Skip to content
/ cyclonedx-core-java Public
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.

Commit fd9e35a

Browse files
mr-zepolmr-zepol
committedMar 1, 2024·
Initial changes for attestations
1 parent d49b15e commit fd9e35a

21 files changed

+1201
-0
lines changed
 

‎src/main/java/org/cyclonedx/model/Bom.java

+7
Original file line numberDiff line numberDiff line change
@@ -29,6 +29,8 @@
2929
import com.fasterxml.jackson.dataformat.xml.annotation.JacksonXmlElementWrapper;
3030
import com.fasterxml.jackson.dataformat.xml.annotation.JacksonXmlProperty;
3131
import com.fasterxml.jackson.dataformat.xml.annotation.JacksonXmlRootElement;
32+
import org.cyclonedx.model.attestation.Declarations;
33+
import org.cyclonedx.model.definition.Definition;
3234
import org.cyclonedx.model.formulation.Formula;
3335
import org.cyclonedx.model.vulnerability.Vulnerability;
3436
import org.cyclonedx.util.deserializer.DependencyDeserializer;
@@ -54,6 +56,8 @@
5456
"vulnerabilities",
5557
"annotations",
5658
"formulation",
59+
"attestations",
60+
"definition"
5761
"signature"
5862
})
5963
public class Bom extends ExtensibleElement {
@@ -83,6 +87,9 @@ public class Bom extends ExtensibleElement {
8387
@VersionFilter(versions = {"1.0", "1.1", "1.2", "1.3", "1.4"})
8488
private List<Formula> formulation;
8589

90+
@VersionFilter(versions = {"1.0", "1.1", "1.2", "1.3", "1.4", "1.5"})
91+
private Definition definition;
92+
8693
@VersionFilter(versions = {"1.0", "1.1", "1.2", "1.3"})
8794
@JsonDeserialize(using = VulnerabilityDeserializer.class)
8895
private List<Vulnerability> vulnerabilities;

‎src/main/java/org/cyclonedx/model/ExternalReference.java

+6
Original file line numberDiff line numberDiff line change
@@ -112,6 +112,12 @@ public enum Type {
112112
EVIDENCE("evidence"),
113113
@JsonProperty("formulation")
114114
FORMULATION("formulation"),
115+
@VersionFilter(versions = {"1.0", "1.1", "1.2", "1.3", "1.4", "1.5"})
116+
@JsonProperty("electronic-signature")
117+
ELECTRONIC_SIGNATURE("electronic-signature"),
118+
@VersionFilter(versions = {"1.0", "1.1", "1.2", "1.3", "1.4", "1.5"})
119+
@JsonProperty("digital-signature")
120+
DIGITAL_SIGNATURE("digital-signature"),
115121
@JsonProperty("other")
116122
OTHER("other");
117123

‎src/main/java/org/cyclonedx/model/attestation/Assessor.java

+40
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,40 @@
1+
package org.cyclonedx.model.attestation;
2+
3+
import com.fasterxml.jackson.annotation.JsonProperty;
4+
import com.fasterxml.jackson.dataformat.xml.annotation.JacksonXmlProperty;
5+
import org.cyclonedx.model.OrganizationalEntity;
6+
7+
public class Assessor
8+
{
9+
@JacksonXmlProperty(isAttribute = true, localName = "bom-ref")
10+
@JsonProperty("bom-ref")
11+
private String bomRef;
12+
13+
private Boolean thirdParty;
14+
15+
private OrganizationalEntity organization;
16+
17+
public String getBomRef() {
18+
return bomRef;
19+
}
20+
21+
public void setBomRef(final String bomRef) {
22+
this.bomRef = bomRef;
23+
}
24+
25+
public Boolean getThirdParty() {
26+
return thirdParty;
27+
}
28+
29+
public void setThirdParty(final Boolean thirdParty) {
30+
this.thirdParty = thirdParty;
31+
}
32+
33+
public OrganizationalEntity getOrganization() {
34+
return organization;
35+
}
36+
37+
public void setOrganization(final OrganizationalEntity organization) {
38+
this.organization = organization;
39+
}
40+
}

