Skip to main content

CryptographyMetrics

sbom_tools::quality

Struct CryptographyMetrics 

Source 
pub struct CryptographyMetrics {
Show 25 fields
    pub total_crypto_components: usize,
    pub algorithms_count: usize,
    pub certificates_count: usize,
    pub keys_count: usize,
    pub protocols_count: usize,
    pub quantum_safe_count: usize,
    pub quantum_vulnerable_count: usize,
    pub weak_algorithm_count: usize,
    pub hybrid_pqc_count: usize,
    pub expired_certificates: usize,
    pub expiring_soon_certificates: usize,
    pub compromised_keys: usize,
    pub inadequate_key_sizes: usize,
    pub weak_algorithm_names: Vec<String>,
    pub algorithms_with_oid: usize,
    pub algorithms_with_family: usize,
    pub algorithms_with_primitive: usize,
    pub algorithms_with_security_level: usize,
    pub certs_with_signature_algo_ref: usize,
    pub keys_with_algorithm_ref: usize,
    pub protocols_with_cipher_suites: usize,
    pub keys_with_state: usize,
    pub keys_with_protection: usize,
    pub keys_with_lifecycle_dates: usize,
    pub certs_with_validity_dates: usize,

}
Expand description

Cryptographic asset metrics for quantum readiness and crypto hygiene assessment.

Computed from components with component_type == Cryptographic and populated crypto_properties. Returns None for quality score when no crypto components are present (N/A-aware).

Fields§

§total_crypto_components: usize

Total number of cryptographic-asset components

§algorithms_count: usize

Number of algorithm assets

§certificates_count: usize

Number of certificate assets

§keys_count: usize

Number of key material assets

§protocols_count: usize

Number of protocol assets

§quantum_safe_count: usize

Algorithms with nistQuantumSecurityLevel > 0

§quantum_vulnerable_count: usize

Algorithms with nistQuantumSecurityLevel == 0

§weak_algorithm_count: usize

Algorithms flagged as weak/broken (MD5, SHA-1, DES, etc.)

§hybrid_pqc_count: usize

Hybrid PQC combiner algorithms

§expired_certificates: usize

Certificates past notValidAfter

§expiring_soon_certificates: usize

Certificates expiring within 90 days

§compromised_keys: usize

Key material in compromised state

§inadequate_key_sizes: usize

Symmetric keys < 128 bits or asymmetric keys below recommended minimum

§weak_algorithm_names: Vec<String>

Names of weak/broken algorithms found

§algorithms_with_oid: usize

Algorithms with an OID identifier

§algorithms_with_family: usize

Algorithms with algorithm_family set

§algorithms_with_primitive: usize

Algorithms with a recognized primitive (not Other)

§algorithms_with_security_level: usize

Algorithms with classical or quantum security level set

§certs_with_signature_algo_ref: usize

Certificates with signature_algorithm_ref set

§keys_with_algorithm_ref: usize

Keys with algorithm_ref set

§protocols_with_cipher_suites: usize

Protocols with at least one cipher suite

§keys_with_state: usize

Keys with state tracked

§keys_with_protection: usize

Keys with secured_by protection

§keys_with_lifecycle_dates: usize

Keys with creation_date or activation_date

§certs_with_validity_dates: usize

Certificates with both not_valid_before and not_valid_after

Implementations§

Source§

impl CryptographyMetrics

Source

pub fn from_sbom(sbom: &NormalizedSbom) -> Self

Compute cryptography metrics from an SBOM.

Source

pub fn has_data(&self) -> bool

Whether any crypto components exist (i.e., CBOM data is present).

Source

pub fn quantum_readiness_score(&self) -> f32

Percentage of algorithms that are quantum-safe (0-100). Returns 100 if no algorithms are present.

Source

pub fn quality_score(&self) -> Option<f32>

Quality score (0-100) based on crypto hygiene. Returns None if no crypto data.

Source

pub fn crypto_completeness_score(&self) -> f32

Crypto completeness: how fully documented are the crypto assets?

Source

pub fn crypto_identifier_score(&self) -> f32

Crypto identifier quality: OID coverage.

Source

pub fn algorithm_strength_score(&self) -> f32

Algorithm strength: penalizes broken/weak/quantum-vulnerable algorithms.

Source

pub fn crypto_dependency_score(&self) -> f32

Crypto dependency references: how well are cert/key/protocol -> algorithm refs resolved?

