{
	"SPDXID":"SPDXRef-DOCUMENT",
	"name":"pesign-obs-integration-0.10.1-4.oe2409.aarch64.rpm",
	"spdxVersion":"SPDX-2.2",
	"creationInfo":{
		"created":"2024-09-30T03:30:07.5589037Z",
		"creators":"[openeuler_creator]"
	},
	"dataLicense":"CC0-1.0",
	"documentNamespace":"https://repo.openeuler.org/security/data/sbom/pesign-obs-integration-0.10.1-4.oe2409.aarch64.rpm",
	"packages":[
		{
			"SPDXID":"SPDXRef-rpm-bash-5.2.21-79ee3f1b-b075-4c10-8970-bf7c22384c2c-f254e8c6-edaf-47c7-8ccb-f9a01112fc0f",
			"name":"bash",
			"checksums":[
				{
					"algorithm":"SHA256",
					"checksumValue":"0648f5dde35fc9fcf57a6a9c95dae3273cbb784ba492931ff20874906827ed39"
				}
			],
			"description":"Bash is the GNU Project's shell. Bash is the Bourne Again SHell. Bash is an sh-compatible\nshell that incorporates useful features from the Korn shell (ksh) and C shell (csh). It is\nintended to conform to the IEEE POSIX P1003.2/ISO 9945.2 Shell and Tools standard. It offers\nfunctional improvements over sh for both programming and interactive use. In addition, most\nsh scripts can be run by Bash without modification.",
			"downloadLocation":"NOASSERTION",
			"externalRefs":[
				{
					"referenceCategory":"PACKAGE_MANAGER",
					"referenceLocator":"pkg:rpm/bash@5.2.21-1.oe2409?arch=aarch64&epoch=0&upstream=bash-5.2.21-1.oe2409.src.rpm",
					"referenceType":"purl"
				}
			],
			"filesAnalyzed":false,
			"homepage":"https://www.gnu.org/software/bash",
			"sourceInfo":"acquired package info from repodata DB: repodata/6e742f68b2ae62313d1861c02b7faa39b44c963cbbc6ac979fb577de9af9babc-primary.sqlite.bz2",
			"summary":"It is the Bourne Again Shell",
			"supplier":"Organization: http://openeuler.org",
			"versionInfo":"0:5.2.21-1.oe2409"
		},
		{
			"SPDXID":"SPDXRef-rpm-fipscheck-1.5.0-03aaea3d-288e-4181-8b12-49e984026095-ac1a5133-a767-4e54-9fa8-a1fc65485f21",
			"name":"fipscheck",
			"checksums":[
				{
					"algorithm":"SHA256",
					"checksumValue":"cf94d14b5b407cfd7d78bd85cc4cd57cd440c40d570f5fe7f6c0efec26439dad"
				}
			],
			"description":"This package contains library (libfipscheck) and helper binaries which\nimplement the integrity check of libraries and binaries as required by\nFIPS-140-2 validated modules.",
			"downloadLocation":"NOASSERTION",
			"externalRefs":[
				{
					"referenceCategory":"PACKAGE_MANAGER",
					"referenceLocator":"pkg:rpm/fipscheck@1.5.0-10.oe2409?arch=aarch64&epoch=0&upstream=fipscheck-1.5.0-10.oe2409.src.rpm",
					"referenceType":"purl"
				}
			],
			"filesAnalyzed":false,
			"homepage":"https://pagure.io/fipscheck",
			"sourceInfo":"acquired package info from repodata DB: repodata/6e742f68b2ae62313d1861c02b7faa39b44c963cbbc6ac979fb577de9af9babc-primary.sqlite.bz2",
			"summary":"Helper library for FIPS integrity checking",
			"supplier":"Organization: http://openeuler.org",
			"versionInfo":"0:1.5.0-10.oe2409"
		},
		{
			"SPDXID":"SPDXRef-rpm-nss-util-3.94.0-fb455e67-8314-41f3-96bf-3213c8c8bdfa-afab9ad9-f881-48e3-820b-bee7668fd73e",
			"name":"nss-util",
			"checksums":[
				{
					"algorithm":"SHA256",
					"checksumValue":"520ae527b6569bf4befee908d60c188a4ed53790d290c240ca9350f9a4839cbd"
				}
			],
			"description":"Utilities for Network Security Services and the Softoken module\nmanipulate the NSS certificate and key database.",
			"downloadLocation":"NOASSERTION",
			"externalRefs":[
				{
					"referenceCategory":"PACKAGE_MANAGER",
					"referenceLocator":"pkg:rpm/nss-util@3.94.0-6.oe2409?arch=aarch64&epoch=0&upstream=nss-3.94.0-6.oe2409.src.rpm",
					"referenceType":"purl"
				}
			],
			"filesAnalyzed":false,
			"homepage":"http://www.mozilla.org/projects/security/pki/nss/",