‎src/main/java/org/cyclonedx/model/attestation/Attestation.java

+65
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,65 @@
1+
package org.cyclonedx.model.attestation;
2+
3+
import java.util.List;
4+
5+
import com.fasterxml.jackson.annotation.JsonIgnoreProperties;
6+
import com.fasterxml.jackson.annotation.JsonInclude;
7+
import com.fasterxml.jackson.annotation.JsonProperty;
8+
import com.fasterxml.jackson.annotation.JsonPropertyOrder;
9+
import com.fasterxml.jackson.dataformat.xml.annotation.JacksonXmlProperty;
10+
import com.fasterxml.jackson.dataformat.xml.annotation.JacksonXmlRootElement;
11+
import org.cyclonedx.model.Signature;
12+
13+
@JacksonXmlRootElement(localName = "conformance")
14+
@JsonIgnoreProperties(ignoreUnknown = true)
15+
@JsonInclude(JsonInclude.Include.NON_EMPTY)
16+
@JsonPropertyOrder({
17+
"summary",
18+
"assessor",
19+
"mapList",
20+
"signature"
21+
})
22+
public class Attestation
23+
{
24+
private String summary;
25+
26+
@JacksonXmlProperty(isAttribute = true, localName = "assessor")
27+
@JsonProperty("assessor")
28+
private String assessor;
29+
30+
private List<AttestationMap> mapList;
31+
32+
private Signature signature;
33+
34+
public String getSummary() {
35+
return summary;
36+
}
37+
38+
public void setSummary(final String summary) {
39+
this.summary = summary;
40+
}
41+
42+
public String getAssessor() {
43+
return assessor;
44+
}
45+
46+
public void setAssessor(final String assessor) {
47+
this.assessor = assessor;
48+
}
49+
50+
public List<AttestationMap> getMapList() {
51+
return mapList;
52+
}
53+
54+
public void setMapList(final List<AttestationMap> mapList) {
55+
this.mapList = mapList;
56+
}
57+
58+
public Signature getSignature() {
59+
return signature;
60+
}
61+
62+
public void setSignature(final Signature signature) {
63+
this.signature = signature;
64+
}
65+
}

‎src/main/java/org/cyclonedx/model/attestation/AttestationMap.java

+80
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,80 @@
1+
package org.cyclonedx.model.attestation;
2+
3+
import java.util.List;
4+
5+
import com.fasterxml.jackson.annotation.JsonIgnoreProperties;
6+
import com.fasterxml.jackson.annotation.JsonInclude;
7+
import com.fasterxml.jackson.annotation.JsonProperty;
8+
import com.fasterxml.jackson.annotation.JsonPropertyOrder;
9+
import com.fasterxml.jackson.dataformat.xml.annotation.JacksonXmlElementWrapper;
10+
import com.fasterxml.jackson.dataformat.xml.annotation.JacksonXmlProperty;
11+
import com.fasterxml.jackson.dataformat.xml.annotation.JacksonXmlRootElement;
12+
13+
@JacksonXmlRootElement(localName = "map")
14+
@JsonIgnoreProperties(ignoreUnknown = true)
15+
@JsonInclude(JsonInclude.Include.NON_EMPTY)
16+
@JsonPropertyOrder({
17+
"requirement",
18+
"claims",
19+
"counterClaims",
20+
"conformance",
21+
"confidence"
22+
})
23+
public class AttestationMap
24+
{
25+
@JacksonXmlProperty(isAttribute = true, localName = "requirement")
26+
@JsonProperty("requirement")
27+
private String requirement;
28+
29+
private List<String> claims;
30+
31+
private List<String> counterClaims;
32+
33+
private Conformance conformance;
34+
35+
private Confidence confidence;
36+
37+
public String getRequirement() {
38+
return requirement;
39+
}
40+
41+
public void setRequirement(final String requirement) {
42+
this.requirement = requirement;
43+
}
44+
45+
@JacksonXmlElementWrapper(localName = "claims")
46+
@JacksonXmlProperty(localName = "claim")
47+
public List<String> getClaims() {
48+
return claims;
49+
}
50+
51+
public void setClaims(final List<String> claims) {
52+
this.claims = claims;
53+
}
54+
55+
@JacksonXmlElementWrapper(localName = "counterClaims")
56+
@JacksonXmlProperty(localName = "counterClaim")
57+
public List<String> getCounterClaims() {
58+
return counterClaims;
59+
}
60+
61+
public void setCounterClaims(final List<String> counterClaims) {
62+
this.counterClaims = counterClaims;
63+
}
64+
65+
public Conformance getConformance() {
66+
return conformance;
67+
}
68+
69+
public void setConformance(final Conformance conformance) {
70+
this.conformance = conformance;
71+
}
72+
73+
public Confidence getConfidence() {
74+
return confidence;
75+
}
76+
77+
public void setConfidence(final Confidence confidence) {
78+
this.confidence = confidence;
79+
}
80+
}

