Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
"Bom.serialNumber" data model can have values following the alternati…
…ve format allowed in CycloneDX XML (#278) * Fixed * "Bom.serialNumber" data model can have values following the alternative format allowed in CycloneDX XML ([#277] via [#278]) * `\CycloneDX\Core\Serialization\{DOM,JSON}\Normalizers\BomNormalizer::normalize()` now omits invalid/unsupported values for `serialNumber` ([#277] via [#278]) * Changed * `\CycloneDX\Core\Models\Bom::setSerialNumber()` no longer throws `\DomainException` when the value is of an unsupported format ([#277] via [#278]) This is considered a non-breaking behaviour change, because the corresponding normalizers assure valid data results. * Added * Bom serialNumber generator: `\CycloneDX\Core\Utils\BomUtility::randomSerialNumber()` ([#277] via [#278]) [#277]: #277 [#278]: #278 --------- Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com>
- Loading branch information
1 parent
72a5823
commit dc61f08
Showing
9 changed files
with
142 additions
and
32 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,55 @@ | ||
<?php | ||
|
||
declare(strict_types=1); | ||
|
||
/* | ||
* This file is part of CycloneDX PHP Library. | ||
* | ||
* Licensed under the Apache License, Version 2.0 (the "License"); | ||
* you may not use this file except in compliance with the License. | ||
* You may obtain a copy of the License at | ||
* | ||
* http://www.apache.org/licenses/LICENSE-2.0 | ||
* | ||
* Unless required by applicable law or agreed to in writing, software | ||
* distributed under the License is distributed on an "AS IS" BASIS, | ||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
* See the License for the specific language governing permissions and | ||
* limitations under the License. | ||
* | ||
* SPDX-License-Identifier: Apache-2.0 | ||
* Copyright (c) OWASP Foundation. All Rights Reserved. | ||
*/ | ||
|
||
namespace CycloneDX\Core\Utils; | ||
|
||
use Exception; | ||
|
||
/** | ||
* Utility regarding: | ||
* - {@see \CycloneDX\Core\Models\Bom}. | ||
* | ||
* @author jkowalleck | ||
*/ | ||
abstract class BomUtility | ||
{ | ||
/** | ||
* @throws Exception if an appropriate source of randomness cannot be found | ||
*/ | ||
public static function randomSerialNumber(): string | ||
{ | ||
return sprintf( | ||
'urn:uuid:%04x%04x-%04x-%04x-%04x-%04x%04x%04x', | ||
random_int(0, 0xFFFF), | ||
random_int(0, 0xFFFF), | ||
random_int(0, 0xFFFF), | ||
// UUID version 4 | ||
random_int(0, 0x0FFF) | 0x4000, | ||
// UUID version 4 variant 1 | ||
random_int(0, 0x3FFF) | 0x8000, | ||
random_int(0, 0xFFFF), | ||
random_int(0, 0xFFFF), | ||
random_int(0, 0xFFFF), | ||
); | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,47 @@ | ||
<?php | ||
|
||
declare(strict_types=1); | ||
|
||
/* | ||
* This file is part of CycloneDX PHP Library. | ||
* | ||
* Licensed under the Apache License, Version 2.0 (the "License"); | ||
* you may not use this file except in compliance with the License. | ||
* You may obtain a copy of the License at | ||
* | ||
* http://www.apache.org/licenses/LICENSE-2.0 | ||
* | ||
* Unless required by applicable law or agreed to in writing, software | ||
* distributed under the License is distributed on an "AS IS" BASIS, | ||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
* See the License for the specific language governing permissions and | ||
* limitations under the License. | ||
* | ||
* SPDX-License-Identifier: Apache-2.0 | ||
* Copyright (c) OWASP Foundation. All Rights Reserved. | ||
*/ | ||
|
||
namespace CycloneDX\Tests\Core\Utils; | ||
|
||
use CycloneDX\Core\Utils\BomUtility; | ||
use Generator; | ||
use PHPUnit\Framework\Attributes\CoversClass; | ||
use PHPUnit\Framework\Attributes\DataProvider; | ||
use PHPUnit\Framework\TestCase; | ||
|
||
#[CoversClass(BomUtility::class)] | ||
class BomUtilityTest extends TestCase | ||
{ | ||
#[DataProvider('dpRandomBomSerialNumberHasCorrectFormat')] | ||
public function testRandomSerialNumberHasCorrectFormat(string $pattern): void | ||
{ | ||
$serialNumber = BomUtility::randomSerialNumber(); | ||
self::assertMatchesRegularExpression($pattern, $serialNumber); | ||
} | ||
|
||
public static function dpRandomBomSerialNumberHasCorrectFormat(): Generator | ||
{ | ||
yield 'from XSD' => ['/^urn:uuid:[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$|^\\{[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}\\}$/']; | ||
yield 'from JSON schema' => ['/^urn:uuid:[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$/']; | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters