From ebcf4c2b6d3b89dea14925f02208b36f354b6eb1 Mon Sep 17 00:00:00 2001 From: Basil Hess Date: Wed, 25 Feb 2026 16:55:50 +0100 Subject: [PATCH 1/2] Adds custom fingerprints Signed-off-by: Basil Hess --- .../cyclonedx-cryptography-2.0.schema.json | 45 +++++++++++++++++-- 1 file changed, 41 insertions(+), 4 deletions(-) diff --git a/schema/2.0/model/cyclonedx-cryptography-2.0.schema.json b/schema/2.0/model/cyclonedx-cryptography-2.0.schema.json index 4792c4ed..7afb4a01 100644 --- a/schema/2.0/model/cyclonedx-cryptography-2.0.schema.json +++ b/schema/2.0/model/cyclonedx-cryptography-2.0.schema.json @@ -416,7 +416,7 @@ ] }, "fingerprint": { - "$ref": "cyclonedx-common-2.0.schema.json#/$defs/hash", + "$ref": "#/$defs/fingerprint", "title": "Certificate Fingerprint", "description": "The fingerprint is a cryptographic hash of the certificate excluding it's signature." }, @@ -718,9 +718,7 @@ "description": "The mechanism by which the cryptographic asset is secured by." }, "fingerprint": { - "$ref": "cyclonedx-common-2.0.schema.json#/$defs/hash", - "title": "Fingerprint", - "description": "The fingerprint is a cryptographic hash of the asset." + "$ref": "#/$defs/fingerprint" }, "relatedCryptographicAssets": { "$ref": "#/$defs/relatedCryptographicAssets" @@ -1119,6 +1117,45 @@ } } }, + "fingerprint": { + "type": "object", + "title": "Fingerprint", + "description": "The fingerprint is a cryptographic hash of the asset.", + "oneOf": [ + { + "title": "Standard Hash", + "description": "A fingerprint computed using a standard, well-known hash algorithm.", + "required": ["alg", "content"], + "additionalProperties": false, + "properties": { + "alg": { + "$ref": "cyclonedx-common-2.0.schema.json#/$defs/hashAlgorithm" + }, + "content": { + "$ref": "cyclonedx-common-2.0.schema.json#/$defs/hashValue" + } + } + }, + { + "title": "Custom Fingerprint", + "description": "A fingerprint computed with a custom or non-standard algorithm not covered by the standard hash algorithms.", + "required": ["customAlg", "customContent"], + "additionalProperties": false, + "properties": { + "customAlg": { + "type": "string", + "title": "Custom Fingerprint Algorithm", + "description": "The name of the custom algorithm used to compute the fingerprint." + }, + "customContent": { + "type": "string", + "title": "Custom Fingerprint Content", + "description": "The value of the fingerprint computed using the custom algorithm." + } + } + } + ] + }, "securedBy": { "type": "object", "title": "Secured By", From d54f9a0950de6b09e01d5f8ef6cea6f9021d99f1 Mon Sep 17 00:00:00 2001 From: Basil Hess Date: Thu, 21 May 2026 14:49:48 +0200 Subject: [PATCH 2/2] Add title/description to hash in common schema Signed-off-by: Basil Hess --- schema/2.0/model/cyclonedx-common-2.0.schema.json | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/schema/2.0/model/cyclonedx-common-2.0.schema.json b/schema/2.0/model/cyclonedx-common-2.0.schema.json index 5350c572..ae1b22fc 100644 --- a/schema/2.0/model/cyclonedx-common-2.0.schema.json +++ b/schema/2.0/model/cyclonedx-common-2.0.schema.json @@ -54,10 +54,14 @@ "additionalProperties": false, "properties": { "alg": { - "$ref": "#/$defs/hashAlgorithm" + "$ref": "#/$defs/hashAlgorithm", + "title": "Hash Algorithm", + "description": "The standard, well-known algorithm used to compute the hash." }, "content": { - "$ref": "#/$defs/hashValue" + "$ref": "#/$defs/hashValue", + "title": "Hash Value", + "description": "The value of the hash computed using the standard, well-known algorithm." } } },