			"sourceInfo":"acquired package info from repodata DB: repodata/6e742f68b2ae62313d1861c02b7faa39b44c963cbbc6ac979fb577de9af9babc-primary.sqlite.bz2",
			"summary":"Network Security Services Utilities Library",
			"supplier":"Organization: http://openeuler.org",
			"versionInfo":"0:3.94.0-6.oe2409"
		},
		{
			"SPDXID":"SPDXRef-rpm-openssl-3.0.12-05b2d5db-fc55-44b2-a2da-1eea3fa5c7f8-a4f4bb06-ddbe-49f3-9e7a-d93704adafce",
			"name":"openssl",
			"checksums":[
				{
					"algorithm":"SHA256",
					"checksumValue":"7e7d487469f154c5332c3dd711247dad85b60ed71583cbbf2f6f8f2b24d13406"
				}
			],
			"description":"OpenSSL is a robust, commercial-grade, and full-featured toolkit for the\nTransport Layer Security (TLS) and Secure Sockets Layer (SSL) protocols.",
			"downloadLocation":"NOASSERTION",
			"externalRefs":[
				{
					"referenceCategory":"PACKAGE_MANAGER",
					"referenceLocator":"pkg:rpm/openssl@3.0.12-8.oe2409?arch=aarch64&epoch=1&upstream=openssl-3.0.12-8.oe2409.src.rpm",
					"referenceType":"purl"
				}
			],
			"filesAnalyzed":false,
			"homepage":"https://www.openssl.org/",
			"sourceInfo":"acquired package info from repodata DB: repodata/6e742f68b2ae62313d1861c02b7faa39b44c963cbbc6ac979fb577de9af9babc-primary.sqlite.bz2",
			"summary":"Cryptography and SSL/TLS Toolkit",
			"supplier":"Organization: http://openeuler.org",
			"versionInfo":"1:3.0.12-8.oe2409"
		},
		{
			"SPDXID":"SPDXRef-rpm-pesign-116-b6cf5da2-e173-460a-b2e9-5a617a861c0d-9737132e-f1e2-43f6-ba75-d6f81689d84c",
			"name":"pesign",
			"checksums":[
				{
					"algorithm":"SHA256",
					"checksumValue":"b909a5250077cb190e9c6c947979aa2e14982a3b5146ec5ec384528b0e5a296e"
				}
			],
			"description":"pesign is a command line tool for manipulating signatures and\ncryptographic digests of UEFI applications.",
			"downloadLocation":"NOASSERTION",
			"externalRefs":[
				{
					"referenceCategory":"PACKAGE_MANAGER",
					"referenceLocator":"pkg:rpm/pesign@116-4.oe2409?arch=aarch64&epoch=0&upstream=pesign-116-4.oe2409.src.rpm",
					"referenceType":"purl"
				}
			],
			"filesAnalyzed":false,
			"homepage":"https://github.com/rhboot/pesign",
			"sourceInfo":"acquired package info from repodata DB: repodata/6e742f68b2ae62313d1861c02b7faa39b44c963cbbc6ac979fb577de9af9babc-primary.sqlite.bz2",
			"summary":"Signing utility for UEFI binaries",
			"supplier":"Organization: http://openeuler.org",
			"versionInfo":"0:116-4.oe2409"
		}
	],
	"relationships":[
		{
			"spdxElementId":"SPDXRef-rpm-pesign-obs-integration-10.1-c3c7448b-602a-4056-a335-0cfe60bddee2",
			"relationshipType":"DEPENDS_ON",
			"relatedSpdxElement":"SPDXRef-rpm-bash-5.2.21-79ee3f1b-b075-4c10-8970-bf7c22384c2c-f254e8c6-edaf-47c7-8ccb-f9a01112fc0f"
		},
		{
			"spdxElementId":"SPDXRef-rpm-pesign-obs-integration-10.1-c3c7448b-602a-4056-a335-0cfe60bddee2",
			"relationshipType":"DEPENDS_ON",
			"relatedSpdxElement":"SPDXRef-rpm-fipscheck-1.5.0-03aaea3d-288e-4181-8b12-49e984026095-ac1a5133-a767-4e54-9fa8-a1fc65485f21"
		},
		{
			"spdxElementId":"SPDXRef-rpm-pesign-obs-integration-10.1-c3c7448b-602a-4056-a335-0cfe60bddee2",
			"relationshipType":"DEPENDS_ON",
			"relatedSpdxElement":"SPDXRef-rpm-nss-util-3.94.0-fb455e67-8314-41f3-96bf-3213c8c8bdfa-afab9ad9-f881-48e3-820b-bee7668fd73e"
		},
		{
			"spdxElementId":"SPDXRef-rpm-pesign-obs-integration-10.1-c3c7448b-602a-4056-a335-0cfe60bddee2",
			"relationshipType":"DEPENDS_ON",
			"relatedSpdxElement":"SPDXRef-rpm-openssl-3.0.12-05b2d5db-fc55-44b2-a2da-1eea3fa5c7f8-a4f4bb06-ddbe-49f3-9e7a-d93704adafce"
		},
		{
			"spdxElementId":"SPDXRef-rpm-pesign-obs-integration-10.1-c3c7448b-602a-4056-a335-0cfe60bddee2",
			"relationshipType":"DEPENDS_ON",
			"relatedSpdxElement":"SPDXRef-rpm-pesign-116-b6cf5da2-e173-460a-b2e9-5a617a861c0d-9737132e-f1e2-43f6-ba75-d6f81689d84c"
		}
	]
}