CBOM generator for certificates
Project description
CBOM4CERT
The CBOM4CERT is a free, open source tool to generate a CBOM (Cryptography Bill of Materials) for one of more installed certificates in CycloneDX format.
Installation
To install use the following command:
pip install cbom4cert
Alternatively, just clone the repo and install dependencies using the following command:
pip install -U -r requirements.txt
The tool requires Python 3 (3.9+). It is recommended to use a virtual python environment especially
if you are using different versions of python. virtualenv is a tool for setting up virtual python environments which
allows you to have all the dependencies for the tool set up in a single environment, or have different environments set
up for testing using different versions of Python.
Usage
usage: cbom4cert [-h] [-c CERTIFICATE] [--system] [--path PATH] [-d] [--sbom {spdx,cyclonedx}] [--format {tag,json,yaml}] [-o OUTPUT_FILE] [-V]
CBOM4cert generates a Cryptography Bill of Materials for one or more installed certificates.
options:
-h, --help show this help message and exit
-V, --version show program's version number and exit
Input:
-c CERTIFICATE, --certificate CERTIFICATE
filename of certificate
--system include all installed python modules within system
--path PATH path to directory of certificates
Output:
-d, --debug add debug information
--sbom {spdx,cyclonedx}
specify type of sbom to generate (default: cyclonedx)
--format {tag,json,yaml}
specify format of software bill of materials (sbom) (default: json)
-o OUTPUT_FILE, --output-file OUTPUT_FILE
output filename (default: output to stdout)
Operation
The --certificate option is used to identify a certificate file. The --system option is used to indicate that the CBOM is to include all installed
certificates. Currently the --certificate option only works for Linux based platforms.
One of --certicate or --system must be specified. If multiple options are specified, the --certificate option is used.
The --path option is to specify the path to a directory containing certificates.
The --sbom option is used to specify the format of the generated SBOM (the default is CycloneDX). The --format option
can be used to specify the formatting of the SBOM (the default is Tag Value format for a SPDX SBOM). JSON format is supported for both
SPDX and CycloneDX SBOMs).
The --output-file option is used to control the destination of the output generated by the tool. The
default is to report to the console but can be stored in a file (specified using --output-file option).
Licence
Licenced under the Apache 2.0 Licence.
Limitations
The SPDX support is incomplete.
The --certificate option only works for Linix based platforms.
Feedback and Contributions
Bugs and feature requests can be made via GitHub Issues.
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distributions
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file cbom4cert-0.1.0-py3-none-any.whl.
File metadata
- Download URL: cbom4cert-0.1.0-py3-none-any.whl
- Upload date:
- Size: 12.3 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.10.8
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
4bb0c9977f67735566099e0e614f3b25b964ea29a1a605f84759ab4ccd8acbb0
|
|
| MD5 |
1349e7dcc3d3c336e0f661a186a4d1e9
|
|
| BLAKE2b-256 |
f7079ede2ac668a70e988635c580b0f14d6cdc98727c4e73af55bb08b398fad2
|
