Open n1ckl0sk0rtge opened 3 months ago
At the moment, this topic is on hold. In the current version of CBOM, there is no option to reference algorithms from other algorithms. This is necessary for many scenarios (signature algorithm uses digest algorithm). As this reference cannot be expressed via the algorithm properties and for reasons of conciseness, we present all dependencies in the Dependencies section.
If cryptographic values are interdependent, the “internal” cryptographic references should be used to define these relationships.
Example:
if a
key
dependence on analgorithm
use thecryptoRef
field in therelatedCryptoMaterialsProperties
to reference the algorithm.