Source

pub fn crypto_lifecycle_score(&self) -> f32

Crypto lifecycle: merged key management + certificate health.

Source

pub fn pqc_readiness_score(&self) -> f32

PQC readiness: quantum migration preparedness.

Source

pub fn quantum_readiness_pct(&self) -> f32

Percentage of algorithms that are quantum-safe (for overview display).

Source

pub const fn cbom_category_labels() -> [&'static str; 8]

Category labels for CBOM quality chart.

Trait Implementations§

Source§

impl Clone for CryptographyMetrics

Source§

fn clone(&self) -> CryptographyMetrics

Returns a duplicate of the value. Read more
1.0.0 · Source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more
Source§

impl Debug for CryptographyMetrics

Source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
Source§

impl Default for CryptographyMetrics

Source§

fn default() -> CryptographyMetrics

Returns the “default value” for a type. Read more
Source§

impl<'de> Deserialize<'de> for CryptographyMetrics

Source§

fn deserialize<__D>(__deserializer: __D) -> Result<Self, __D::Error>
where __D: Deserializer<'de>,

Deserialize this value from the given Serde deserializer. Read more
Source§

impl Serialize for CryptographyMetrics

Source§

fn serialize<__S>(&self, __serializer: __S) -> Result<__S::Ok, __S::Error>
where __S: Serializer,

Serialize this value into the given Serde serializer. Read more

Auto Trait Implementations§

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> CloneToUninit for T
where T: Clone,

Source§

unsafe fn clone_to_uninit(&self, dest: *mut u8)

🔬This is a nightly-only experimental API. (clone_to_uninit)
Performs copy-assignment from self to dest. Read more
Source§

impl<T> DynClone for T
where T: Clone,

Source§

fn __clone_box(&self, _: Private) -> *mut ()

Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T> Instrument for T

Source§

fn instrument(self, span: Span) -> Instrumented<Self>

Instruments this type with the provided Span, returning an Instrumented wrapper. Read more
Source§

fn in_current_span(self) -> Instrumented<Self>

Instruments this type with the current Span, returning an Instrumented wrapper. Read more
Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> IntoEither for T

Source§

fn into_either(self, into_left: bool) -> Either<Self, Self>

Converts self into a Left variant of Either<Self, Self> if into_left is true. Converts self into a Right variant of Either<Self, Self> otherwise. Read more
Source§

fn into_either_with<F>(self, into_left: F) -> Either<Self, Self>
where F: FnOnce(&Self) -> bool,

Converts self into a Left variant of Either<Self, Self> if into_left(&self) returns true. Converts self into a Right variant of Either<Self, Self> otherwise. Read more
Source§

impl<T> Pointable for T

Source§

const ALIGN: usize

The alignment of pointer.
Source§

type Init = T

The type for initializers.
Source§

unsafe fn init(init: <T as Pointable>::Init) -> usize

Initializes a with the given initializer. Read more
Source§

unsafe fn deref<'a>(ptr: usize) -> &'a T

Dereferences the given pointer. Read more
Source§

unsafe fn deref_mut<'a>(ptr: usize) -> &'a mut T

Mutably dereferences the given pointer. Read more
Source§

unsafe fn drop(ptr: usize)

Drops the object pointed to by the given pointer. Read more
Source§

impl<T> PolicyExt for T
where T: ?Sized,

Source§

fn and<P, B, E>(self, other: P) -> And<T, P>
where T: Policy<B, E>, P: Policy<B, E>,

Create a new Policy that returns Action::Follow only if self and other return Action::Follow. Read more
Source§

fn or<P, B, E>(self, other: P) -> Or<T, P>
where T: Policy<B, E>, P: Policy<B, E>,

Create a new Policy that returns Action::Follow if either self or other returns Action::Follow. Read more
Source§

impl<T> Same for T

Source§

type Output = T

Should always be Self
Source§

impl<T> ToOwned for T
where T: Clone,

Source§

type Owned = T

The resulting type after obtaining ownership.
Source§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
Source§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
Source§

impl<T> WithSubscriber for T

Source§

fn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self>
where S: Into<Dispatch>,

Attaches the provided Subscriber to this type, returning a WithDispatch wrapper. Read more
Source§

fn with_current_subscriber(self) -> WithDispatch<Self>

Attaches the current default Subscriber to this type, returning a WithDispatch wrapper. Read more
Source§

impl<T> DeserializeOwned for T
where T: for<'de> Deserialize<'de>,