From 2263497729a605aae5ad7e6df2db3255892639e1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Nicklas=20K=C3=B6rtge?= Date: Fri, 20 Sep 2024 08:46:22 +0200 Subject: [PATCH] add updated keycloak cbom MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Nicklas Körtge --- frontend/resources/keycloak-cbom.json | 2396 +++++++++++++++++-------- 1 file changed, 1655 insertions(+), 741 deletions(-) diff --git a/frontend/resources/keycloak-cbom.json b/frontend/resources/keycloak-cbom.json index ef9f43dfc..6924c490d 100644 --- a/frontend/resources/keycloak-cbom.json +++ b/frontend/resources/keycloak-cbom.json @@ -1,815 +1,1729 @@ { - "bomFormat": "CycloneDX", - "specVersion": "1.6", - "serialNumber": "urn:uuid:3bf5a4a0-c24c-420c-a7c4-1af0840c8f1b", - "version": 1, - "metadata": { - "timestamp": "2024-07-11T13:07:30Z", - "tools": { - "services": [ - { - "provider": { - "name": "IBM Research" - }, - "name": "SonarQube Crypto Scanner Plugin" - } - ] - }, - "properties": [ - { - "name": "git-url", - "value": "https://github.com/keycloak/keycloak" - }, - { - "name": "git-branch", - "value": "main" - }, + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "serialNumber": "urn:uuid:8614bce1-98c4-492f-9fe5-eae3d7560826", + "version": 1, + "metadata": { + "timestamp": "2024-09-20T06:42:08Z", + "tools": { + "services": [ { - "name": "commit", - "value": "d5041816b67d9662dfaaa284940e3965bd579dd5" - }, - { - "name": "purl", - "value": "pkg:github/keycloak/keycloak" - }, - { - "name": "purl", - "value": "pkg:maven/org.keycloak/keycloak-core" + "provider": { + "name": "IBM" + }, + "name": "Sonar Cryptography Plugin", + "version": "1.3.0" } ] }, - "components": [ + "properties": [ { - "name": "sha-256", - "evidence": { - "occurrences": [ - { - "location": "server-spi-private/src/main/java/org/keycloak/broker/provider/AbstractIdentityProvider.java", - "line": 118, - "offset": 17, - "additionalContext": "java.security.MessageDigest#getInstance(Ljava/lang/String;)Ljava/security/MessageDigest;" - }, - { - "location": "server-spi-private/src/main/java/org/keycloak/models/utils/KeycloakModelUtils.java", - "line": 150, - "offset": 32, - "additionalContext": "javax.crypto.spec.SecretKeySpec#([BLjava/lang/String;)V" - }, - { - "location": "testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/util/MutualTLSUtils.java", - "line": 138, - "offset": 31, - "additionalContext": "java.security.MessageDigest#getInstance(Ljava/lang/String;)Ljava/security/MessageDigest;" - }, - { - "location": "services/src/main/java/org/keycloak/protocol/docker/DockerKeyIdentifier.java", - "line": 37, - "offset": 41, - "additionalContext": "java.security.MessageDigest#getInstance(Ljava/lang/String;)Ljava/security/MessageDigest;" - }, - { - "location": "services/src/main/java/org/keycloak/protocol/oid4vc/issuance/signing/vcdm/Ed255192018Suite.java", - "line": 121, - "offset": 31, - "additionalContext": "java.security.MessageDigest#getInstance(Ljava/lang/String;)Ljava/security/MessageDigest;" - }, - { - "location": "services/src/main/java/org/keycloak/protocol/oidc/utils/PkceUtils.java", - "line": 49, - "offset": 27, - "additionalContext": "java.security.MessageDigest#getInstance(Ljava/lang/String;)Ljava/security/MessageDigest;" - }, - { - "location": "services/src/main/java/org/keycloak/protocol/oidc/mappers/SHA256PairwiseSubMapper.java", - "line": 88, - "offset": 21, - "additionalContext": "java.security.MessageDigest#getInstance(Ljava/lang/String;)Ljava/security/MessageDigest;" - }, - { - "location": "services/src/main/java/org/keycloak/protocol/oidc/par/endpoints/AbstractParEndpoint.java", - "line": 85, - "offset": 19, - "additionalContext": "java.security.MessageDigest#getInstance(Ljava/lang/String;)Ljava/security/MessageDigest;" - }, - { - "location": "services/src/main/java/org/keycloak/services/clientpolicy/executor/PKCEEnforcerExecutor.java", - "line": 230, - "offset": 27, - "additionalContext": "java.security.MessageDigest#getInstance(Ljava/lang/String;)Ljava/security/MessageDigest;" - }, - { - "location": "services/src/main/java/org/keycloak/services/util/MtlsHoKTokenUtil.java", - "line": 114, - "offset": 27, - "additionalContext": "java.security.MessageDigest#getInstance(Ljava/lang/String;)Ljava/security/MessageDigest;" - }, - { - "location": "services/src/main/java/org/keycloak/services/resources/IdentityBrokerService.java", - "line": 256, - "offset": 25, - "additionalContext": "java.security.MessageDigest#getInstance(Ljava/lang/String;)Ljava/security/MessageDigest;" - }, - { - "location": "services/src/main/java/org/keycloak/services/resources/account/LinkedAccountsResource.java", - "line": 170, - "offset": 31, - "additionalContext": "java.security.MessageDigest#getInstance(Ljava/lang/String;)Ljava/security/MessageDigest;" - }, - { - "location": "operator/src/main/java/org/keycloak/operator/controllers/WatchedResources.java", - "line": 88, - "offset": 32, - "additionalContext": "java.security.MessageDigest#getInstance(Ljava/lang/String;)Ljava/security/MessageDigest;" - } - ] - }, - "cryptoProperties": { - "assetType": "algorithm", - "algorithmProperties": { - "primitive": "hash", - "parameterSetIdentifier": "256", - "cryptoFunctions": [ - "digest" - ] - }, - "oid": "2.16.840.1.101.3.4.2.1" - }, - "type": "cryptographic-asset", - "bom-ref": "44f6d637-9887-4ee4-aa9e-40146de580ed" + "name": "git-url", + "value": "https://github.com/keycloak/keycloak" }, { - "name": "ed25519-curve25519", - "evidence": { - "occurrences": [ - { - "location": "testsuite/integration-arquillian/servers/auth-server/services/testsuite-providers/src/main/java/org/keycloak/testsuite/rest/resource/TestingOIDCEndpointsApplicationResource.java", - "line": 159, - "offset": 47 - } - ] - }, - "cryptoProperties": { - "assetType": "algorithm", - "algorithmProperties": { - "primitive": "other", - "cryptoFunctions": [ - "keygen" - ] - } - }, - "type": "cryptographic-asset", - "bom-ref": "76589dfb-cf85-4e17-ba8c-ee38c05518af" + "name": "git-branch", + "value": "main" }, { - "name": "rsa-2048", - "evidence": { - "occurrences": [ - { - "location": "core/src/main/java/org/keycloak/jose/jwk/AbstractJWKParser.java", - "line": 107, - "offset": 28, - "additionalContext": "java.security.KeyFactory#getInstance(Ljava/lang/String;)Ljava/security/KeyFactory;" - }, - { - "location": "saml-core-api/src/main/java/org/keycloak/dom/xmlsec/w3/xmldsig/RSAKeyValueType.java", - "line": 103, - "offset": 39, - "additionalContext": "java.security.KeyFactory#getInstance(Ljava/lang/String;)Ljava/security/KeyFactory;" - }, - { - "location": "saml-core-api/src/main/java/org/keycloak/dom/xmlsec/w3/xmldsig/RSAKeyValueType.java", - "line": 122, - "offset": 39, - "additionalContext": "java.security.KeyFactory#getInstance(Ljava/lang/String;)Ljava/security/KeyFactory;" - } - ] - }, - "cryptoProperties": { - "assetType": "algorithm", - "algorithmProperties": { - "primitive": "pke", - "parameterSetIdentifier": "2048", - "cryptoFunctions": [ - "keygen" - ] - }, - "oid": "1.2.840.113549.1.1.1" - }, - "type": "cryptographic-asset", - "bom-ref": "aa7c53e9-036a-4d36-a5e1-1d1678071e5c" + "name": "commit", + "value": "fa08cef8ef2a9a859ed96aa86fdb68acc8e01872" }, { - "name": "aes-128", - "evidence": { - "occurrences": [ - { - "location": "core/src/main/java/org/keycloak/jose/jwe/enc/AesCbcHmacShaEncryptionProvider.java", - "line": 169, - "offset": 31, - "additionalContext": "javax.crypto.spec.SecretKeySpec#([BLjava/lang/String;)V" - }, - { - "location": "core/src/main/java/org/keycloak/jose/jwe/enc/AesGcmEncryptionProvider.java", - "line": 152, - "offset": 31, - "additionalContext": "javax.crypto.spec.SecretKeySpec#([BLjava/lang/String;)V" - }, - { - "location": "saml-core/src/main/java/org/keycloak/saml/BaseSAML2BindingBuilder.java", - "line": 288, - "offset": 34, - "additionalContext": "javax.crypto.spec.SecretKeySpec#([BLjava/lang/String;)V" - } - ] - }, - "cryptoProperties": { - "assetType": "algorithm", - "algorithmProperties": { - "primitive": "block-cipher", - "parameterSetIdentifier": "128", - "cryptoFunctions": [ - "keygen" - ] - }, - "oid": "2.16.840.1.101.3.4.1" - }, - "type": "cryptographic-asset", - "bom-ref": "1b0fa63b-811a-4fe0-b72c-7a460dbe81bb" + "name": "purl", + "value": "pkg:github/keycloak/keycloak" }, { - "name": "raw", - "evidence": { - "occurrences": [ - { - "location": "server-spi/src/main/java/org/keycloak/models/utils/HmacOTP.java", - "line": 159, - "offset": 35, - "additionalContext": "javax.crypto.spec.SecretKeySpec#([BLjava/lang/String;)V" - } - ] - }, - "cryptoProperties": { - "assetType": "algorithm", - "algorithmProperties": { - "primitive": "other", - "cryptoFunctions": [ - "keygen" - ] + "name": "purl", + "value": "pkg:maven/org.keycloak/keycloak-core" + } + ] + }, + "components": [ + { + "type": "cryptographic-asset", + "bom-ref": "b131d8b5-90a5-494f-b969-0ee233bd2531", + "name": "ECDH", + "evidence": { + "occurrences": [ + { + "line": 208, + "offset": 36, + "additionalContext": "javax.crypto.KeyAgreement#getInstance(Ljava/lang/String;)Ljavax/crypto/KeyAgreement;", + "location": "crypto/default/src/main/java/org/keycloak/crypto/def/BCEcdhEsAlgorithmProvider.java" + }, + { + "line": 183, + "offset": 36, + "additionalContext": "javax.crypto.KeyAgreement#getInstance(Ljava/lang/String;)Ljavax/crypto/KeyAgreement;", + "location": "crypto/elytron/src/main/java/org/keycloak/crypto/elytron/ElytronEcdhEsAlgorithmProvider.java" } - }, - "type": "cryptographic-asset", - "bom-ref": "a4b73cef-8673-4bbd-a5e3-9c42e87c5fd5" + ] }, - { - "name": "key:hmacsha2", - "evidence": { - "occurrences": [ - { - "location": "core/src/main/java/org/keycloak/jose/jwe/enc/AesCbcHmacShaEncryptionProvider.java", - "line": 170, - "offset": 32, - "additionalContext": "javax.crypto.spec.SecretKeySpec#([BLjava/lang/String;)V" - } - ] + "cryptoProperties": { + "assetType": "algorithm", + "algorithmProperties": { + "primitive": "key-agree" }, - "cryptoProperties": { - "assetType": "related-crypto-material", - "relatedCryptoMaterialProperties": { - "type": "secret-key" + "oid": "1.3.132.1.12" + } + }, + { + "type": "cryptographic-asset", + "bom-ref": "f85ecceb-aa1b-4a7e-b76e-deae546e93a2", + "name": "key@f85ecceb-aa1b-4a7e-b76e-deae546e93a2", + "evidence": { + "occurrences": [ + { + "line": 52, + "offset": 38, + "additionalContext": "java.security.KeyPairGenerator#getInstance(Ljava/lang/String;)Ljava/security/KeyPairGenerator;", + "location": "services/src/main/java/org/keycloak/keys/AbstractEcKeyProviderFactory.java" } - }, - "type": "cryptographic-asset", - "bom-ref": "885ad206-72d0-469b-968a-f56f906cbe84" + ] }, - { - "name": "aes-128-cbc-pkcs5", - "evidence": { - "occurrences": [ - { - "location": "crypto/elytron/src/main/java/org/keycloak/crypto/elytron/WildFlyElytronProvider.java", - "line": 131, - "offset": 15, - "additionalContext": "javax.crypto.Cipher#getInstance(Ljava/lang/String;)Ljavax/crypto/Cipher;" - } - ] - }, - "cryptoProperties": { - "assetType": "algorithm", - "algorithmProperties": { - "primitive": "block-cipher", - "parameterSetIdentifier": "128", - "padding": "pkcs5" - }, - "oid": "2.16.840.1.101.3.4.1.2" - }, - "type": "cryptographic-asset", - "bom-ref": "73cfa0a5-5090-4ce0-9d35-dea6c89a2fa5" + "cryptoProperties": { + "assetType": "related-crypto-material", + "relatedCryptoMaterialProperties": { + "type": "secret-key" + } + } + }, + { + "type": "cryptographic-asset", + "bom-ref": "1e1a85de-dc1a-4f7f-bdc9-52ca7d3de503", + "name": "key@1e1a85de-dc1a-4f7f-bdc9-52ca7d3de503", + "evidence": { + "occurrences": [ + { + "line": 115, + "offset": 28, + "additionalContext": "java.security.KeyFactory#getInstance(Ljava/lang/String;)Ljava/security/KeyFactory;", + "location": "services/src/main/java/org/keycloak/keys/AbstractGeneratedEcKeyProviderFactory.java" + } + ] }, - { - "name": "ec-secp521r1", - "evidence": { - "occurrences": [ - { - "location": "testsuite/integration-arquillian/servers/auth-server/services/testsuite-providers/src/main/java/org/keycloak/testsuite/rest/resource/TestingOIDCEndpointsApplicationResource.java", - "line": 152, - "offset": 47 - } - ] - }, - "cryptoProperties": { - "assetType": "algorithm", - "algorithmProperties": { - "primitive": "other", - "cryptoFunctions": [ - "keygen" - ] + "cryptoProperties": { + "assetType": "related-crypto-material", + "relatedCryptoMaterialProperties": { + "type": "secret-key" + } + } + }, + { + "type": "cryptographic-asset", + "bom-ref": "3a060871-3eb0-41d0-a942-8203a9552fb5", + "name": "SHA1", + "evidence": { + "occurrences": [ + { + "line": 45, + "offset": 41, + "additionalContext": "java.security.MessageDigest#getInstance(Ljava/lang/String;)Ljava/security/MessageDigest;", + "location": "server-spi-private/src/main/java/org/keycloak/protocol/saml/util/ArtifactBindingUtils.java" + }, + { + "line": 334, + "offset": 21, + "additionalContext": "java.security.MessageDigest#getInstance(Ljava/lang/String;)Ljava/security/MessageDigest;", + "location": "federation/sssd/src/main/java/org/freedesktop/dbus/connections/SASL.java" + }, + { + "line": 378, + "offset": 17, + "additionalContext": "java.security.MessageDigest#getInstance(Ljava/lang/String;)Ljava/security/MessageDigest;", + "location": "federation/sssd/src/main/java/org/freedesktop/dbus/connections/SASL.java" } - }, - "type": "cryptographic-asset", - "bom-ref": "77b30a00-036b-4369-9d5e-f303412f8b2b" + ] }, - { - "name": "key:hmacsha256", - "evidence": { - "occurrences": [ - { - "location": "server-spi-private/src/main/java/org/keycloak/models/utils/KeycloakModelUtils.java", - "line": 150, - "offset": 32, - "additionalContext": "javax.crypto.spec.SecretKeySpec#([BLjava/lang/String;)V" - } + "cryptoProperties": { + "assetType": "algorithm", + "algorithmProperties": { + "primitive": "hash", + "parameterSetIdentifier": "160", + "cryptoFunctions": [ + "digest" ] - }, - "cryptoProperties": { - "assetType": "related-crypto-material", - "relatedCryptoMaterialProperties": { - "type": "secret-key" + } + } + }, + { + "type": "cryptographic-asset", + "bom-ref": "a74b6486-bfa0-43c4-b9b4-8c2f3b013016", + "name": "key@a74b6486-bfa0-43c4-b9b4-8c2f3b013016", + "evidence": { + "occurrences": [ + { + "line": 122, + "offset": 39, + "additionalContext": "java.security.KeyFactory#getInstance(Ljava/lang/String;)Ljava/security/KeyFactory;", + "location": "saml-core-api/src/main/java/org/keycloak/dom/xmlsec/w3/xmldsig/RSAKeyValueType.java" } - }, - "type": "cryptographic-asset", - "bom-ref": "c68af103-0d1b-4203-833e-65d676b78021" + ] }, - { - "name": "key:aes", - "evidence": { - "occurrences": [ - { - "location": "core/src/main/java/org/keycloak/jose/jwe/enc/AesCbcHmacShaEncryptionProvider.java", - "line": 169, - "offset": 31, - "additionalContext": "javax.crypto.spec.SecretKeySpec#([BLjava/lang/String;)V" - }, - { - "location": "core/src/main/java/org/keycloak/jose/jwe/enc/AesGcmEncryptionProvider.java", - "line": 152, - "offset": 31, - "additionalContext": "javax.crypto.spec.SecretKeySpec#([BLjava/lang/String;)V" - }, - { - "location": "saml-core/src/main/java/org/keycloak/saml/BaseSAML2BindingBuilder.java", - "line": 288, - "offset": 34, - "additionalContext": "javax.crypto.spec.SecretKeySpec#([BLjava/lang/String;)V" - } - ] - }, - "cryptoProperties": { - "assetType": "related-crypto-material", - "relatedCryptoMaterialProperties": { - "type": "secret-key" + "cryptoProperties": { + "assetType": "related-crypto-material", + "relatedCryptoMaterialProperties": { + "type": "secret-key" + } + } + }, + { + "type": "cryptographic-asset", + "bom-ref": "c2b31aa1-016f-4337-b379-ec987f0d6e44", + "name": "EC-secp521r1", + "evidence": { + "occurrences": [ + { + "line": 152, + "offset": 47, + "location": "testsuite/integration-arquillian/servers/auth-server/services/testsuite-providers/src/main/java/org/keycloak/testsuite/rest/resource/TestingOIDCEndpointsApplicationResource.java" } - }, - "type": "cryptographic-asset", - "bom-ref": "92b6db1b-7a58-40be-8ed8-dbe826fd68b9" + ] }, - { - "name": "SSL", - "evidence": { - "occurrences": [ - { - "location": "testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/arquillian/containers/InfinispanServerDeployableContainer.java", - "line": 174, - "offset": 28, - "additionalContext": "javax.net.ssl.SSLContext#getInstance(Ljava/lang/String;)Ljavax/net/ssl/SSLContext;" - }, - { - "location": "adapters/saml/core/src/main/java/org/keycloak/adapters/cloned/HttpClientBuilder.java", - "line": 262, - "offset": 29, - "additionalContext": "javax.net.ssl.SSLContext#getInstance(Ljava/lang/String;)Ljavax/net/ssl/SSLContext;" - } + "cryptoProperties": { + "assetType": "algorithm", + "algorithmProperties": { + "primitive": "pke", + "curve": "secp521r1", + "cryptoFunctions": [ + "keygen" ] }, - "cryptoProperties": { - "assetType": "protocol", - "protocolProperties": { - "type": "tls" + "oid": "1.2.840.10045.2.1" + } + }, + { + "type": "cryptographic-asset", + "bom-ref": "3f6d64fc-4402-496c-bc9b-87b4d32b048e", + "name": "key@3f6d64fc-4402-496c-bc9b-87b4d32b048e", + "evidence": { + "occurrences": [ + { + "line": 110, + "offset": 28, + "additionalContext": "java.security.KeyFactory#getInstance(Ljava/lang/String;)Ljava/security/KeyFactory;", + "location": "core/src/main/java/org/keycloak/jose/jwk/AbstractJWKParser.java" } - }, - "type": "cryptographic-asset", - "bom-ref": "1e3d0c31-8e00-4f7d-af38-0ad093f6f545" + ] }, - { - "name": "eddsa", - "evidence": { - "occurrences": [ - { - "location": "services/src/main/java/org/keycloak/keys/GeneratedEddsaKeyProvider.java", - "line": 50, - "offset": 28, - "additionalContext": "java.security.KeyFactory#getInstance(Ljava/lang/String;)Ljava/security/KeyFactory;" - }, - { - "location": "services/src/main/java/org/keycloak/keys/GeneratedEddsaKeyProviderFactory.java", - "line": 