CBOMkit

Cryptographic Bills of Materials (CBOMs) extend the concept of a Software Bill of Materials (SBOM) by providing a standardized, machine-readable format for cataloging cryptographic assets—including algorithms, protocols, certificates, keys, tokens, secrets, and passwords—and their dependencies. This enables automated reasoning about cryptographic usage and supports policy-based compliance checks. The objective of the project is to develop and further advance tools for creating and analyzing CBOMs to support the acceptance and adoption of the concept.

PQCA’s mission is the development and promotion of post-quantum cryptography. CBOMs play an important role in describing the cryptographic posture of appliances, software applications and libraries. This includes the detection of quantum-vulnerable cryptography and the design of mitigation strategies.

Learn More at https://github.com/cbomkit.