTY)
 @JsonPropertyOrder({

src/main/java/org/cyclonedx/model/attestation/Claim.java

@@ -8,11 +8,9 @@
 import com.fasterxml.jackson.annotation.JsonPropertyOrder;
 import com.fasterxml.jackson.dataformat.xml.annotation.JacksonXmlElementWrapper;
 import com.fasterxml.jackson.dataformat.xml.annotation.JacksonXmlProperty;
-import com.fasterxml.jackson.dataformat.xml.annotation.JacksonXmlRootElement;
 import org.cyclonedx.model.ExternalReference;
 import org.cyclonedx.model.Signature;
 
-@JacksonXmlRootElement(localName = "claim")
 @JsonIgnoreProperties(ignoreUnknown = true)
 @JsonInclude(JsonInclude.Include.NON_EMPTY)
 @JsonPropertyOrder({

src/main/java/org/cyclonedx/model/attestation/Confidence.java

@@ -1,15 +1,10 @@
 package org.cyclonedx.model.attestation;
 
-import java.util.List;
 
 import com.fasterxml.jackson.annotation.JsonIgnoreProperties;
 import com.fasterxml.jackson.annotation.JsonInclude;
 import com.fasterxml.jackson.annotation.JsonPropertyOrder;
-import com.fasterxml.jackson.dataformat.xml.annotation.JacksonXmlElementWrapper;
-import com.fasterxml.jackson.dataformat.xml.annotation.JacksonXmlProperty;
-import com.fasterxml.jackson.dataformat.xml.annotation.JacksonXmlRootElement;
 
-@JacksonXmlRootElement(localName = "confidence")
 @JsonIgnoreProperties(ignoreUnknown = true)
 @JsonInclude(JsonInclude.Include.NON_EMPTY)
 @JsonPropertyOrder({

src/main/java/org/cyclonedx/model/attestation/Conformance.java

@@ -7,9 +7,7 @@
 import com.fasterxml.jackson.annotation.JsonPropertyOrder;
 import com.fasterxml.jackson.dataformat.xml.annotation.JacksonXmlElementWrapper;
 import com.fasterxml.jackson.dataformat.xml.annotation.JacksonXmlProperty;
-import com.fasterxml.jackson.dataformat.xml.annotation.JacksonXmlRootElement;
 
-@JacksonXmlRootElement(localName = "conformance")
 @JsonIgnoreProperties(ignoreUnknown = true)
 @JsonInclude(JsonInclude.Include.NON_EMPTY)
 @JsonPropertyOrder({

src/main/java/org/cyclonedx/model/attestation/Declarations.java

@@ -2,12 +2,26 @@
 
 import java.util.List;
 
+import com.fasterxml.jackson.annotation.JsonIgnoreProperties;
+import com.fasterxml.jackson.annotation.JsonInclude;
+import com.fasterxml.jackson.annotation.JsonPropertyOrder;
 import com.fasterxml.jackson.dataformat.xml.annotation.JacksonXmlElementWrapper;
 import com.fasterxml.jackson.dataformat.xml.annotation.JacksonXmlProperty;
 import org.cyclonedx.model.Signature;
 import org.cyclonedx.model.attestation.affirmation.Affirmation;
 import org.cyclonedx.model.attestation.evidence.Evidence;
 
+@JsonIgnoreProperties(ignoreUnknown = true)
+@JsonInclude(JsonInclude.Include.NON_EMPTY)
+@JsonPropertyOrder({
+    "assessors",
+    "attestations",
+    "claims",
+    "evidence",
+    "targets",
+    "affirmation",
+    "signature"
+})
 public class Declarations
 {
   private List<Assessor> assessors;

src/main/java/org/cyclonedx/model/attestation/Targets.java

@@ -7,12 +7,10 @@
 import com.fasterxml.jackson.annotation.JsonPropertyOrder;
 import com.fasterxml.jackson.dataformat.xml.annotation.JacksonXmlElementWrapper;
 import com.fasterxml.jackson.dataformat.xml.annotation.JacksonXmlProperty;
-import com.fasterxml.jackson.dataformat.xml.annotation.JacksonXmlRootElement;
 import org.cyclonedx.model.Component;
 import org.cyclonedx.model.OrganizationalEntity;
 import org.cyclonedx.model.Service;
 