133, - "offset": 28, - "additionalContext": "java.security.KeyFactory#getInstance(Ljava/lang/String;)Ljava/security/KeyFactory;" - } - ] - }, - "cryptoProperties": { - "assetType": "algorithm", - "algorithmProperties": { - "primitive": "other", - "cryptoFunctions": [ - "keygen" - ] + "cryptoProperties": { + "assetType": "related-crypto-material", + "relatedCryptoMaterialProperties": { + "type": "secret-key" + } + } + }, + { + "type": "cryptographic-asset", + "bom-ref": "d577b328-ed4a-4b92-8e0f-a714205ae070", + "name": "RAW", + "evidence": { + "occurrences": [ + { + "line": 159, + "offset": 35, + "additionalContext": "javax.crypto.spec.SecretKeySpec#([BLjava/lang/String;)V", + "location": "server-spi/src/main/java/org/keycloak/models/utils/HmacOTP.java" } - }, - "type": "cryptographic-asset", - "bom-ref": "de22181b-82ff-447e-9106-41bf0044423b" + ] }, - { - "name": "aes", - "evidence": { - "occurrences": [ - { - "location": "crypto/default/src/main/java/org/keycloak/crypto/def/AesKeyWrapAlgorithmProvider.java", - "line": 36, - "offset": 28, - "additionalContext": "org.bouncycastle.crypto.engines.AESWrapEngine#()V" - }, - { - "location": "crypto/default/src/main/java/org/keycloak/crypto/def/AesKeyWrapAlgorithmProvider.java", - "line": 43, - "offset": 28, - "additionalContext": "org.bouncycastle.crypto.engines.AESWrapEngine#()V" - } + "cryptoProperties": { + "assetType": "algorithm", + "algorithmProperties": { + "primitive": "other", + "cryptoFunctions": [ + "keygen" ] - }, - "cryptoProperties": { - "assetType": "algorithm", - "algorithmProperties": { - "primitive": "other" + } + } + }, + { + "type": "cryptographic-asset", + "bom-ref": "fe7c24fe-ec56-4f21-bd4e-87082792ae90", + "name": "EdDSA", + "evidence": { + "occurrences": [ + { + "line": 50, + "offset": 28, + "additionalContext": "java.security.KeyFactory#getInstance(Ljava/lang/String;)Ljava/security/KeyFactory;", + "location": "services/src/main/java/org/keycloak/keys/GeneratedEddsaKeyProvider.java" }, - "oid": "2.16.840.1.101.3.4.1" - }, - "type": "cryptographic-asset", - "bom-ref": "2dbb1c32-2420-4332-8a53-48ef061457f7" + { + "line": 133, + "offset": 28, + "additionalContext": "java.security.KeyFactory#getInstance(Ljava/lang/String;)Ljava/security/KeyFactory;", + "location": "services/src/main/java/org/keycloak/keys/GeneratedEddsaKeyProviderFactory.java" + } + ] }, - { - "name": "dsa", - "evidence": { - "occurrences": [ - { - "location": "saml-core-api/src/main/java/org/keycloak/dom/xmlsec/w3/xmldsig/DSAKeyValueType.java", - "line": 211, - "offset": 39, - "additionalContext": "java.security.KeyFactory#getInstance(Ljava/lang/String;)Ljava/security/KeyFactory;" - }, - { - "location": "saml-core-api/src/main/java/org/keycloak/dom/xmlsec/w3/xmldsig/DSAKeyValueType.java", - "line": 234, - "offset": 39, - "additionalContext": "java.security.KeyFactory#getInstance(Ljava/lang/String;)Ljava/security/KeyFactory;" - } + "cryptoProperties": { + "assetType": "algorithm", + "algorithmProperties": { + "primitive": "signature", + "cryptoFunctions": [ + "keygen" ] - }, - "cryptoProperties": { - "assetType": "algorithm", - "algorithmProperties": { - "primitive": "other", - "cryptoFunctions": [ - "keygen" - ] + } + } + }, + { + "type": "cryptographic-asset", + "bom-ref": "9ac3bf9b-203a-46ee-9fec-840257c44145", + "name": "HMAC-SHA256", + "evidence": { + "occurrences": [ + { + "line": 150, + "offset": 32, + "additionalContext": "javax.crypto.spec.SecretKeySpec#([BLjava/lang/String;)V", + "location": "server-spi-private/src/main/java/org/keycloak/models/utils/KeycloakModelUtils.java" } - }, - "type": "cryptographic-asset", - "bom-ref": "a04c60c0-ce8e-4ee0-a4a1-e6a428e23e83" + ] }, - { - "name": "key:raw", - "evidence": { - "occurrences": [ - { - "location": "server-spi/src/main/java/org/keycloak/models/utils/HmacOTP.java", - "line": 159, - "offset": 35, - "additionalContext": "javax.crypto.spec.SecretKeySpec#([BLjava/lang/String;)V" - } + "cryptoProperties": { + "assetType": "algorithm", + "algorithmProperties": { + "primitive": "mac", + "cryptoFunctions": [ + "keygen", + "tag" ] - }, - "cryptoProperties": { - "assetType": "related-crypto-material", - "relatedCryptoMaterialProperties": { - "type": "secret-key" + } + } + }, + { + "type": "cryptographic-asset", + "bom-ref": "02402fd6-7234-4648-95d1-f054bb8c0e0c", + "name": "RSA-2048", + "evidence": { + "occurrences": [ + { + "line": 110, + "offset": 28, + "additionalContext": "java.security.KeyFactory#getInstance(Ljava/lang/String;)Ljava/security/KeyFactory;", + "location": "core/src/main/java/org/keycloak/jose/jwk/AbstractJWKParser.java" + }, + { + "line": 103, + "offset": 39, + "additionalContext": "java.security.KeyFactory#getInstance(Ljava/lang/String;)Ljava/security/KeyFactory;", + "location": "saml-core-api/src/main/java/org/keycloak/dom/xmlsec/w3/xmldsig/RSAKeyValueType.java" + }, + { + "line": 122, + "offset": 39, + "additionalContext": "java.security.KeyFactory#getInstance(Ljava/lang/String;)Ljava/security/KeyFactory;", + "location": "saml-core-api/src/main/java/org/keycloak/dom/xmlsec/w3/xmldsig/RSAKeyValueType.java" } - }, - "type": "cryptographic-asset", - "bom-ref": "a2a12c06-d5d9-4c41-ac2f-1c4337ea544c" + ] }, - { - "name": "sha-1", - "evidence": { - "occurrences": [ - { - "location": "server-spi-private/src/main/java/org/keycloak/protocol/saml/util/ArtifactBindingUtils.java", - "line": 45, - "offset": 41, - "additionalContext": "java.security.MessageDigest#getInstance(Ljava/lang/String;)Ljava/security/MessageDigest;" - } + "cryptoProperties": { + "assetType": "algorithm", + "algorithmProperties": { + "primitive": "pke", + "parameterSetIdentifier": "2048", + "cryptoFunctions": [ + "keygen" ] }, - "cryptoProperties": { - "assetType": "algorithm", - "algorithmProperties": { - "primitive": "hash", - "parameterSetIdentifier": "512", - "cryptoFunctions": [ - "digest" - ] - }, - "oid": "1.3.14.3.2.26" - }, - "type": "cryptographic-asset", - "bom-ref": "0a61c16b-97b2-4a53-a19b-0a8bd0522f3b" + "oid": "1.2.840.113549.1.1.1" + } + }, + { + "type": "cryptographic-asset", + "bom-ref": "bc257a33-dd7f-4261-bcbc-35e23cc0aba5", + "name": "key@bc257a33-dd7f-4261-bcbc-35e23cc0aba5", + "evidence": { + "occurrences": [ + { + "line": 199, + "offset": 36, + "additionalContext": "java.security.KeyFactory#getInstance(Ljava/lang/String;)Ljava/security/KeyFactory;", + "location": "crypto/default/src/main/java/org/keycloak/crypto/def/BCEcdhEsAlgorithmProvider.java" + } + ] }, - { - "name": "hmacsha256", - "evidence": { - "occurrences": [ - { - "location": "server-spi-private/src/main/java/org/keycloak/models/utils/KeycloakModelUtils.java", - "line": 150, - "offset": 32, - "additionalContext": "javax.crypto.spec.SecretKeySpec#([BLjava/lang/String;)V" - } - ] - }, - "cryptoProperties": { - "assetType": "algorithm", - "algorithmProperties": { - "primitive": "mac", - "parameterSetIdentifier": "256", - "cryptoFunctions": [ - "keygen" - ] + "cryptoProperties": { + "assetType": "related-crypto-material", + "relatedCryptoMaterialProperties": { + "type": "secret-key" + } + } + }, + { + "type": "cryptographic-asset", + "bom-ref": "01f0866b-5380-4789-a450-5c8e8f2d4c9c", + "name": "secret-key@01f0866b-5380-4789-a450-5c8e8f2d4c9c", + "evidence": { + "occurrences": [ + { + "line": 113, + "offset": 42, + "additionalContext": "javax.crypto.spec.SecretKeySpec#([BLjava/lang/String;)V", + "location": "crypto/elytron/src/main/java/org/keycloak/crypto/elytron/ElytronEcdhEsAlgorithmProvider.java" } - }, - "type": "cryptographic-asset", - "bom-ref": "eef6eb1e-1e14-465b-ad7a-6ddb22e9148b" + ] }, - { - "name": "TLS", - "evidence": { - "occurrences": [ - { - "location": "quarkus/runtime/src/main/java/org/keycloak/quarkus/runtime/storage/legacy/infinispan/CacheManagerFactory.java", - "line": 249, - "offset": 29, - "additionalContext": "javax.net.ssl.SSLContext#getInstance(Ljava/lang/String;)Ljavax/net/ssl/SSLContext;" - }, - { - "location": "quarkus/tests/junit5/src/main/java/org/keycloak/it/utils/RawKeycloakDistribution.java", - "line": 440, - "offset": 25, - "additionalContext": "javax.net.ssl.SSLContext#getInstance(Ljava/lang/String;)Ljavax/net/ssl/SSLContext;" - }, - { - "location": "testsuite/integration-arquillian/util/src/main/java/org/keycloak/testsuite/utils/tls/TLSUtils.java", - "line": 66, - "offset": 22, - "additionalContext": "javax.net.ssl.SSLContext#getInstance(Ljava/lang/String;)Ljavax/net/ssl/SSLContext;" - }, - { - "location": "testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/util/MutualTLSUtils.java", - "line": 98, - "offset": 36, - "additionalContext": "javax.net.ssl.SSLContext#getInstance(Ljava/lang/String;)Ljavax/net/ssl/SSLContext;" - }, - { - "location": "testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/arquillian/containers/AbstractQuarkusDeployableContainer.java", - "line": 