Correcting optional state for crypto assetType

Signed-off-by: Steve Springett <steve@springett.us>
CycloneDX · Apr 6, 2024 · 2bb8bae · 2bb8bae
1 parent f34a832
commit 2bb8bae
Show file tree

Hide file tree

Showing 3 changed files with 5 additions and 2 deletions.
diff --git a/schema/bom-1.6.proto b/schema/bom-1.6.proto
@@ -2188,7 +2188,7 @@ message CryptoProperties {
     optional Ikev2TransformTypes ikev2TransformTypes = 4;
   } // end of ProtocolProperties
   // Cryptographic assets occur in several forms. Algorithms and protocols are most commonly implemented in specialized cryptographic libraries. They may, however, also be 'hardcoded' in software components. Certificates and related cryptographic material like keys, tokens, secrets or passwords are other cryptographic assets to be modelled.
-  optional CryptoAssetType assetType = 1;
+  CryptoAssetType assetType = 1;
   // Additional properties specific to a cryptographic algorithm.
   optional AlgorithmProperties algorithmProperties = 2;
   // Properties for cryptographic assets of asset type 'certificate'

diff --git a/schema/bom-1.6.schema.json b/schema/bom-1.6.schema.json
@@ -5020,6 +5020,9 @@
       "title": "Cryptographic Properties",
       "description": "Cryptographic assets have properties that uniquely define them and that make them actionable for further reasoning. As an example, it makes a difference if one knows the algorithm family (e.g. AES) or the specific variant or instantiation (e.g. AES-128-GCM). This is because the security level and the algorithm primitive (authenticated encryption) are only defined by the definition of the algorithm variant. The presence of a weak cryptographic algorithm like SHA1 vs. HMAC-SHA1 also makes a difference.",
       "additionalProperties": false,
+      "required": [
+        "assetType"
+      ],
       "properties": {
         "assetType": {
           "type": "string",

diff --git a/schema/bom-1.6.xsd b/schema/bom-1.6.xsd
@@ -6176,7 +6176,7 @@ limitations under the License.
             </xs:documentation>
         </xs:annotation>
         <xs:sequence>
-            <xs:element name="assetType" minOccurs="0" maxOccurs="1">
+            <xs:element name="assetType" minOccurs="1" maxOccurs="1">
                 <xs:annotation>
                     <xs:documentation>
                         Cryptographic assets occur in several forms. Algorithms and protocols are most commonly