-@JacksonXmlRootElement(localName = "targets")
 @JsonIgnoreProperties(ignoreUnknown = true)
 @JsonInclude(JsonInclude.Include.NON_EMPTY)
 @JsonPropertyOrder({

src/main/java/org/cyclonedx/model/attestation/affirmation/Affirmation.java

@@ -2,16 +2,28 @@
 
 import java.util.List;
 
+import com.fasterxml.jackson.annotation.JsonIgnoreProperties;
+import com.fasterxml.jackson.annotation.JsonInclude;
+import com.fasterxml.jackson.annotation.JsonPropertyOrder;
 import com.fasterxml.jackson.dataformat.xml.annotation.JacksonXmlElementWrapper;
 import com.fasterxml.jackson.dataformat.xml.annotation.JacksonXmlProperty;
-
+import org.cyclonedx.model.Signature;
+
+@JsonIgnoreProperties(ignoreUnknown = true)
+@JsonInclude(JsonInclude.Include.NON_EMPTY)
+@JsonPropertyOrder({
+    "statement",
+    "signatories",
+    "signature"
+})
 public class Affirmation
 {
   private String statement;
 
-
   private List<Signatory> signatories;
 
+  private Signature signature;
+
   public String getStatement() {
     return statement;
   }
@@ -29,4 +41,12 @@ public List<Signatory> getSignatories() {
   public void setSignatories(final List<Signatory> signatories) {
     this.signatories = signatories;
   }
+
+  public Signature getSignature() {
+    return signature;
+  }
+
+  public void setSignature(final Signature signature) {
+    this.signature = signature;
+  }
 }

src/main/java/org/cyclonedx/model/attestation/affirmation/Signatory.java

@@ -1,12 +1,28 @@
 package org.cyclonedx.model.attestation.affirmation;
 
+import com.fasterxml.jackson.annotation.JsonIgnoreProperties;
+import com.fasterxml.jackson.annotation.JsonInclude;
+import com.fasterxml.jackson.annotation.JsonPropertyOrder;
+import com.fasterxml.jackson.databind.annotation.JsonDeserialize;
+import org.cyclonedx.util.deserializer.SignatoryInformationChoiceDeserializer;
+
+@JsonIgnoreProperties(ignoreUnknown = true)
+@JsonInclude(JsonInclude.Include.NON_EMPTY)
+@JsonPropertyOrder({
+    "name",
+    "role",
+    "signature",
+    "organization",
+    "externalReference"
+})
 public class Signatory
 {
   private String name;
 
   private String role;
 
-  private SignatoryChoice signatoryChoice;
+  @JsonDeserialize(using = SignatoryInformationChoiceDeserializer.class)
+  private SignatoryInformationChoice choice;
 
   public String getName() {
     return name;
@@ -24,11 +40,11 @@ public void setRole(final String role) {
     this.role = role;
   }
 
-  public SignatoryChoice getSignatoryChoice() {
-    return signatoryChoice;
+  public SignatoryInformationChoice getChoice() {
+    return choice;
   }
 
-  public void setSignatoryChoice(final SignatoryChoice signatoryChoice) {
-    this.signatoryChoice = signatoryChoice;
+  public void setChoice(final SignatoryInformationChoice choice) {
+    this.choice = choice;
   }
 }

src/main/java/org/cyclonedx/model/attestation/affirmation/SignatoryInfo.java

@@ -1,8 +1,17 @@
 package org.cyclonedx.model.attestation.affirmation;
 
+import com.fasterxml.jackson.annotation.JsonIgnoreProperties;
+import com.fasterxml.jackson.annotation.JsonInclude;
+import com.fasterxml.jackson.annotation.JsonPropertyOrder;
 import org.cyclonedx.model.ExternalReference;
 import org.cyclonedx.model.OrganizationalEntity;
 
