diff --git a/tools/src/test/js/json-schema-functional-tests.js b/tools/src/test/js/json-schema-functional-tests.js index 9dc1625c..032557af 100644 --- a/tools/src/test/js/json-schema-functional-tests.js +++ b/tools/src/test/js/json-schema-functional-tests.js @@ -10,7 +10,6 @@ import {dirname, join} from 'node:path' import {fileURLToPath} from 'node:url' import {parseArgs} from 'node:util' -import Ajv from "ajv" import addFormats from "ajv-formats" import addFormats2019 from "ajv-formats-draft2019" import {globSync} from 'glob' @@ -22,7 +21,10 @@ const _thisDir = dirname(fileURLToPath(import.meta.url)) const testschemaVersion = (parseArgs({options: {v: {type: 'string', short: 'v'}}}).values.v ?? '').trim() const schemaDir = join(_thisDir, '..', '..', '..', '..', 'schema') -const schemaFile = join(schemaDir, `bom-${testschemaVersion}.schema.json`) +// 2.0 uses bundled schema (draft 2020-12, no external $refs); 1.x uses schema/bom-.schema.json +const schemaFile = testschemaVersion === '2.0' + ? join(schemaDir, '2.0', 'cyclonedx-2.0-bundled.schema.json') + : join(schemaDir, `bom-${testschemaVersion}.schema.json`) const testdataDir = join(_thisDir, '..', 'resources', testschemaVersion) if (testschemaVersion.length === 0) { @@ -44,6 +46,11 @@ console.debug('DEBUG | testdataDir = ', testdataDir); // region validator +// 2.0 schema uses draft 2020-12; 1.x use draft-07. Use the matching Ajv build. +const Ajv = testschemaVersion === '2.0' + ? (await import('ajv/dist/2020.js')).default + : (await import('ajv')).default + const [spdxSchema, jsfSchema, cryptoDefsSchema, bomSchema] = await Promise.all([ readFile(join(schemaDir, 'spdx.schema.json'), 'utf-8').then(JSON.parse), readFile(join(schemaDir, 'jsf-0.82.schema.json'), 'utf-8').then(JSON.parse), @@ -51,17 +58,24 @@ const [spdxSchema, jsfSchema, cryptoDefsSchema, bomSchema] = await Promise.all([ readFile(schemaFile, 'utf-8').then(JSON.parse) ]) +// Register each ref schema under both http and https so refs resolve regardless of base $id scheme. +const schemasObj = { + 'http://cyclonedx.org/schema/spdx.schema.json': spdxSchema, + 'https://cyclonedx.org/schema/spdx.schema.json': spdxSchema, + 'http://cyclonedx.org/schema/jsf-0.82.schema.json': jsfSchema, + 'https://cyclonedx.org/schema/jsf-0.82.schema.json': jsfSchema, + 'http://cyclonedx.org/schema/cryptography-defs.schema.json': cryptoDefsSchema, + 'https://cyclonedx.org/schema/cryptography-defs.schema.json': cryptoDefsSchema, +} const ajv = new Ajv({ // not running in strict - this is done in the linter-test already strict: false, validateFormats: true, addUsedSchema: false, - schemas: { - 'http://cyclonedx.org/schema/spdx.schema.json': spdxSchema, - 'http://cyclonedx.org/schema/jsf-0.82.schema.json': jsfSchema, - 'http://cyclonedx.org/schema/cryptography-defs.schema.json': cryptoDefsSchema, - } -}); + // Disable schema meta-validation for 2.0 harness to allow draft-07 referenced schemas to be registered under Ajv2020. + ...(testschemaVersion === '2.0' && { validateSchema: false }), + schemas: schemasObj +}) addFormats(ajv) addFormats2019(ajv, {formats: ['idn-email']}) // there is just no working implementation for format "iri-reference" diff --git a/tools/src/test/js/package.json b/tools/src/test/js/package.json index d1c7dddf..b85b3b0a 100644 --- a/tools/src/test/js/package.json +++ b/tools/src/test/js/package.json @@ -18,6 +18,7 @@ "test": "run-s test:\\*", "test:json-schema-lint": "node -- json-schema-lint-tests.js", "test:json-schema-functional": "run-s test:json-schema-functional:\\*", + "test:json-schema-functional:2.0": "node -- json-schema-functional-tests.js -v 2.0", "test:json-schema-functional:1.7": "node -- json-schema-functional-tests.js -v 