From 94f0c96c2e3e7be209e9262d2a2dc9d51d141ece Mon Sep 17 00:00:00 2001 From: Mehrn0ush Date: Mon, 5 Jan 2026 20:37:42 +0330 Subject: [PATCH 01/11] fix(registry): correct RFC 3610 DOI reference (#761) Signed-off-by: Mehrn0ush --- schema/cryptography-defs.json | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/schema/cryptography-defs.json b/schema/cryptography-defs.json index e3e1728e..ac53502e 100644 --- a/schema/cryptography-defs.json +++ b/schema/cryptography-defs.json @@ -332,7 +332,7 @@ }, { "name": "RFC 3610", - "url": "https://doi.org/10.17487/RFC5116" + "url": "https://doi.org/10.17487/RFC3610" } ], "pattern": "AES[-(128|192|256)][-(GCM|CCM)][-{tagLength}][-{ivLength}]", @@ -468,6 +468,10 @@ { "pattern": "ChaCha20-Poly1305", "primitive": "ae" + }, + { + "pattern": "XChaCha20-Poly1305", + "primitive": "ae" } ] }, From 23942de5858b08a4b45521329f5f5dfeadd36842 Mon Sep 17 00:00:00 2001 From: Mehrn0ush Date: Tue, 6 Jan 2026 18:07:58 +0330 Subject: [PATCH 02/11] feat(registry): add HPKE (RFC 9180) to cryptography registry (#) Signed-off-by: Mehrn0ush --- schema/cryptography-defs.json | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/schema/cryptography-defs.json b/schema/cryptography-defs.json index e3e1728e..daf4c9b0 100644 --- a/schema/cryptography-defs.json +++ b/schema/cryptography-defs.json @@ -123,6 +123,21 @@ } ] }, + { + "family": "HPKE", + "standard": [ + { + "name": "RFC 9180", + "url": "https://doi.org/10.17487/RFC9180" + } + ], + "variant": [ + { + "pattern": "HPKE[-{mode}]-{kem}-{kdf}-{aead}", + "primitive": "pke" + } + ] + }, { "family": "MQV", "standard": [ From d9bd204b9f2d00a010fc784436ba2afc4f9702d1 Mon Sep 17 00:00:00 2001 From: Mehrn0ush Date: Wed, 7 Jan 2026 19:33:09 +0330 Subject: [PATCH 03/11] feat(registry): add AES-CMAC-PRF-128 (RFC 4615) (#767) Signed-off-by: Mehrn0ush --- schema/cryptography-defs.json | 25 +++++++++++++++++++++++++ 1 file changed, 25 insertions(+) diff --git a/schema/cryptography-defs.json b/schema/cryptography-defs.json index e3e1728e..0f82139d 100644 --- a/schema/cryptography-defs.json +++ b/schema/cryptography-defs.json @@ -123,6 +123,21 @@ } ] }, + { + "family": "HPKE", + "standard": [ + { + "name": "RFC 9180", + "url": "https://doi.org/10.17487/RFC9180" + } + ], + "variant": [ + { + "pattern": "HPKE[-{mode}]-{kem}-{kdf}-{aead}", + "primitive": "pke" + } + ] + }, { "family": "MQV", "standard": [ @@ -352,6 +367,16 @@ "pattern": "AES[-(128|192|256)][-(GMAC|CMAC)]", "primitive": "mac" }, + { + "standard": [ + { + "name": "RFC 4615", + "url": "https://doi.org/10.17487/RFC4615" + } + ], + "pattern": "AES-CMAC-PRF-128", + "primitive": "mac" + }, { "pattern": "AES[-(128|192|256)][-(XCBC_MAC[_96])]", "primitive": "mac" From c2f046daa2c3bdf31a2bcab92d9f9f7faea695b4 Mon Sep 17 00:00:00 2001 From: Mehrn0ush Date: Wed, 7 Jan 2026 21:09:47 +0330 Subject: [PATCH 04/11] feat(registry): add AES-CTR-HMAC-SHA1-96 suite pattern (RFC 3686) (#770) Signed-off-by: Mehrn0ush --- schema/cryptography-defs.json | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/schema/cryptography-defs.json b/schema/cryptography-defs.json index e3e1728e..12e5a55f 100644 --- a/schema/cryptography-defs.json +++ b/schema/cryptography-defs.json @@ -338,6 +338,16 @@ "pattern": "AES[-(128|192|256)][-(GCM|CCM)][-{tagLength}][-{ivLength}]", "primitive": "ae" }, + { + "standard": [ + { + "name": "RFC 3686", + "url": "https://doi.org/10.17487/RFC3686" + } + ], + "pattern": "AES[-(128|192|256)]-CTR-HMAC-SHA1[-96]", + "primitive": "ae" + }, { "standard": [ { From 99eb482473b9bd0c197a0b0f450c6056f0ceaef5 Mon Sep 17 00:00:00 2001 From: Mehrn0ush Date: Mon, 19 Jan 2026 19:06:42 +0330 Subject: [PATCH 05/11] Remove space between RFC and 9180; and update the pattern. thanks to @bhess Signed-off-by: Mehrn0ush --- schema/cryptography-defs.json | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/schema/cryptography-defs.json b/schema/cryptography-defs.json index daf4c9b0..887a7959 100644 --- a/schema/cryptography-defs.json +++ b/schema/cryptography-defs.json @@ -127,13 +127,13 @@ "family": "HPKE", "standard": [ { - "name": "RFC 9180", + "name": "RFC9180", "url": "https://doi.org/10.17487/RFC9180" } ], "variant": [ { - "pattern": "HPKE[-{mode}]-{kem}-{kdf}-{aead}", + "pattern": "HPKE[-(mode_base|mode_psk|mode_auth|mode_auth_psk)]-{kem}-{kdf}-{aead}", "primitive": "pke" } ] From 0cc8dc514798c48737589e6fc831f646bbc3b177 Mon Sep 17 00:00:00 2001 From: Mehrn0ush Date: Mon, 19 Jan 2026 22:27:20 +0330 Subject: [PATCH 06/11] Remove HPKE; and Remove space between RFC and 4615 Signed-off-by: Mehrn0ush --- schema/cryptography-defs.json | 19 ++----------------- 1 file changed, 2 insertions(+), 17 deletions(-) diff --git a/schema/cryptography-defs.json b/schema/cryptography-defs.json index 0f82139d..c9659499 100644 --- a/schema/cryptography-defs.json +++ b/schema/cryptography-defs.json @@ -122,22 +122,7 @@ "primitive": "pke" } ] - }, - { - "family": "HPKE", - "standard": [ - { - "name": "RFC 9180", - "url": "https://doi.org/10.17487/RFC9180" - } - ], - "variant": [ - { - "pattern": "HPKE[-{mode}]-{kem}-{kdf}-{aead}", - "primitive": "pke" - } - ] - }, + }, { "family": "MQV", "standard": [ @@ -370,7 +355,7 @@ { "standard": [ { - "name": "RFC 4615", + "name": "RFC4615", "url": "https://doi.org/10.17487/RFC4615" } ], From 51dbe7d4deb003f561ca7be853f34d4be1c24c52 Mon Sep 17 00:00:00 2001 From: Mehrn0ush Date: Wed, 21 Jan 2026 15:09:15 +0330 Subject: [PATCH 07/11] fix(registry): correct BLAKE2s-HMAC variant typo (CycloneDX#752) --- schema/cryptography-defs.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/schema/cryptography-defs.json b/schema/cryptography-defs.json index 86a086c4..1e65be0b 100644 --- a/schema/cryptography-defs.json +++ b/schema/cryptography-defs.json @@ -943,7 +943,7 @@ "primitive": "mac" } ] - }, + }, { "family": "BLAKE3", "standard": [ From b714d1abe0aa684ba8344f6f93c936db0d1ff7d6 Mon Sep 17 00:00:00 2001 From: Mehrn0ush Date: Wed, 21 Jan 2026 15:57:35 +0330 Subject: [PATCH 08/11] fix(registry): correct BLAKE2s-HMAC variant typo (CycloneDX#752) --- schema/cryptography-defs.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/schema/cryptography-defs.json b/schema/cryptography-defs.json index 1e65be0b..94299f47 100644 --- a/schema/cryptography-defs.json +++ b/schema/cryptography-defs.json @@ -939,7 +939,7 @@ "primitive": "hash" }, { - "pattern": "BLAKE2b-(160|256|384|512)-HMAC", + "pattern": "BLAKE2s-(160|256)-HMAC", "primitive": "mac" } ] From 614724a57b4d1f45f183ee53322f345e1e399441 Mon Sep 17 00:00:00 2001 From: Mehrn0ush Date: Wed, 21 Jan 2026 18:12:53 +0330 Subject: [PATCH 09/11] fix(registry): correct RFC 3610 DOI and remove unintended XChaCha20 entry Signed-off-by: Mehrn0ush --- schema/cryptography-defs.json | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/schema/cryptography-defs.json b/schema/cryptography-defs.json index ac53502e..57290284 100644 --- a/schema/cryptography-defs.json +++ b/schema/cryptography-defs.json @@ -331,7 +331,7 @@ "url": "https://doi.org/10.6028/NIST.SP.800-38D" }, { - "name": "RFC 3610", + "name": "RFC3610", "url": "https://doi.org/10.17487/RFC3610" } ], @@ -468,10 +468,6 @@ { "pattern": "ChaCha20-Poly1305", "primitive": "ae" - }, - { - "pattern": "XChaCha20-Poly1305", - "primitive": "ae" } ] }, From 5e268caead9b2e47b202394cca9a951e2f1d351a Mon Sep 17 00:00:00 2001 From: Mehrn0ush Date: Wed, 21 Jan 2026 22:33:17 +0330 Subject: [PATCH 10/11] chore(registry): remove trailing whitespace in HPKE entry Signed-off-by: Mehrn0ush --- schema/cryptography-defs.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/schema/cryptography-defs.json b/schema/cryptography-defs.json index 887a7959..4c4198df 100644 --- a/schema/cryptography-defs.json +++ b/schema/cryptography-defs.json @@ -137,7 +137,7 @@ "primitive": "pke" } ] - }, + }, { "family": "MQV", "standard": [ From 462e23c16e1e5adf6e849a954c1e59cb20c0cbb2 Mon Sep 17 00:00:00 2001 From: Mehrn0ush Date: Thu, 22 Jan 2026 11:56:10 +0330 Subject: [PATCH 11/11] chore(registry): remove trailing whitespace in AES-CTR-HMAC entry Signed-off-by: Mehrn0ush --- schema/cryptography-defs.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/schema/cryptography-defs.json b/schema/cryptography-defs.json index 12e5a55f..0f376631 100644 --- a/schema/cryptography-defs.json +++ b/schema/cryptography-defs.json @@ -347,7 +347,7 @@ ], "pattern": "AES[-(128|192|256)]-CTR-HMAC-SHA1[-96]", "primitive": "ae" - }, + }, { "standard": [ {