+@JsonIgnoreProperties(ignoreUnknown = true)
+@JsonInclude(JsonInclude.Include.NON_EMPTY)
+@JsonPropertyOrder({
+    "organization",
+    "externalReference"
+})
 public class SignatoryInfo
 {
   private OrganizationalEntity organization;

src/main/java/org/cyclonedx/model/attestation/affirmation/SignatoryChoice.java src/main/java/org/cyclonedx/model/attestation/affirmation/SignatoryInformationChoice.java

@@ -2,13 +2,11 @@
 
 import com.fasterxml.jackson.annotation.JsonIgnoreProperties;
 import com.fasterxml.jackson.annotation.JsonInclude;
-import com.fasterxml.jackson.databind.annotation.JsonDeserialize;
 import org.cyclonedx.model.Signature;
 
 @JsonIgnoreProperties(ignoreUnknown = true)
 @JsonInclude(JsonInclude.Include.NON_EMPTY)
-@JsonDeserialize(using = SignatoryChoiceDeserializer.class)
-public class SignatoryChoice
+public class SignatoryInformationChoice
 {
   private Signature signature;
 

src/main/java/org/cyclonedx/model/attestation/evidence/Contents.java

@@ -6,7 +6,6 @@
 import com.fasterxml.jackson.dataformat.xml.annotation.JacksonXmlRootElement;
 import org.cyclonedx.model.AttachmentText;
 
-@JacksonXmlRootElement(localName = "contents")
 @JsonIgnoreProperties(ignoreUnknown = true)
 @JsonInclude(JsonInclude.Include.NON_EMPTY)
 @JsonPropertyOrder({

src/main/java/org/cyclonedx/model/attestation/evidence/Data.java

@@ -5,17 +5,18 @@
 import com.fasterxml.jackson.annotation.JsonIgnoreProperties;
 import com.fasterxml.jackson.annotation.JsonInclude;
 import com.fasterxml.jackson.annotation.JsonPropertyOrder;
-import com.fasterxml.jackson.dataformat.xml.annotation.JacksonXmlRootElement;
+import com.fasterxml.jackson.databind.annotation.JsonDeserialize;
+import com.fasterxml.jackson.dataformat.xml.annotation.JacksonXmlElementWrapper;
+import com.fasterxml.jackson.dataformat.xml.annotation.JacksonXmlProperty;
 import org.cyclonedx.model.component.modelCard.data.Governance;
+import org.cyclonedx.util.deserializer.StringListDeserializer;
 
-
-@JacksonXmlRootElement(localName = "data")
 @JsonIgnoreProperties(ignoreUnknown = true)
 @JsonInclude(JsonInclude.Include.NON_EMPTY)
 @JsonPropertyOrder({
     "name",
     "contents",
-    "dataClassification",
+    "classification",
     "sensitiveData",
     "governance"
 })
@@ -25,20 +26,21 @@ public class Data
 
   private Contents contents;
 
-  private DataClassification dataClassification;
+  private String classification;
 
   private List<String> sensitiveData;
 
   private Governance governance;
 
-  public String getData() {
-    return data;
+  public String getName() {
+    return name;
   }
 
-  public void setData(final String data) {
-    this.data = data;
+  public void setName(final String name) {
+    this.name = name;
   }
 
+
   public Contents getContents() {
     return contents;
   }
@@ -47,14 +49,9 @@ public void setContents(final Contents contents) {
     this.contents = contents;
   }
 
-  public DataClassification getDataClassification() {
-    return dataClassification;
-  }
-
-  public void setDataClassification(final DataClassification dataClassification) {
-    this.dataClassification = dataClassification;
-  }
-
+ @JacksonXmlElementWrapper(localName = "sensitiveData")
+ @JacksonXmlProperty(localName = "sensitiveData")
+ @JsonDeserialize(using = StringListDeserializer.class)
   public List<String> getSensitiveData() {
     return sensitiveData;
   }
@@ -70,4 +67,12 @@ public Governance getGovernance() {
   public void setGovernance(final Governance governance) {
     this.governance = governance;
   }
+
+  public String getClassification() {
+    return classification;
+  }
+
+  public void setClassification(final String classification) {
+    this.classification = classification;
+  }
 }