1.7", "test:json-schema-functional:1.6": "node -- json-schema-functional-tests.js -v 1.6", "test:json-schema-functional:1.5": "node -- json-schema-functional-tests.js -v 1.5", diff --git a/tools/src/test/resources/2.0/valid-cryptography-certificate-2.0.json b/tools/src/test/resources/2.0/valid-cryptography-certificate-2.0.json index 71b3ec8c..f1ea2cfc 100644 --- a/tools/src/test/resources/2.0/valid-cryptography-certificate-2.0.json +++ b/tools/src/test/resources/2.0/valid-cryptography-certificate-2.0.json @@ -62,7 +62,7 @@ "algorithmProperties": { "primitive": "signature", "executionEnvironment": "software-plain-ram", - "implementationPlatform": "x86_64", + "implementationPlatform": ["x86_64"], "certificationLevel": [ "none" ], @@ -120,7 +120,7 @@ "algorithmFamily": "RSAES-OAEP", "parameterSetIdentifier": "2048", "executionEnvironment": "software-plain-ram", - "implementationPlatform": "x86_64", + "implementationPlatform": ["x86_64"], "certificationLevel": [ "none" ], diff --git a/tools/src/test/resources/2.0/valid-cryptography-certificate-advanced-2.0.json b/tools/src/test/resources/2.0/valid-cryptography-certificate-advanced-2.0.json index 1ac4dbee..0bcf6589 100644 --- a/tools/src/test/resources/2.0/valid-cryptography-certificate-advanced-2.0.json +++ b/tools/src/test/resources/2.0/valid-cryptography-certificate-advanced-2.0.json @@ -183,7 +183,7 @@ "algorithmProperties": { "primitive": "signature", "executionEnvironment": "software-plain-ram", - "implementationPlatform": "x86_64", + "implementationPlatform": ["x86_64"], "padding": "pkcs1v15", "cryptoFunctions": [ "sign", @@ -203,7 +203,7 @@ "primitive": "signature", "ellipticCurve": "secg/secp256r1", "executionEnvironment": "software-plain-ram", - "implementationPlatform": "x86_64", + "implementationPlatform": ["x86_64"], "certificationLevel": ["fips140-3-l1"], "cryptoFunctions": [ "sign", @@ -231,7 +231,7 @@ "updateDate": "2024-01-10T15:45:30Z", "securedBy": { "mechanism": "HSM", - "algorithmRef": "aes-256-gcm-ref" + "algorithmRef": ["aes-256-gcm-ref"] }, "fingerprint": { "alg": "SHA-256", @@ -265,7 +265,7 @@ "expirationDate": "2025-01-01T23:59:59Z", "securedBy": { "mechanism": "HSM", - "algorithmRef": "aes-256-gcm-ref" + "algorithmRef": ["aes-256-gcm-ref"] }, "fingerprint": { "alg": "SHA-256", diff --git a/tools/src/test/resources/2.0/valid-cryptography-full-2.0.json b/tools/src/test/resources/2.0/valid-cryptography-full-2.0.json index edb1a40b..d4027365 100644 --- a/tools/src/test/resources/2.0/valid-cryptography-full-2.0.json +++ b/tools/src/test/resources/2.0/valid-cryptography-full-2.0.json @@ -17,7 +17,7 @@ "parameterSetIdentifier": "160", "ellipticCurve": "brainpool/brainpoolP160r1", "executionEnvironment": "software-plain-ram", - "implementationPlatform": "x86_64", + "implementationPlatform": ["x86_64"], "certificationLevel": ["fips140-3-l4"], "cryptoFunctions": [ "keygen", @@ -40,7 +40,7 @@ "algorithmFamily": "RSASSA-PKCS1", "parameterSetIdentifier": "2048", "executionEnvironment": "software-plain-ram", - "implementationPlatform": "x86_64", + "implementationPlatform": ["x86_64"], "certificationLevel": ["fips140-3-l1"], "padding": "pkcs1v15", "cryptoFunctions": ["sign", "verify"], @@ -61,7 +61,7 @@ "parameterSetIdentifier": "256", "mode": "gcm", "executionEnvironment": "software-plain-ram", - "implementationPlatform": "x86_64", + "implementationPlatform": ["x86_64"], "certificationLevel": ["fips140-3-l1"], "cryptoFunctions": ["keygen", "encrypt", "decrypt", "tag"], "classicalSecurityLevel": 256, @@ -81,7 +81,7 @@ "algorithmFamily": "SHA-2", "parameterSetIdentifier": "256", "executionEnvironment": "software-plain-ram", - "implementationPlatform": "x86_64", + "implementationPlatform": ["x86_64"], "certificationLevel": ["fips140-3-l1"], "cryptoFunctions": ["digest"] }, @@ -99,7 +99,7 @@ "algorithmFamily": "SHA-2", "parameterSetIdentifier": "384", "executionEnvironment": "software-plain-ram", - "implementationPlatform": "x86_64", + "implementationPlatform": ["x86_64"], "certificationLevel": ["fips140-3-l1"], "cryptoFunctions": ["digest"] }, @@ -118,7 +118,7 @@ "parameterSetIdentifier": "128", "mode": "gcm", "executionEnvironment": "software-plain-ram", - "implementationPlatform": "x86_64", + "implementationPlatform": ["x86_64"], "certificationLevel": ["fips140-3-l1"], "cryptoFunctions": ["keygen", "encrypt", "decrypt", "tag"], "classicalSecurityLevel": 128, @@ -137,7 +137,7 @@ "primitive": "ae", "algorithmFamily": "ChaCha20", "executionEnvironment": "software-plain-ram", - "implementationPlatform": "x86_64", + "implementationPlatform": ["x86_64"], "certificationLevel": ["none"], "cryptoFunctions": ["keygen", "encrypt", "decrypt", "tag"], "classicalSecurityLevel": 256, @@ -156,7 +156,7 @@ "primitive": "key-agree", "algorithmFamily": "FFDH", "executionEnvironment": "software-plain-ram", - "implementationPlatform": "x86_64", + "implementationPlatform": ["x86_64"], "certificationLevel": ["fips140-3-l1"], "cryptoFunctions": ["keygen", "keyderive"] }, @@ -174,7 +174,7 @@ "algorithmFamily": "ECDSA", "ellipticCurve": "secg/secp256r1", "executionEnvironment": "software-plain-ram", - "implementationPlatform": "x86_64", + "implementationPlatform": ["x86_64"], "certificationLevel": ["fips140-3-l1"], "cryptoFunctions": ["sign", "verify"] }, @@ -192,7 +192,7 @@ "algorithmFamily": "RSAES-OAEP", "parameterSetIdentifier": "4096", "executionEnvironment": "software-plain-ram", - "implementationPlatform": "x86_64", + "implementationPlatform": ["x86_64"], "certificationLevel": ["fips140-3-l1"], "padding": "oaep", "cryptoFunctions": ["keygen", "encrypt", "decrypt"] @@ -219,7 +219,7 @@ "format": "PEM", "securedBy": { "mechanism": "HSM", - "algorithmRef": "algorithm-aes-256-gcm" + "algorithmRef": ["algorithm-aes-256-gcm"] }, "fingerprint": { "alg": "SHA-256", diff --git a/tools/src/test/resources/2.0/valid-cryptography-implementation-2.0.json b/tools/src/test/resources/2.0/valid-cryptography-implementation-2.0.json index 8a5df364..eaf05020 100644 --- a/tools/src/test/resources/2.0/valid-cryptography-implementation-2.0.json +++ b/tools/src/test/resources/2.0/valid-cryptography-implementation-2.0.json @@ -24,7 +24,7 @@ "parameterSetIdentifier": "128", "mode": "gcm", "executionEnvironment": "software-plain-ram", - "implementationPlatform": "x86_64", + "implementationPlatform": ["x86_64"], "certificationLevel": ["none"], "cryptoFunctions": [ "keygen", @@ -48,7 +48,7 @@ "primitive": "signature", "parameterSetIdentifier": "512", "executionEnvironment": "software-plain-ram", - "implementationPlatform": "x86_64", + "implementationPlatform": ["x86_64"], "certificationLevel": ["none"], "cryptoFunctions": [ "sign", @@ -70,7 +70,7 @@ "ellipticCurve": "secg/secp521r1", "primitive": "key-agree", "executionEnvironment": "software-plain-ram", - "implementationPlatform": "x86_64", + "implementationPlatform": ["x86_64"], "certificationLevel": ["none"], "cryptoFunctions": [ "keygen", @@ -91,7 +91,7 @@ "algorithmFamily": "ML-KEM", "primitive": "kem", "executionEnvironment": "software-plain-ram", - "implementationPlatform": "x86_64", + "implementationPlatform": ["x86_64"], "certificationLevel": ["none"], "cryptoFunctions": [ "keygen", @@ -111,7 +111,7 @@ "algorithmProperties": { "primitive": "combiner", "executionEnvironment": "software-plain-ram", - "implementationPlatform": "x86_64", + "implementationPlatform": ["x86_64"], "certificationLevel": ["none"], "cryptoFunctions": [ "keygen",