Fix Signature issue with Signatories while serializing

Signed-off-by: Alex Alzate <[email protected]>
CycloneDX · Nov 21, 2024 · a5ee68c · a5ee68c
1 parent f32f471
commit a5ee68c
Show file tree

Hide file tree

Showing 3 changed files with 37 additions and 0 deletions.
diff --git a/src/main/java/org/cyclonedx/model/attestation/affirmation/Signatory.java b/src/main/java/org/cyclonedx/model/attestation/affirmation/Signatory.java
@@ -15,6 +15,7 @@
 
 @JsonIgnoreProperties(ignoreUnknown = true)
 @JsonInclude(JsonInclude.Include.NON_EMPTY)
+@JsonTypeName("signatory")
 @JsonPropertyOrder({"name", "role", "signature", "organization", "externalReference"})
 @JsonDeserialize(using = SignatoryDeserializer.class)
 public class Signatory extends ExtensibleElement

diff --git a/src/test/java/org/cyclonedx/BomJsonGeneratorTest.java b/src/test/java/org/cyclonedx/BomJsonGeneratorTest.java
@@ -398,6 +398,18 @@ public void schema16_testAttestations() throws Exception {
         assertTrue(parser.isValid(loadedFile, version));
     }
 
+    @Test
+    public void schema16_testAttestations_json() throws Exception {
+        Version version = Version.VERSION_16;
+        Bom bom = createCommonJsonBom("/1.6/valid-attestation-1.6.json");
+
+        BomJsonGenerator generator = BomGeneratorFactory.createJson(version, bom);
+        File loadedFile = writeToFile(generator.toJsonString());
+
+        JsonParser parser = new JsonParser();
+        assertTrue(parser.isValid(loadedFile, version));
+    }
+
     @Test
     public void schema16_testCompositions() throws Exception {
         Version version = Version.VERSION_16;

diff --git a/src/test/java/org/cyclonedx/BomXmlGeneratorTest.java b/src/test/java/org/cyclonedx/BomXmlGeneratorTest.java
@@ -516,6 +516,30 @@ public void schema16_testAttestations() throws Exception {
         assertTrue(parser.isValid(loadedFile, version));
     }
 
+    @Test
+    public void schema16_testAttestations_xml() throws Exception {
+        Version version = Version.VERSION_16;
+        Bom bom = createCommonBomXml("/1.6/valid-attestation-1.6.xml");
+        addSignature(bom);
+
+        BomXmlGenerator generator = BomGeneratorFactory.createXml(version, bom);
+        File loadedFile = writeToFile(generator.toXmlString());
+
+        XmlParser parser = new XmlParser();
+        assertTrue(parser.isValid(loadedFile, version));
+    }
+
+    private void addSignature(Bom bom) {
+        List<Attribute> attributes = new ArrayList<>();
+        attributes.add(new Attribute("xmlns", "http://www.w3.org/2000/09/xmldsig#"));
+        ExtensibleType signature = new ExtensibleType("ds", "Signature",  attributes, "");
+        bom.getDeclarations().getAffirmation().getSignatories().get(0).addExtensibleType(signature);
+         /* <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+                        <!-- XML signature here -->
+                    </ds:Signature>*/
+    }
+
+
     @Test
     public void schema16_testCompositions() throws Exception {
         Version version = Version.VERSION_16;