381, - "offset": 25, - "additionalContext": "javax.net.ssl.SSLContext#getInstance(Ljava/lang/String;)Ljavax/net/ssl/SSLContext;" - }, - { - "location": "testsuite/utils/src/main/java/org/keycloak/testsuite/KeycloakServer.java", - "line": 532, - "offset": 32, - "additionalContext": "javax.net.ssl.SSLContext#getInstance(Ljava/lang/String;)Ljavax/net/ssl/SSLContext;" - }, - { - "location": "services/src/main/java/org/keycloak/truststore/JSSETruststoreConfigurator.java", - "line": 62, - "offset": 44, - "additionalContext": "javax.net.ssl.SSLContext#getInstance(Ljava/lang/String;)Ljavax/net/ssl/SSLContext;" - } - ] - }, - "cryptoProperties": { - "assetType": "protocol", - "protocolProperties": { - "type": "tls" + "cryptoProperties": { + "assetType": "related-crypto-material", + "relatedCryptoMaterialProperties": { + "type": "secret-key" + } + } + }, + { + "type": "cryptographic-asset", + "bom-ref": "771209b4-7f14-457e-9158-e781d91f5caa", + "name": "DSA", + "evidence": { + "occurrences": [ + { + "line": 211, + "offset": 39, + "additionalContext": "java.security.KeyFactory#getInstance(Ljava/lang/String;)Ljava/security/KeyFactory;", + "location": "saml-core-api/src/main/java/org/keycloak/dom/xmlsec/w3/xmldsig/DSAKeyValueType.java" + }, + { + "line": 234, + "offset": 39, + "additionalContext": "java.security.KeyFactory#getInstance(Ljava/lang/String;)Ljava/security/KeyFactory;", + "location": "saml-core-api/src/main/java/org/keycloak/dom/xmlsec/w3/xmldsig/DSAKeyValueType.java" } - }, - "type": "cryptographic-asset", - "bom-ref": "0654d0a1-82ca-4357-b878-7a175448c427" + ] }, - { - "name": "key:rsa", - "evidence": { - "occurrences": [ - { - "location": "core/src/main/java/org/keycloak/jose/jwk/AbstractJWKParser.java", - "line": 107, - "offset": 28, - "additionalContext": "java.security.KeyFactory#getInstance(Ljava/lang/String;)Ljava/security/KeyFactory;" - }, - { - "location": "saml-core-api/src/main/java/org/keycloak/dom/xmlsec/w3/xmldsig/RSAKeyValueType.java", - "line": 103, - "offset": 39, - "additionalContext": "java.security.KeyFactory#getInstance(Ljava/lang/String;)Ljava/security/KeyFactory;" - }, - { - "location": "saml-core-api/src/main/java/org/keycloak/dom/xmlsec/w3/xmldsig/RSAKeyValueType.java", - "line": 122, - "offset": 39, - "additionalContext": "java.security.KeyFactory#getInstance(Ljava/lang/String;)Ljava/security/KeyFactory;" - } + "cryptoProperties": { + "assetType": "algorithm", + "algorithmProperties": { + "primitive": "signature", + "parameterSetIdentifier": "2048", + "cryptoFunctions": [ + "keygen" ] }, - "cryptoProperties": { - "assetType": "related-crypto-material", - "relatedCryptoMaterialProperties": { - "type": "public-key" + "oid": "1.2.840.10040.4.1" + } + }, + { + "type": "cryptographic-asset", + "bom-ref": "26e93c1f-5892-469a-93f9-a0700d16d182", + "name": "secret-key@26e93c1f-5892-469a-93f9-a0700d16d182", + "evidence": { + "occurrences": [ + { + "line": 150, + "offset": 32, + "additionalContext": "javax.crypto.spec.SecretKeySpec#([BLjava/lang/String;)V", + "location": "server-spi-private/src/main/java/org/keycloak/models/utils/KeycloakModelUtils.java" } - }, - "type": "cryptographic-asset", - "bom-ref": "74ccfe30-6d70-4d08-99ef-751e4b15864c" + ] }, - { - "name": "hmacsha2", - "evidence": { - "occurrences": [ - { - "location": "core/src/main/java/org/keycloak/jose/jwe/enc/AesCbcHmacShaEncryptionProvider.java", - "line": 170, - "offset": 32, - "additionalContext": "javax.crypto.spec.SecretKeySpec#([BLjava/lang/String;)V" - } - ] - }, - "cryptoProperties": { - "assetType": "algorithm", - "algorithmProperties": { - "primitive": "other", - "cryptoFunctions": [ - "keygen" - ] + "cryptoProperties": { + "assetType": "related-crypto-material", + "relatedCryptoMaterialProperties": { + "type": "secret-key" + } + } + }, + { + "type": "cryptographic-asset", + "bom-ref": "03b152ee-a469-4489-b040-74ea08654205", + "name": "Ed25519", + "evidence": { + "occurrences": [ + { + "line": 159, + "offset": 47, + "location": "testsuite/integration-arquillian/servers/auth-server/services/testsuite-providers/src/main/java/org/keycloak/testsuite/rest/resource/TestingOIDCEndpointsApplicationResource.java" } - }, - "type": "cryptographic-asset", - "bom-ref": "d2e0da8c-4484-4687-a423-3b25168b3a78" + ] }, - { - "name": "ec", - "evidence": { - "occurrences": [ - { - "location": "crypto/default/src/main/java/org/keycloak/crypto/def/BCECDSACryptoProvider.java", - "line": 80, - "offset": 36, - "additionalContext": "java.security.KeyFactory#getInstance(Ljava/lang/String;)Ljava/security/KeyFactory;" - }, - { - "location": "crypto/elytron/src/main/java/org/keycloak/crypto/elytron/WildFlyElytronProvider.java", - "line": 126, - "offset": 15, - "additionalContext": "java.security.KeyFactory#getInstance(Ljava/lang/String;)Ljava/security/KeyFactory;" - }, - { - "location": "crypto/fips1402/src/main/java/org/keycloak/crypto/fips/BCFIPSECDSACryptoProvider.java", - "line": 85, - "offset": 36, - "additionalContext": "java.security.KeyFactory#getInstance(Ljava/lang/String;)Ljava/security/KeyFactory;" - }, - { - "location": "testsuite/integration-arquillian/servers/auth-server/services/testsuite-providers/src/main/java/org/keycloak/testsuite/rest/resource/TestingOIDCEndpointsApplicationResource.java", - "line": 192, - "offset": 34, - "additionalContext": "java.security.KeyPairGenerator#getInstance(Ljava/lang/String;)Ljava/security/KeyPairGenerator;" - }, - { - "location": "services/src/main/java/org/keycloak/keys/AbstractEcdsaKeyProviderFactory.java", - "line": 63, - "offset": 38, - "additionalContext": "java.security.KeyPairGenerator#getInstance(Ljava/lang/String;)Ljava/security/KeyPairGenerator;" - }, - { - "location": "services/src/main/java/org/keycloak/keys/GeneratedEcdsaKeyProvider.java", - "line": 47, - "offset": 28, - "additionalContext": "java.security.KeyFactory#getInstance(Ljava/lang/String;)Ljava/security/KeyFactory;" - }, - { - "location": "services/src/main/java/org/keycloak/keys/GeneratedEcdsaKeyProviderFactory.java", - "line": 131, - "offset": 28, - "additionalContext": "java.security.KeyFactory#getInstance(Ljava/lang/String;)Ljava/security/KeyFactory;" - } + "cryptoProperties": { + "assetType": "algorithm", + "algorithmProperties": { + "primitive": "signature", + "curve": "Edwards25519", + "cryptoFunctions": [ + "keygen" ] }, - "cryptoProperties": { - "assetType": "algorithm", - "algorithmProperties": { - "primitive": "other", - "cryptoFunctions": [ - "keygen" - ] + "oid": "1.3.101.112" + } + }, + { + "type": "cryptographic-asset", + "bom-ref": "92f2aa39-8cc3-402c-a122-c133a7c255bd", + "name": "secret-key@92f2aa39-8cc3-402c-a122-c133a7c255bd", + "evidence": { + "occurrences": [ + { + "line": 115, + "offset": 31, + "additionalContext": "javax.crypto.spec.SecretKeySpec#([BLjava/lang/String;)V", + "location": "crypto/elytron/src/main/java/org/keycloak/crypto/elytron/ElytronEcdhEsAlgorithmProvider.java" } - }, - "type": "cryptographic-asset", - "bom-ref": "91421bf3-d650-48d5-9d47-12e7a1731fae" + ] }, - { - "name": "aes-128-gcm", - "evidence": { - "occurrences": [ - { - "location": "crypto/elytron/src/main/java/org/keycloak/crypto/elytron/WildFlyElytronProvider.java", - "line": 136, - "offset": 15, - "additionalContext": "javax.crypto.Cipher#getInstance(Ljava/lang/String;)Ljavax/crypto/Cipher;" - } - ] - }, - "cryptoProperties": { - "assetType": "algorithm", - "algorithmProperties": { - "primitive": "ae", - "parameterSetIdentifier": "128", - "padding": "other" - }, - "oid": "2.16.840.1.101.3.4.1.6" - }, - "type": "cryptographic-asset", - "bom-ref": "de04ead6-0873-40f7-9ef7-b56987012a3a" + "cryptoProperties": { + "assetType": "related-crypto-material", + "relatedCryptoMaterialProperties": { + "type": "secret-key" + } } - ], - "dependencies": [ - { - "ref": "91421bf3-d650-48d5-9d47-12e7a1731fae", - "dependsOn": [ - "77b30a00-036b-4369-9d5e-f303412f8b2b" + }, + { + "type": "cryptographic-asset", + "bom-ref": "e73835a2-57be-4658-8974-351119cc2b86", + "name": "key@e73835a2-57be-4658-8974-351119cc2b86", + "evidence": { + "occurrences": [ + { + "line": 48, + "offset": 28, + "additionalContext": "java.security.KeyFactory#getInstance(Ljava/lang/String;)Ljava/security/KeyFactory;", + "location": "services/src/main/java/org/keycloak/keys/GeneratedEcdhKeyProvider.java" + } ] }, - { - "ref": "74ccfe30-6d70-4d08-99ef-751e4b15864c", - "dependsOn": [ - "aa7c53e9-036a-4d36-a5e1-1d1678071e5c" + "cryptoProperties": { + "assetType": "related-crypto-material", + "relatedCryptoMaterialProperties": { + "type": "secret-key" + } + } + }, + { + "type": "cryptographic-asset", + "bom-ref": "f4b134fa-cc66-419b-959a-a82dc2eeebcc", + "name": "EC", + "evidence": { + "occurrences": [ + { + "line": 85, + "offset": 