‎src/main/java/org/cyclonedx/model/attestation/Claim.java

+129
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,129 @@
1+
package org.cyclonedx.model.attestation;
2+
3+
import java.util.List;
4+
5+
import com.fasterxml.jackson.annotation.JsonIgnoreProperties;
6+
import com.fasterxml.jackson.annotation.JsonInclude;
7+
import com.fasterxml.jackson.annotation.JsonProperty;
8+
import com.fasterxml.jackson.annotation.JsonPropertyOrder;
9+
import com.fasterxml.jackson.dataformat.xml.annotation.JacksonXmlElementWrapper;
10+
import com.fasterxml.jackson.dataformat.xml.annotation.JacksonXmlProperty;
11+
import com.fasterxml.jackson.dataformat.xml.annotation.JacksonXmlRootElement;
12+
import org.cyclonedx.model.ExternalReference;
13+
import org.cyclonedx.model.Signature;
14+
15+
@JacksonXmlRootElement(localName = "claim")
16+
@JsonIgnoreProperties(ignoreUnknown = true)
17+
@JsonInclude(JsonInclude.Include.NON_EMPTY)
18+
@JsonPropertyOrder({
19+
"target",
20+
"predicate",
21+
"mitigationStrategies",
22+
"reasoning",
23+
"evidence",
24+
"counterEvidence",
25+
"externalReferences",
26+
"signature"
27+
})
28+
public class Claim
29+
{
30+
@JacksonXmlProperty(isAttribute = true, localName = "bom-ref")
31+
@JsonProperty("bom-ref")
32+
private String bomRef;
33+
34+
private String target;
35+
36+
private String predicate;
37+
38+
private List<String> mitigationStrategies;
39+
40+
private String reasoning;
41+
42+
private List<String> evidence;
43+
44+
private List<String> counterEvidence;
45+
46+
private List<ExternalReference> externalReferences;
47+
48+
private Signature signature;
49+
50+
public String getBomRef() {
51+
return bomRef;
52+
}
53+
54+
public void setBomRef(final String bomRef) {
55+
this.bomRef = bomRef;
56+
}
57+
58+
public String getTarget() {
59+
return target;
60+
}
61+
62+
public void setTarget(final String target) {
63+
this.target = target;
64+
}
65+
66+
public String getPredicate() {
67+
return predicate;
68+
}
69+
70+
public void setPredicate(final String predicate) {
71+
this.predicate = predicate;
72+
}
73+
74+
@JacksonXmlElementWrapper(localName = "mitigationStrategies")
75+
@JacksonXmlProperty(localName = "mitigationStrategy")
76+
public List<String> getMitigationStrategies() {
77+
return mitigationStrategies;
78+
}
79+
80+
public void setMitigationStrategies(final List<String> mitigationStrategies) {
81+
this.mitigationStrategies = mitigationStrategies;
82+
}
83+
84+
public String getReasoning() {
85+
return reasoning;
86+
}
87+
88+
public void setReasoning(final String reasoning) {
89+
this.reasoning = reasoning;
90+
}
91+
92+
@JacksonXmlElementWrapper(localName = "evidences")
93+
@JacksonXmlProperty(localName = "evidence")
94+
public List<String> getEvidence() {
95+
return evidence;
96+
}
97+
98+
public void setEvidence(final List<String> evidence) {
99+
this.evidence = evidence;
100+
}
101+
102+
@JacksonXmlElementWrapper(localName = "counterEvidences")
103+
@JacksonXmlProperty(localName = "counterEvidence")
104+
public List<String> getCounterEvidence() {
105+
return counterEvidence;
106+
}
107+
108+
public void setCounterEvidence(final List<String> counterEvidence) {
109+
this.counterEvidence = counterEvidence;
110+
}
111+
112+
@JacksonXmlElementWrapper(localName = "externalReferences")
113+
@JacksonXmlProperty(localName = "externalReference")
114+
public List<ExternalReference> getExternalReferences() {
115+
return externalReferences;
116+
}
117+
118+
public void setExternalReferences(final List<ExternalReference> externalReferences) {
119+
this.externalReferences = externalReferences;
120+
}
121+
122+
public Signature getSignature() {
123+
return signature;
124+
}
125+
126+
public void setSignature(final Signature signature) {
127+
this.signature = signature;
128+
}
129+
}

0 commit comments

Comments
 (0)
Please sign in to comment.