diff --git a/schema/jsf-0.82.schema.json b/schema/jsf-0.82.schema.json index f46bfb1e..7133838c 100644 --- a/schema/jsf-0.82.schema.json +++ b/schema/jsf-0.82.schema.json @@ -3,7 +3,7 @@ "$id": "http://cyclonedx.org/schema/jsf-0.82.schema.json", "type": "object", "title": "JSON Signature Format (JSF) standard", - "$comment" : "JSON Signature Format schema is published under the terms of the Apache License 2.0. JSF was developed by Anders Rundgren (anders.rundgren.net@gmail.com) as a part of the OpenKeyStore project. This schema supports the entirely of the JSF standard excluding 'extensions'.", + "$comment" : "JSON Signature Format schema is published under the terms of the Apache License 2.0. JSF was developed by Anders Rundgren (anders.rundgren.net@gmail.com) as a part of the OpenKeyStore project. This schema extends the JSF standard to include post-quantum algorithms (ML-DSA and ML-KEM) following NIST FIPS 204 and FIPS 203 standards, excluding 'extensions'.", "definitions": { "signature": { "type": "object", @@ -15,7 +15,7 @@ "signers": { "type": "array", "title": "Signature", - "description": "Unique top level property for Multiple Signatures. (multisignature)", + "description": "Unique top level property for Multiple Signatures. (multisignature). Can include both classical and post-quantum signatures.", "items": {"$ref": "#/definitions/signer"} } } @@ -26,14 +26,14 @@ "chain": { "type": "array", "title": "Signature", - "description": "Unique top level property for Signature Chains. (signaturechain)", + "description": "Unique top level property for Signature Chains. (signaturechain). Chain can include both classical and post-quantum signatures following NIST FIPS 204 standards.", "items": {"$ref": "#/definitions/signer"} } } }, { "title": "Signature", - "description": "Unique top level property for simple signatures. (signaturecore)", + "description": "Unique top level property for simple signatures. (signaturecore). Supports both classical and post-quantum algorithms including ML-DSA and ML-KEM variants.", "$ref": "#/definitions/signer" } ] @@ -52,7 +52,7 @@ { "type": "string", "title": "Algorithm", - "description": "Signature algorithm. The currently recognized JWA [RFC7518] and RFC8037 [RFC8037] asymmetric key algorithms. Note: Unlike RFC8037 [RFC8037] JSF requires explicit Ed* algorithm names instead of \"EdDSA\".", + "description": "Signature or KEM algorithm. The currently recognized JWA [RFC7518] and RFC8037 [RFC8037] asymmetric key algorithms, plus post-quantum algorithms. Note: Unlike RFC8037 [RFC8037] JSF requires explicit Ed* algorithm names instead of \"EdDSA\". Post-quantum ML-DSA signature algorithms and ML-KEM key encapsulation mechanisms have been added following NIST FIPS 204 and FIPS 203 standardization.", "enum": [ "RS256", "RS384", @@ -67,13 +67,19 @@ "Ed448", "HS256", "HS384", - "HS512" + "HS512", + "ML-DSA-44", + "ML-DSA-65", + "ML-DSA-87", + "ML-KEM-512", + "ML-KEM-768", + "ML-KEM-1024" ] }, { "type": "string", "title": "Algorithm", - "description": "Signature algorithm. Note: If proprietary signature algorithms are added, they must be expressed as URIs.", + "description": "Signature or KEM algorithm. Note: If proprietary algorithms are added, they must be expressed as URIs.", "format": "uri" } ] @@ -81,17 +87,17 @@ "keyId": { "type": "string", "title": "Key ID", - "description": "Optional. Application specific string identifying the signature key." + "description": "Optional. Application specific string identifying the signature key. Can reference both classical and post-quantum keys." }, "publicKey": { "title": "Public key", - "description": "Optional. Public key object.", + "description": "Optional. Public key object. Supports classical key types (EC, RSA, OKP) and post-quantum key types (PQ) for ML-DSA and ML-KEM algorithms.", "$ref": "#/definitions/publicKey" }, "certificatePath": { "type": "array", "title": "Certificate path", - "description": "Optional. Sorted array of X.509 [RFC5280] certificates, where the first element must contain the signature certificate. The certificate path must be contiguous but is not required to be complete.", + "description": "Optional. Sorted array of X.509 [RFC5280] certificates, where the first element must contain the signature certificate. The certificate path must be contiguous but is not required to be complete. Certificates may contain post-quantum public keys following NIST standards.", "items": { "type": "string" } @@ -99,31 +105,32 @@ "excludes": { "type": "array", "title": "Excludes", - "description": "Optional. Array holding the names of one or more application level properties that must be excluded from the signature process. Note that the \"excludes\" property itself, must also be excluded from the signature process. Since both the \"excludes\" property and the associated data it points to are unsigned, a conforming JSF implementation must provide options for specifying which properties to accept.", + "description": "Optional. Array holding the names of one or more application level properties that must be excluded from the signature process. Note that the \"excludes\" property itself, must also be excluded from the signature process. Since both the \"excludes\" property and the associated data it points to are unsigned, a conforming JSF implementation must provide options for specifying which properties to accept. This applies to both classical and post-quantum signatures.", "items": { "type": "string" } }, "value": { "type": "string", - "title": "Signature", - "description": "The signature data. Note that the binary representation must follow the JWA [RFC7518] specifications." + "title": "Signature or Encapsulated Key", + "description": "The signature data or encapsulated key encoded as base64url without padding. Encoding standards: (1) Classical algorithms (RS256, ES256, Ed25519, etc.): Follow JWA [RFC7518] specifications for signature serialization. (2) Post-quantum signature algorithms (ML-DSA-44, ML-DSA-65, ML-DSA-87): Follow NIST FIPS 204 standard for ML-DSA signature encoding. (3) Post-quantum KEM algorithms (ML-KEM-512, ML-KEM-768, ML-KEM-1024): Follow NIST FIPS 203 standard for ML-KEM encapsulated key encoding." } } }, "keyType": { "type": "string", "title": "Key type", - "description": "Key type indicator.", + "description": "Key type indicator. 'PQ' indicates post-quantum algorithms following NIST FIPS 204 and FIPS 203 standards, including ML-DSA signature algorithms and ML-KEM key encapsulation mechanisms.", "enum": [ "EC", "OKP", - "RSA" + "RSA", + "PQ" ] }, "publicKey": { "title": "Public key", - "description": "Optional. Public key object.", + "description": "Optional. Public key object. Supports classical key types (EC, RSA, OKP) and post-quantum key types (PQ) for ML-DSA and ML-KEM algorithms.", "type": "object", "required": [ "kty" @@ -233,6 +240,42 @@ } } } + }, + { + "if": { + "properties": { "kty": { "const": "PQ" } } + }, + "then": { + "required": [ + "kty", + "alg", + "x" + ], + "additionalProperties": false, + "properties": { + "kty": { + "$ref": "#/definitions/keyType" + }, + "alg": { + "type": "string", + "title": "Algorithm", + "description": "Post-quantum algorithm identifier.", + "enum": [ + "ML-DSA-44", + "ML-DSA-65", + "ML-DSA-87", + "ML-KEM-512", + "ML-KEM-768", + "ML-KEM-1024" + ] + }, + "x": { + "type": "string", + "title": "Public Key", + "description": "Post-quantum public key data encoded as base64url without padding. For ML-DSA algorithms, follows NIST FIPS 204 specification. For ML-KEM algorithms, follows NIST FIPS 203 specification for the corresponding algorithm variant." + } + } + } } ] }