36, + "additionalContext": "java.security.KeyFactory#getInstance(Ljava/lang/String;)Ljava/security/KeyFactory;", + "location": "crypto/fips1402/src/main/java/org/keycloak/crypto/fips/BCFIPSECDSACryptoProvider.java" + }, + { + "line": 141, + "offset": 38, + "additionalContext": "java.security.KeyPairGenerator#getInstance(Ljava/lang/String;Ljava/lang/String;)Ljava/security/KeyPairGenerator;", + "location": "crypto/fips1402/src/main/java/org/keycloak/crypto/fips/BCFIPSEcdhEsAlgorithmProvider.java" + }, + { + "line": 204, + "offset": 36, + "additionalContext": "java.security.KeyFactory#getInstance(Ljava/lang/String;Ljava/lang/String;)Ljava/security/KeyFactory;", + "location": "crypto/fips1402/src/main/java/org/keycloak/crypto/fips/BCFIPSEcdhEsAlgorithmProvider.java" + }, + { + "line": 132, + "offset": 38, + "additionalContext": "java.security.KeyPairGenerator#getInstance(Ljava/lang/String;)Ljava/security/KeyPairGenerator;", + "location": "crypto/default/src/main/java/org/keycloak/crypto/def/BCEcdhEsAlgorithmProvider.java" + }, + { + "line": 199, + "offset": 36, + "additionalContext": "java.security.KeyFactory#getInstance(Ljava/lang/String;)Ljava/security/KeyFactory;", + "location": "crypto/default/src/main/java/org/keycloak/crypto/def/BCEcdhEsAlgorithmProvider.java" + }, + { + "line": 80, + "offset": 36, + "additionalContext": "java.security.KeyFactory#getInstance(Ljava/lang/String;)Ljava/security/KeyFactory;", + "location": "crypto/default/src/main/java/org/keycloak/crypto/def/BCECDSACryptoProvider.java" + }, + { + "line": 125, + "offset": 38, + "additionalContext": "java.security.KeyPairGenerator#getInstance(Ljava/lang/String;)Ljava/security/KeyPairGenerator;", + "location": "crypto/elytron/src/main/java/org/keycloak/crypto/elytron/ElytronEcdhEsAlgorithmProvider.java" + }, + { + "line": 133, + "offset": 15, + "additionalContext": "java.security.KeyFactory#getInstance(Ljava/lang/String;)Ljava/security/KeyFactory;", + "location": "crypto/elytron/src/main/java/org/keycloak/crypto/elytron/WildFlyElytronProvider.java" + }, + { + "line": 192, + "offset": 34, + "additionalContext": "java.security.KeyPairGenerator#getInstance(Ljava/lang/String;)Ljava/security/KeyPairGenerator;", + "location": "testsuite/integration-arquillian/servers/auth-server/services/testsuite-providers/src/main/java/org/keycloak/testsuite/rest/resource/TestingOIDCEndpointsApplicationResource.java" + }, + { + "line": 52, + "offset": 38, + "additionalContext": "java.security.KeyPairGenerator#getInstance(Ljava/lang/String;)Ljava/security/KeyPairGenerator;", + "location": "services/src/main/java/org/keycloak/keys/AbstractEcKeyProviderFactory.java" + }, + { + "line": 48, + "offset": 28, + "additionalContext": "java.security.KeyFactory#getInstance(Ljava/lang/String;)Ljava/security/KeyFactory;", + "location": "services/src/main/java/org/keycloak/keys/GeneratedEcdsaKeyProvider.java" + }, + { + "line": 115, + "offset": 28, + "additionalContext": "java.security.KeyFactory#getInstance(Ljava/lang/String;)Ljava/security/KeyFactory;", + "location": "services/src/main/java/org/keycloak/keys/AbstractGeneratedEcKeyProviderFactory.java" + }, + { + "line": 48, + "offset": 28, + "additionalContext": "java.security.KeyFactory#getInstance(Ljava/lang/String;)Ljava/security/KeyFactory;", + "location": "services/src/main/java/org/keycloak/keys/GeneratedEcdhKeyProvider.java" + } ] }, - { - "ref": "a2a12c06-d5d9-4c41-ac2f-1c4337ea544c", - "dependsOn": [ - "a4b73cef-8673-4bbd-a5e3-9c42e87c5fd5" + "cryptoProperties": { + "assetType": "algorithm", + "algorithmProperties": { + "primitive": "pke", + "cryptoFunctions": [ + "keygen" + ] + } + } + }, + { + "type": "cryptographic-asset", + "bom-ref": "fa4092da-4c4c-4366-b406-0985d5483637", + "name": "key@fa4092da-4c4c-4366-b406-0985d5483637", + "evidence": { + "occurrences": [ + { + "line": 125, + "offset": 38, + "additionalContext": "java.security.KeyPairGenerator#getInstance(Ljava/lang/String;)Ljava/security/KeyPairGenerator;", + "location": "crypto/elytron/src/main/java/org/keycloak/crypto/elytron/ElytronEcdhEsAlgorithmProvider.java" + } ] }, - { - "ref": "c68af103-0d1b-4203-833e-65d676b78021", - "dependsOn": [ - "eef6eb1e-1e14-465b-ad7a-6ddb22e9148b" + "cryptoProperties": { + "assetType": "related-crypto-material", + "relatedCryptoMaterialProperties": { + "type": "secret-key" + } + } + }, + { + "type": "cryptographic-asset", + "bom-ref": "a978f3b3-0bd3-42da-9f8c-48ca6bad8960", + "name": "key@a978f3b3-0bd3-42da-9f8c-48ca6bad8960", + "evidence": { + "occurrences": [ + { + "line": 80, + "offset": 36, + "additionalContext": "java.security.KeyFactory#getInstance(Ljava/lang/String;)Ljava/security/KeyFactory;", + "location": "crypto/default/src/main/java/org/keycloak/crypto/def/BCECDSACryptoProvider.java" + } ] }, - { - "ref": "eef6eb1e-1e14-465b-ad7a-6ddb22e9148b", - "dependsOn": [ - "44f6d637-9887-4ee4-aa9e-40146de580ed" + "cryptoProperties": { + "assetType": "related-crypto-material", + "relatedCryptoMaterialProperties": { + "type": "secret-key" + } + } + }, + { + "type": "cryptographic-asset", + "bom-ref": "9972ec0e-60cd-43ef-839a-fd72fc4c9ec5", + "name": "EC-secp384r1", + "evidence": { + "occurrences": [ + { + "line": 148, + "offset": 47, + "location": "testsuite/integration-arquillian/servers/auth-server/services/testsuite-providers/src/main/java/org/keycloak/testsuite/rest/resource/TestingOIDCEndpointsApplicationResource.java" + } ] }, - { - "ref": "92b6db1b-7a58-40be-8ed8-dbe826fd68b9", - "dependsOn": [ - "1b0fa63b-811a-4fe0-b72c-7a460dbe81bb" + "cryptoProperties": { + "assetType": "algorithm", + "algorithmProperties": { + "primitive": "pke", + "curve": "secp384r1", + "cryptoFunctions": [ + "keygen" + ] + }, + "oid": "1.2.840.10045.2.1" + } + }, + { + "type": "cryptographic-asset", + "bom-ref": "52b74b73-2d01-443e-a98f-18e3ed5e7ecc", + "name": "key@52b74b73-2d01-443e-a98f-18e3ed5e7ecc", + "evidence": { + "occurrences": [ + { + "line": 85, + "offset": 36, + "additionalContext": "java.security.KeyFactory#getInstance(Ljava/lang/String;)Ljava/security/KeyFactory;", + "location": "crypto/fips1402/src/main/java/org/keycloak/crypto/fips/BCFIPSECDSACryptoProvider.java" + } ] }, - { - "ref": "885ad206-72d0-469b-968a-f56f906cbe84", - "dependsOn": [ - "d2e0da8c-4484-4687-a423-3b25168b3a78" + "cryptoProperties": { + "assetType": "related-crypto-material", + "relatedCryptoMaterialProperties": { + "type": "secret-key" + } + } + }, + { + "type": "cryptographic-asset", + "bom-ref": "974ae597-4047-4322-8d96-f13a04c5e597", + "name": "key@974ae597-4047-4322-8d96-f13a04c5e597", + "evidence": { + "occurrences": [ + { + "line": 192, + "offset": 34, + "additionalContext": "java.security.KeyPairGenerator#getInstance(Ljava/lang/String;)Ljava/security/KeyPairGenerator;", + "location": "testsuite/integration-arquillian/servers/auth-server/services/testsuite-providers/src/main/java/org/keycloak/testsuite/rest/resource/TestingOIDCEndpointsApplicationResource.java" + } + ] + }, + "cryptoProperties": { + "assetType": "related-crypto-material", + "relatedCryptoMaterialProperties": { + "type": "secret-key" + } + } + }, + { + "type": "cryptographic-asset", + "bom-ref": "8d813489-1c9b-4f9a-9bfe-c1e665c1cd7d", + "name": "key@8d813489-1c9b-4f9a-9bfe-c1e665c1cd7d", + "evidence": { + "occurrences": [ + { + "line": 50, + "offset": 28, + "additionalContext": "java.security.KeyFactory#getInstance(Ljava/lang/String;)Ljava/security/KeyFactory;", + "location": "services/src/main/java/org/keycloak/keys/GeneratedEddsaKeyProvider.java" + } ] + }, + "cryptoProperties": { + "assetType": "related-crypto-material", + "relatedCryptoMaterialProperties": { + "type": "secret-key" + } } - ] - } \ No newline at end of file + }, + { + "type": "cryptographic-asset", + "bom-ref": "7b5157d4-56ea-4833-81a0-2e90a25a8cd3", + "name": "key@7b5157d4-56ea-4833-81a0-2e90a25a8cd3", + "evidence": { + "occurrences": [ + { + "line": 48, + "offset": 28, + "additionalContext": "java.security.KeyFactory#getInstance(Ljava/lang/String;)Ljava/security/KeyFactory;", + "location": "services/src/main/java/org/keycloak/keys/GeneratedEcdsaKeyProvider.java" + } + ] + }, + "cryptoProperties": { + "assetType": "related-crypto-material", + "relatedCryptoMaterialProperties": { + "type": "secret-key" + } + } + }, + { + "type": "cryptographic-asset", + "bom-ref": "6f7d99ed-2d59-41cc-b089-1d576dd7437a", + "name": "key@6f7d99ed-2d59-41cc-b089-1d576dd7437a", + "evidence": { + "occurrences": [ + { + "line": 133, + "offset": 15, + "additionalContext": "java.security.KeyFactory#getInstance(Ljava/lang/String;)Ljava/security/KeyFactory;", + "location": "crypto/elytron/src/main/java/org/keycloak/crypto/elytron/WildFlyElytronProvider.java" + } + ] + }, + "cryptoProperties": { + "assetType": "related-crypto-material", + "relatedCryptoMaterialProperties": { + "type": "secret-key" + } + } + }, + { + "type": "cryptographic-asset", + "bom-ref": "0692644a-4902-4d4e-ac6b-ca1f6e4025f4", + "name": "secret-key@0692644a-4902-4d4e-ac6b-ca1f6e4025f4", + "evidence": { + "occurrences": [ + { + "line": 159, + "offset": 35, + "additionalContext": "javax.crypto.spec.SecretKeySpec#([BLjava/lang/String;)V", + "location": "server-spi/src/main/java/org/keycloak/models/utils/HmacOTP.java" + } + ] + }, + "cryptoProperties": { + "assetType": "related-crypto-material", + "relatedCryptoMaterialProperties": { + "type": "secret-key" + } + } + }, + { + "type": "cryptographic-asset", + "bom-ref": "72bbe566-fb77-40f1-ad3d-8d7f079b1f55", + "name": "SHA512", + "evidence": { + "occurrences": [ + { + "line": 159, + "offset": 47, + "location": "testsuite/integration-arquillian/servers/auth-server/services/testsuite-providers/src/main/java/org/keycloak/testsuite/rest/resource/TestingOIDCEndpointsApplicationResource.java" + } + ] + }, + "cryptoProperties": { + "assetType": "algorithm", + "algorithmProperties": { + "primitive": "hash", + "parameterSetIdentifier": "512", + "cryptoFunctions": [ + "digest" + ] + }, + "oid": "2.16.840.1.101.3.4.2.3" + } + }, + { + "type": "cryptographic-asset", + "bom-ref": "1fe22c0b-2937-4816-8390-c191e620d380", + "name": "key@1fe22c0b-2937-4816-8390-c191e620d380", + "evidence": { + "occurrences": [ + { + "line": 133, + "offset": 28, + "additionalContext": "java.security.KeyFactory#getInstance(Ljava/lang/String;)Ljava/security/KeyFactory;", + "location": "services/src/main/java/org/keycloak/keys/GeneratedEddsaKeyProviderFactory.java" + } + ] + }, + "cryptoProperties": { + "assetType": "related-crypto-material", + "relatedCryptoMaterialProperties": { + "type": "secret-key" + } + } + }, + { + "type": "cryptographic-asset", + "bom-ref": "850864dc-1acd-4ca5-9703-b2c4ddd388da", + "name": "key@850864dc-1acd-4ca5-9703-b2c4ddd388da", + "evidence": { + "occurrences": [ + { + "line": 192, + "offset": 34, + "additionalContext": "java.security.KeyPairGenerator#getInstance(Ljava/lang/String;)Ljava/security/KeyPairGenerator;", + "location": "testsuite/integration-arquillian/servers/auth-server/services/testsuite-providers/src/main/java/org/keycloak/testsuite/rest/resource/TestingOIDCEndpointsApplicationResource.java" + } + ] + }, + "cryptoProperties": { + "assetType": "related-crypto-material", + "relatedCryptoMaterialProperties": { + "type": "secret-key" + } + } + }, + { + "type": "cryptographic-asset", + "bom-ref": "56eeecf6-259b-4577-87b0-e78e7dd7f1c1", + "name": "key@56eeecf6-259b-4577-87b0-e78e7dd7f1c1", + "evidence": { + "occurrences": [ + { + "line": 211, + "offset": 39, + "additionalContext": "java.security.KeyFactory#getInstance(Ljava/lang/String;)Ljava/security/KeyFactory;", + "location": "saml-core-api/src/main/java/org/keycloak/dom/xmlsec/w3/xmldsig/DSAKeyValueType.java" + } + ] + }, + "cryptoProperties": { + "assetType": "related-crypto-material", + "relatedCryptoMaterialProperties": { + "type": "secret-key" + } + } + }, + { + "type": "cryptographic-asset", + "bom-ref": "dddaf42d-c036-49c2-8605-c9a7984f06ae", + "name": "key@dddaf42d-c036-49c2-8605-c9a7984f06ae", + "evidence": { + "occurrences": [ + { + "line": 159, + "offset": 47, + "location": "testsuite/integration-arquillian/servers/auth-server/services/testsuite-providers/src/main/java/org/keycloak/testsuite/rest/resource/TestingOIDCEndpointsApplicationResource.java" + } + ] + }, + "cryptoProperties": { + "assetType": "related-crypto-material", + "relatedCryptoMaterialProperties": { + "type": "secret-key" + } + } + }, + { + "type": "cryptographic-asset", + "bom-ref": "39ce56d1-f2fe-4f65-bec1-95212518e243", + "name": "secret-key@39ce56d1-f2fe-4f65-bec1-95212518e243", + "evidence": { + "occurrences": [ + { + "line": 170, + "offset": 32, + "additionalContext": "javax.crypto.spec.SecretKeySpec#([BLjava/lang/String;)V", + "location": "core/src/main/java/org/keycloak/jose/jwe/enc/AesCbcHmacShaEncryptionProvider.java" + } + ] + }, + "cryptoProperties": { + "assetType": "related-crypto-material", + "relatedCryptoMaterialProperties": { + "type": "secret-key" + } + } + }, + { + "type": "cryptographic-asset", + "bom-ref": "42da2a3f-562d-4c9e-9100-dd1d6e9abc00", + "name": "secret-key@42da2a3f-562d-4c9e-9100-dd1d6e9abc00", + "evidence": { + "occurrences": [ + { + "line": 288, + "offset": 34, + "additionalContext": "javax.crypto.spec.SecretKeySpec#([BLjava/lang/String;)V", + "location": "saml-core/src/main/java/org/keycloak/saml/BaseSAML2BindingBuilder.java" + } + ] + }, + "cryptoProperties": { + "assetType": "related-crypto-material", + "relatedCryptoMaterialProperties": { + "type": "secret-key" + } + } + }, + { + "type": "cryptographic-asset", + "bom-ref": "4806f137-4f5d-4633-a18b-4ebca216fe8d", + "name": "key@4806f137-4f5d-4633-a18b-4ebca216fe8d", + "evidence": { + "occurrences": [ + { + "line": 204, + "offset": 36, + "additionalContext": "java.security.KeyFactory#getInstance(Ljava/lang/String;Ljava/lang/String;)Ljava/security/KeyFactory;", + "location": "crypto/fips1402/src/main/java/org/keycloak/crypto/fips/BCFIPSEcdhEsAlgorithmProvider.java" + } + ] + }, + "cryptoProperties": { + "assetType": "related-crypto-material", + "relatedCryptoMaterialProperties": { + "type": "secret-key" + } + } + }, + { + "type": "cryptographic-asset", + "bom-ref": "229e70c7-f03a-43f2-bffb-aca45c245c6f", + "name": "key@229e70c7-f03a-43f2-bffb-aca45c245c6f", + "evidence": { + "occurrences": [ + { + "line": 234, + "offset": 39, + "additionalContext": "java.security.KeyFactory#getInstance(Ljava/lang/String;)Ljava/security/KeyFactory;", + "location": "saml-core-api/src/main/java/org/keycloak/dom/xmlsec/w3/xmldsig/DSAKeyValueType.java" + } + ] + }, + "cryptoProperties": { + "assetType": "related-crypto-material", + "relatedCryptoMaterialProperties": { + "type": "secret-key" + } + } + }, + { + "type": "cryptographic-asset", + "bom-ref": "b5564da6-fd98-4485-b2ca-bf7aa86978b9", + "name": "TLS", + "evidence": { + "occurrences": [ + { + "line": 262, + "offset": 29, + "additionalContext": "javax.net.ssl.SSLContext#getInstance(Ljava/lang/String;)Ljavax/net/ssl/SSLContext;", + "location": "adapters/saml/core/src/main/java/org/keycloak/adapters/cloned/HttpClientBuilder.java" + }, + { + "line": 440, + "offset": 25, + "additionalContext": "javax.net.ssl.SSLContext#getInstance(Ljava/lang/String;)Ljavax/net/ssl/SSLContext;", + "location": "quarkus/tests/junit5/src/main/java/org/keycloak/it/utils/RawKeycloakDistribution.java" + }, + { + "line": 340, + "offset": 29, + "additionalContext": "javax.net.ssl.SSLContext#getInstance(Ljava/lang/String;)Ljavax/net/ssl/SSLContext;", + "location": "quarkus/runtime/src/main/java/org/keycloak/quarkus/runtime/storage/legacy/infinispan/CacheManagerFactory.java" + }, + { + "line": 532, + "offset": 32, + "additionalContext": "javax.net.ssl.SSLContext#getInstance(Ljava/lang/String;)Ljavax/net/ssl/SSLContext;", + "location": "testsuite/utils/src/main/java/org/keycloak/testsuite/KeycloakServer.java" + }, + { + "line": 391, + "offset": 25, + "additionalContext": "javax.net.ssl.SSLContext#getInstance(Ljava/lang/String;)Ljavax/net/ssl/SSLContext;", + "location": "testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/arquillian/containers/AbstractQuarkusDeployableContainer.java" + }, + { + "line": 174, + "offset": 28, + "additionalContext": "javax.net.ssl.SSLContext#getInstance(Ljava/lang/String;)Ljavax/net/ssl/SSLContext;", + "location": "testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/arquillian/containers/InfinispanServerDeployableContainer.java" + }, + { + "line": 98, + "offset": 36, + "additionalContext": "javax.net.ssl.SSLContext#getInstance(Ljava/lang/String;)Ljavax/net/ssl/SSLContext;", + "location": "testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/util/MutualTLSUtils.java" + }, + { + "line": 66, + "offset": 22, + "additionalContext": "javax.net.ssl.SSLContext#getInstance(Ljava/lang/String;)Ljavax/net/ssl/SSLContext;", + "location": "testsuite/integration-arquillian/util/src/main/java/org/keycloak/testsuite/utils/tls/TLSUtils.java" + }, + { + "line": 62, + "offset": 44, + "additionalContext": "javax.net.ssl.SSLContext#getInstance(Ljava/lang/String;)Ljavax/net/ssl/SSLContext;", + "location": "services/src/main/java/org/keycloak/truststore/JSSETruststoreConfigurator.java" + } + ] + }, + "cryptoProperties": { + "assetType": "protocol", + "protocolProperties": { + "type": "tls" + } + } + }, + { + "type": "cryptographic-asset", + "bom-ref": "2efd0b23-5764-4104-9666-0feac324a901", + "name": "HMACSHA2", + "evidence": { + "occurrences": [ + { + "line": 170, + "offset": 32, + "additionalContext": "javax.crypto.spec.SecretKeySpec#([BLjava/lang/String;)V", + "location": "core/src/main/java/org/keycloak/jose/jwe/enc/AesCbcHmacShaEncryptionProvider.java" + } + ] + }, + "cryptoProperties": { + "assetType": "algorithm", + "algorithmProperties": { + "primitive": "other", + "cryptoFunctions": [ + "keygen" + ] + } + } + }, + { + "type": "cryptographic-asset", + "bom-ref": "9a1e8637-a59b-478f-b341-7686e7991d02", + "name": "key@9a1e8637-a59b-478f-b341-7686e7991d02", + "evidence": { + "occurrences": [ + { + "line": 103, + "offset": 39, + "additionalContext": "java.security.KeyFactory#getInstance(Ljava/lang/String;)Ljava/security/KeyFactory;", + "location": "saml-core-api/src/main/java/org/keycloak/dom/xmlsec/w3/xmldsig/RSAKeyValueType.java" + } + ] + }, + "cryptoProperties": { + "assetType": "related-crypto-material", + "relatedCryptoMaterialProperties": { + "type": "secret-key" + } + } + }, + { + "type": "cryptographic-asset", + "bom-ref": "2820a412-16db-461c-99ca-9f87280f53c3", + "name": "key@2820a412-16db-461c-99ca-9f87280f53c3", + "evidence": { + "occurrences": [ + { + "line": 192, + "offset": 34, + "additionalContext": "java.security.KeyPairGenerator#getInstance(Ljava/lang/String;)Ljava/security/KeyPairGenerator;", + "location": "testsuite/integration-arquillian/servers/auth-server/services/testsuite-providers/src/main/java/org/keycloak/testsuite/rest/resource/TestingOIDCEndpointsApplicationResource.java" + } + ] + }, + "cryptoProperties": { + "assetType": "related-crypto-material", + "relatedCryptoMaterialProperties": { + "type": "secret-key" + } + } + }, + { + "type": "cryptographic-asset", + "bom-ref": "b37f50e7-edae-4d11-8bb8-fbb982c088e0", + "name": "MGF1", + "evidence": { + "occurrences": [ + { + "line": 183, + "offset": 48, + "additionalContext": "java.security.spec.PSSParameterSpec#(Ljava/lang/String;Ljava/lang/String;Ljava/security/spec/AlgorithmParameterSpec;II)V", + "location": "crypto/elytron/src/main/java/org/keycloak/crypto/elytron/WildFlyElytronProvider.java" + } + ] + }, + "cryptoProperties": { + "assetType": "algorithm", + "algorithmProperties": { + "primitive": "other" + }, + "oid": "1.2.840.113549.1.1.8" + } + }, + { + "type": "cryptographic-asset", + "bom-ref": "e5c95de6-46e7-4c6e-a73e-bb811f5ef741", + "name": "key@e5c95de6-46e7-4c6e-a73e-bb811f5ef741", + "evidence": { + "occurrences": [ + { + "line": 192, + "offset": 34, + "additionalContext": "java.security.KeyPairGenerator#getInstance(Ljava/lang/String;)Ljava/security/KeyPairGenerator;", + "location": "testsuite/integration-arquillian/servers/auth-server/services/testsuite-providers/src/main/java/org/keycloak/testsuite/rest/resource/TestingOIDCEndpointsApplicationResource.java" + } + ] + }, + "cryptoProperties": { + "assetType": "related-crypto-material", + "relatedCryptoMaterialProperties": { + "type": "secret-key" + } + } + }, + { + "type": "cryptographic-asset", + "bom-ref": "6e239901-c2a1-454c-bbec-ec8928a87f5e", + "name": "AES128-CBC-PKCS5", + "evidence": { + "occurrences": [ + { + "line": 138, + "offset": 15, + "additionalContext": "javax.crypto.Cipher#getInstance(Ljava/lang/String;)Ljavax/crypto/Cipher;", + "location": "crypto/elytron/src/main/java/org/keycloak/crypto/elytron/WildFlyElytronProvider.java" + } + ] + }, + "cryptoProperties": { + "assetType": "algorithm", + "algorithmProperties": { + "primitive": "block-cipher", + "parameterSetIdentifier": "128", + "mode": "cbc", + "padding": "pkcs5" + }, + "oid": "2.16.840.1.101.3.4.1" + } + }, + { + "type": "cryptographic-asset", + "bom-ref": "5066eb00-aa17-4fa6-ace2-0f0104a799a7", + "name": "key@5066eb00-aa17-4fa6-ace2-0f0104a799a7", + "evidence": { + "occurrences": [ + { + "line": 132, + "offset": 38, + "additionalContext": "java.security.KeyPairGenerator#getInstance(Ljava/lang/String;)Ljava/security/KeyPairGenerator;", + "location": "crypto/default/src/main/java/org/keycloak/crypto/def/BCEcdhEsAlgorithmProvider.java" + } + ] + }, + "cryptoProperties": { + "assetType": "related-crypto-material", + "relatedCryptoMaterialProperties": { + "type": "secret-key" + } + } + }, + { + "type": "cryptographic-asset", + "bom-ref": "64a2925f-c428-4e74-b596-4b429e15fce3", + "name": "secret-key@64a2925f-c428-4e74-b596-4b429e15fce3", + "evidence": { + "occurrences": [ + { + "line": 169, + "offset": 31, + "additionalContext": "javax.crypto.spec.SecretKeySpec#([BLjava/lang/String;)V", + "location": "core/src/main/java/org/keycloak/jose/jwe/enc/AesCbcHmacShaEncryptionProvider.java" + } + ] + }, + "cryptoProperties": { + "assetType": "related-crypto-material", + "relatedCryptoMaterialProperties": { + "type": "secret-key" + } + } + }, + { + "type": "cryptographic-asset", + "bom-ref": "6f396466-03f5-4033-8981-c038be42ca0c", + "name": "key@6f396466-03f5-4033-8981-c038be42ca0c", + "evidence": { + "occurrences": [ + { + "line": 141, + "offset": 38, + "additionalContext": "java.security.KeyPairGenerator#getInstance(Ljava/lang/String;Ljava/lang/String;)Ljava/security/KeyPairGenerator;", + "location": "crypto/fips1402/src/main/java/org/keycloak/crypto/fips/BCFIPSEcdhEsAlgorithmProvider.java" + } + ] + }, + "cryptoProperties": { + "assetType": "related-crypto-material", + "relatedCryptoMaterialProperties": { + "type": "secret-key" + } + } + }, + { + "type": "cryptographic-asset", + "bom-ref": "a5162033-019e-42da-8342-a86062fdb923", + "name": "AES128-GCM", + "evidence": { + "occurrences": [ + { + "line": 143, + "offset": 15, + "additionalContext": "javax.crypto.Cipher#getInstance(Ljava/lang/String;)Ljavax/crypto/Cipher;", + "location": "crypto/elytron/src/main/java/org/keycloak/crypto/elytron/WildFlyElytronProvider.java" + } + ] + }, + "cryptoProperties": { + "assetType": "algorithm", + "algorithmProperties": { + "primitive": "ae", + "parameterSetIdentifier": "128", + "mode": "gcm" + }, + "oid": "2.16.840.1.101.3.4.1" + } + }, + { + "type": "cryptographic-asset", + "bom-ref": "4d3a4d5f-d7db-4e3c-a1ed-31c8c863d95c", + "name": "SHA256", + "evidence": { + "occurrences": [ + { + "line": 150, + "offset": 32, + "additionalContext": "javax.crypto.spec.SecretKeySpec#([BLjava/lang/String;)V", + "location": "server-spi-private/src/main/java/org/keycloak/models/utils/KeycloakModelUtils.java" + }, + { + "line": 118, + "offset": 17, + "additionalContext": "java.security.MessageDigest#getInstance(Ljava/lang/String;)Ljava/security/MessageDigest;", + "location": "server-spi-private/src/main/java/org/keycloak/broker/provider/AbstractIdentityProvider.java" + }, + { + "line": 138, + "offset": 31, + "additionalContext": "java.security.MessageDigest#getInstance(Ljava/lang/String;)Ljava/security/MessageDigest;", + "location": "testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/util/MutualTLSUtils.java" + }, + { + "line": 88, + "offset": 32, + "additionalContext": "java.security.MessageDigest#getInstance(Ljava/lang/String;)Ljava/security/MessageDigest;", + "location": "operator/src/main/java/org/keycloak/operator/controllers/WatchedResources.java" + }, + { + "line": 119, + "offset": 31, + "additionalContext": "java.security.MessageDigest#getInstance(Ljava/lang/String;)Ljava/security/MessageDigest;", + "location": "services/src/main/java/org/keycloak/protocol/oid4vc/issuance/signing/vcdm/Ed255192018Suite.java" + }, + { + "line": 37, + "offset": 41, + "additionalContext": "java.security.MessageDigest#getInstance(Ljava/lang/String;)Ljava/security/MessageDigest;", + "location": "services/src/main/java/org/keycloak/protocol/docker/DockerKeyIdentifier.java" + }, + { + "line": 49, + "offset": 27, + "additionalContext": "java.security.MessageDigest#getInstance(Ljava/lang/String;)Ljava/security/MessageDigest;", + "location": "services/src/main/java/org/keycloak/protocol/oidc/utils/PkceUtils.java" + }, + { + "line": 88, + "offset": 21, + "additionalContext": "java.security.MessageDigest#getInstance(Ljava/lang/String;)Ljava/security/MessageDigest;", + "location": "services/src/main/java/org/keycloak/protocol/oidc/mappers/SHA256PairwiseSubMapper.java" + }, + { + "line": 85, + "offset": 19, + "additionalContext": "java.security.MessageDigest#getInstance(Ljava/lang/String;)Ljava/security/MessageDigest;", + "location": "services/src/main/java/org/keycloak/protocol/oidc/par/endpoints/AbstractParEndpoint.java" + }, + { + "line": 256, + "offset": 25, + "additionalContext": "java.security.MessageDigest#getInstance(Ljava/lang/String;)Ljava/security/MessageDigest;", + "location": "services/src/main/java/org/keycloak/services/resources/IdentityBrokerService.java" + }, + { + "line": 254, + "offset": 31, + "additionalContext": "java.security.MessageDigest#getInstance(Ljava/lang/String;)Ljava/security/MessageDigest;", + "location": "services/src/main/java/org/keycloak/services/resources/account/LinkedAccountsResource.java" + }, + { + "line": 114, + "offset": 27, + "additionalContext": "java.security.MessageDigest#getInstance(Ljava/lang/String;)Ljava/security/MessageDigest;", + "location": "services/src/main/java/org/keycloak/services/util/MtlsHoKTokenUtil.java" + }, + { + "line": 230, + "offset": 