cyclonedx.model.signature

JSF (JSON Signature Format) signature-related classes.

Note

JSON-only. There is no XSD/XML equivalent for JSF signatures in CycloneDX.

Note

Introduced in CycloneDX v1.4

Note

See the JSF specification: https://cyberphone.github.io/doc/security/jsf.html See the CycloneDX Schema reference: https://cyclonedx.org/docs/1.4/json/#signature

Classes

JsfAlgorithm

Recognized JWA [RFC7518] and RFC8037 asymmetric/symmetric key algorithms for JSF signatures.

JsfKeyType

Key type indicator for a JSF public key.

JsfPublicKey

Public key object as defined by the JSF standard.

JsfSignature

JSF (JSON Signature Format) signature object — abstract base class.

JsfSimpleSignature

JSF simple signature object: signaturecore mode.

JsfSignatureSigners

Multiple-signers JSF signature: multisignature in the JSF schema.

JsfSignatureChain

Signature-chain JSF signature: signaturechain in the JSF schema.

Module Contents

class cyclonedx.model.signature.JsfAlgorithm

Bases: str, enum.Enum

Recognized JWA [RFC7518] and RFC8037 asymmetric/symmetric key algorithms for JSF signatures.

Note: Unlike RFC8037, JSF requires explicit Ed* algorithm names instead of “EdDSA”.

For proprietary algorithms, pass a URI string directly — the algorithm field on JsfSignature, JsfSignatureSigners, and JsfSignatureChain accepts both JsfAlgorithm enum values and arbitrary strings.

RS256 = 'RS256'
RS384 = 'RS384'
RS512 = 'RS512'
PS256 = 'PS256'
PS384 = 'PS384'
PS512 = 'PS512'
ES256 = 'ES256'
ES384 = 'ES384'
ES512 = 'ES512'
ED25519 = 'Ed25519'
ED448 = 'Ed448'
HS256 = 'HS256'
HS384 = 'HS384'
HS512 = 'HS512'
class cyclonedx.model.signature.JsfKeyType

Bases: str, enum.Enum

Key type indicator for a JSF public key.

EC = 'EC'
OKP = 'OKP'
RSA = 'RSA'
class cyclonedx.model.signature.JsfPublicKey(*, kty: JsfKeyType, crv: str | None = None, x: str | None = None, y: str | None = None, n: str | None = None, e: str | None = None)

Public key object as defined by the JSF standard.

Supports three key types (determined by kty):

  • EC: requires crv, x, y

  • OKP: requires crv, x

  • RSA: requires n, e

kty
crv = None
x = None
y = None
n = None
e = None
class cyclonedx.model.signature.JsfSignature

JSF (JSON Signature Format) signature object — abstract base class.

The JSF specification defines three mutually exclusive signature modes, each represented by a separate concrete class:

Note

JSON-only. There is no XSD/XML equivalent in any CycloneDX schema version.

Note

Introduced in CycloneDX v1.4

class cyclonedx.model.signature.JsfSimpleSignature(*, algorithm: JsfAlgorithm | str, value: str, key_id: str | None = None, public_key: JsfPublicKey | None = None, certificate_path: list[str] | None = None, excludes: list[str] | None = None)

Bases: JsfSignature

JSF simple signature object: signaturecore mode.

Represents a single signature with required algorithm and value, plus optional key_id, public_key, certificate_path, and excludes.

algorithm
value
key_id = None
public_key = None
certificate_path
excludes
class cyclonedx.model.signature.JsfSignatureSigners(*, signers: list[JsfSimpleSignature])

Bases: JsfSignature

Multiple-signers JSF signature: multisignature in the JSF schema.

Contains a list of JsfSimpleSignature objects serialized under the signers key.

signers
class cyclonedx.model.signature.JsfSignatureChain(*, chain: list[JsfSimpleSignature])

Bases: JsfSignature

Signature-chain JSF signature: signaturechain in the JSF schema.

Contains a list of JsfSimpleSignature objects serialized under the chain key.

chain