27, + "additionalContext": "java.security.MessageDigest#getInstance(Ljava/lang/String;)Ljava/security/MessageDigest;", + "location": "services/src/main/java/org/keycloak/services/clientpolicy/executor/PKCEEnforcerExecutor.java" + } + ] + }, + "cryptoProperties": { + "assetType": "algorithm", + "algorithmProperties": { + "primitive": "hash", + "parameterSetIdentifier": "256", + "cryptoFunctions": [ + "digest" + ] + }, + "oid": "2.16.840.1.101.3.4.2.1" + } + }, + { + "type": "cryptographic-asset", + "bom-ref": "7bfcbfa4-82bc-40fa-a3cf-357a577c3946", + "name": "secret-key@7bfcbfa4-82bc-40fa-a3cf-357a577c3946", + "evidence": { + "occurrences": [ + { + "line": 80, + "offset": 44, + "additionalContext": "javax.crypto.spec.SecretKeySpec#([BLjava/lang/String;)V", + "location": "crypto/elytron/src/main/java/org/keycloak/crypto/elytron/ElytronEcdhEsAlgorithmProvider.java" + } + ] + }, + "cryptoProperties": { + "assetType": "related-crypto-material", + "relatedCryptoMaterialProperties": { + "type": "secret-key" + } + } + }, + { + "type": "cryptographic-asset", + "bom-ref": "af824f1e-e357-4ef8-8ce3-2ea1ae2f2377", + "name": "AES128", + "evidence": { + "occurrences": [ + { + "line": 80, + "offset": 44, + "additionalContext": "javax.crypto.spec.SecretKeySpec#([BLjava/lang/String;)V", + "location": "crypto/elytron/src/main/java/org/keycloak/crypto/elytron/ElytronEcdhEsAlgorithmProvider.java" + }, + { + "line": 113, + "offset": 42, + "additionalContext": "javax.crypto.spec.SecretKeySpec#([BLjava/lang/String;)V", + "location": "crypto/elytron/src/main/java/org/keycloak/crypto/elytron/ElytronEcdhEsAlgorithmProvider.java" + }, + { + "line": 115, + "offset": 31, + "additionalContext": "javax.crypto.spec.SecretKeySpec#([BLjava/lang/String;)V", + "location": "crypto/elytron/src/main/java/org/keycloak/crypto/elytron/ElytronEcdhEsAlgorithmProvider.java" + }, + { + "line": 288, + "offset": 34, + "additionalContext": "javax.crypto.spec.SecretKeySpec#([BLjava/lang/String;)V", + "location": "saml-core/src/main/java/org/keycloak/saml/BaseSAML2BindingBuilder.java" + }, + { + "line": 152, + "offset": 31, + "additionalContext": "javax.crypto.spec.SecretKeySpec#([BLjava/lang/String;)V", + "location": "core/src/main/java/org/keycloak/jose/jwe/enc/AesGcmEncryptionProvider.java" + }, + { + "line": 169, + "offset": 31, + "additionalContext": "javax.crypto.spec.SecretKeySpec#([BLjava/lang/String;)V", + "location": "core/src/main/java/org/keycloak/jose/jwe/enc/AesCbcHmacShaEncryptionProvider.java" + } + ] + }, + "cryptoProperties": { + "assetType": "algorithm", + "algorithmProperties": { + "primitive": "block-cipher", + "parameterSetIdentifier": "128", + "cryptoFunctions": [ + "keygen" + ] + }, + "oid": "2.16.840.1.101.3.4.1" + } + }, + { + "type": "cryptographic-asset", + "bom-ref": "485a1386-1a7b-480f-9d81-51b32f549cda", + "name": "secret-key@485a1386-1a7b-480f-9d81-51b32f549cda", + "evidence": { + "occurrences": [ + { + "line": 152, + "offset": 31, + "additionalContext": "javax.crypto.spec.SecretKeySpec#([BLjava/lang/String;)V", + "location": "core/src/main/java/org/keycloak/jose/jwe/enc/AesGcmEncryptionProvider.java" + } + ] + }, + "cryptoProperties": { + "assetType": "related-crypto-material", + "relatedCryptoMaterialProperties": { + "type": "secret-key" + } + } + }, + { + "type": "cryptographic-asset", + "bom-ref": "b72c0a06-1588-438c-9ad4-213265fa4c84", + "name": "RSASSA-PSS", + "evidence": { + "occurrences": [ + { + "line": 179, + "offset": 32, + "additionalContext": "java.security.Signature#getInstance(Ljava/lang/String;)Ljava/security/Signature;", + "location": "crypto/elytron/src/main/java/org/keycloak/crypto/elytron/WildFlyElytronProvider.java" + } + ] + }, + "cryptoProperties": { + "assetType": "algorithm", + "algorithmProperties": { + "primitive": "signature" + }, + "oid": "1.2.840.113549.1.1.10" + } + }, + { + "type": "cryptographic-asset", + "bom-ref": "ca4dc80a-f666-4e73-9834-d400ee030c17", + "name": "EC-secp256r1", + "evidence": { + "occurrences": [ + { + "line": 144, + "offset": 47, + "location": "testsuite/integration-arquillian/servers/auth-server/services/testsuite-providers/src/main/java/org/keycloak/testsuite/rest/resource/TestingOIDCEndpointsApplicationResource.java" + } + ] + }, + "cryptoProperties": { + "assetType": "algorithm", + "algorithmProperties": { + "primitive": "pke", + "curve": "secp256r1", + "cryptoFunctions": [ + "keygen" + ] + }, + "oid": "1.2.840.10045.2.1" + } + } + ], + "dependencies": [ + { + "ref": "39ce56d1-f2fe-4f65-bec1-95212518e243", + "dependsOn": [ + "2efd0b23-5764-4104-9666-0feac324a901" + ] + }, + { + "ref": "e5c95de6-46e7-4c6e-a73e-bb811f5ef741", + "dependsOn": [ + "f4b134fa-cc66-419b-959a-a82dc2eeebcc" + ] + }, + { + "ref": "9ac3bf9b-203a-46ee-9fec-840257c44145", + "dependsOn": [ + "4d3a4d5f-d7db-4e3c-a1ed-31c8c863d95c" + ] + }, + { + "ref": "0692644a-4902-4d4e-ac6b-ca1f6e4025f4", + "dependsOn": [ + "d577b328-ed4a-4b92-8e0f-a714205ae070" + ] + }, + { + "ref": "7bfcbfa4-82bc-40fa-a3cf-357a577c3946", + "dependsOn": [ + "af824f1e-e357-4ef8-8ce3-2ea1ae2f2377" + ] + }, + { + "ref": "a978f3b3-0bd3-42da-9f8c-48ca6bad8960", + "dependsOn": [ + "f4b134fa-cc66-419b-959a-a82dc2eeebcc" + ] + }, + { + "ref": "4806f137-4f5d-4633-a18b-4ebca216fe8d", + "dependsOn": [ + "f4b134fa-cc66-419b-959a-a82dc2eeebcc" + ] + }, + { + "ref": "42da2a3f-562d-4c9e-9100-dd1d6e9abc00", + "dependsOn": [ + "af824f1e-e357-4ef8-8ce3-2ea1ae2f2377" + ] + }, + { + "ref": "6f7d99ed-2d59-41cc-b089-1d576dd7437a", + "dependsOn": [ + "f4b134fa-cc66-419b-959a-a82dc2eeebcc" + ] + }, + { + "ref": "a74b6486-bfa0-43c4-b9b4-8c2f3b013016", + "dependsOn": [ + "02402fd6-7234-4648-95d1-f054bb8c0e0c" + ] + }, + { + "ref": "26e93c1f-5892-469a-93f9-a0700d16d182", + "dependsOn": [ + "9ac3bf9b-203a-46ee-9fec-840257c44145" + ] + }, + { + "ref": "8d813489-1c9b-4f9a-9bfe-c1e665c1cd7d", + "dependsOn": [ + "fe7c24fe-ec56-4f21-bd4e-87082792ae90" + ] + }, + { + "ref": "5066eb00-aa17-4fa6-ace2-0f0104a799a7", + "dependsOn": [ + "f4b134fa-cc66-419b-959a-a82dc2eeebcc" + ] + }, + { + "ref": "7b5157d4-56ea-4833-81a0-2e90a25a8cd3", + "dependsOn": [ + "f4b134fa-cc66-419b-959a-a82dc2eeebcc" + ] + }, + { + "ref": "92f2aa39-8cc3-402c-a122-c133a7c255bd", + "dependsOn": [ + "af824f1e-e357-4ef8-8ce3-2ea1ae2f2377" + ] + }, + { + "ref": "850864dc-1acd-4ca5-9703-b2c4ddd388da", + "dependsOn": [ + "9972ec0e-60cd-43ef-839a-fd72fc4c9ec5" + ] + }, + { + "ref": "f85ecceb-aa1b-4a7e-b76e-deae546e93a2", + "dependsOn": [ + "f4b134fa-cc66-419b-959a-a82dc2eeebcc" + ] + }, + { + "ref": "3f6d64fc-4402-496c-bc9b-87b4d32b048e", + "dependsOn": [ + "02402fd6-7234-4648-95d1-f054bb8c0e0c" + ] + }, + { + "ref": "1fe22c0b-2937-4816-8390-c191e620d380", + "dependsOn": [ + "fe7c24fe-ec56-4f21-bd4e-87082792ae90" + ] + }, + { + "ref": "01f0866b-5380-4789-a450-5c8e8f2d4c9c", + "dependsOn": [ + "af824f1e-e357-4ef8-8ce3-2ea1ae2f2377" + ] + }, + { + "ref": "dddaf42d-c036-49c2-8605-c9a7984f06ae", + "dependsOn": [ + "03b152ee-a469-4489-b040-74ea08654205" + ] + }, + { + "ref": "1e1a85de-dc1a-4f7f-bdc9-52ca7d3de503", + "dependsOn": [ + "f4b134fa-cc66-419b-959a-a82dc2eeebcc" + ] + }, + { + "ref": "229e70c7-f03a-43f2-bffb-aca45c245c6f", + "dependsOn": [ + "771209b4-7f14-457e-9158-e781d91f5caa" + ] + }, + { + "ref": "03b152ee-a469-4489-b040-74ea08654205", + "dependsOn": [ + "72bbe566-fb77-40f1-ad3d-8d7f079b1f55" + ] + }, + { + "ref": "64a2925f-c428-4e74-b596-4b429e15fce3", + "dependsOn": [ + "af824f1e-e357-4ef8-8ce3-2ea1ae2f2377" + ] + }, + { + "ref": "974ae597-4047-4322-8d96-f13a04c5e597", + "dependsOn": [ + "c2b31aa1-016f-4337-b379-ec987f0d6e44" + ] + }, + { + "ref": "6f396466-03f5-4033-8981-c038be42ca0c", + "dependsOn": [ + "f4b134fa-cc66-419b-959a-a82dc2eeebcc" + ] + }, + { + "ref": "bc257a33-dd7f-4261-bcbc-35e23cc0aba5", + "dependsOn": [ + "f4b134fa-cc66-419b-959a-a82dc2eeebcc" + ] + }, + { + "ref": "fa4092da-4c4c-4366-b406-0985d5483637", + "dependsOn": [ + "f4b134fa-cc66-419b-959a-a82dc2eeebcc" + ] + }, + { + "ref": "52b74b73-2d01-443e-a98f-18e3ed5e7ecc", + "dependsOn": [ + "f4b134fa-cc66-419b-959a-a82dc2eeebcc" + ] + }, + { + "ref": "56eeecf6-259b-4577-87b0-e78e7dd7f1c1", + "dependsOn": [ + "771209b4-7f14-457e-9158-e781d91f5caa" + ] + }, + { + "ref": "9a1e8637-a59b-478f-b341-7686e7991d02", + "dependsOn": [ + "02402fd6-7234-4648-95d1-f054bb8c0e0c" + ] + }, + { + "ref": "b72c0a06-1588-438c-9ad4-213265fa4c84", + "dependsOn": [ + "b37f50e7-edae-4d11-8bb8-fbb982c088e0" + ] + }, + { + "ref": "485a1386-1a7b-480f-9d81-51b32f549cda", + "dependsOn": [ + "af824f1e-e357-4ef8-8ce3-2ea1ae2f2377" + ] + }, + { + "ref": "2820a412-16db-461c-99ca-9f87280f53c3", + "dependsOn": [ + "ca4dc80a-f666-4e73-9834-d400ee030c17" + ] + }, + { + "ref": "e73835a2-57be-4658-8974-351119cc2b86", + "dependsOn": [ + "f4b134fa-cc66-419b-959a-a82dc2eeebcc" + ] + } + ] +} \ No newline at end of file