diff --git a/.github/workflows/generate_algorithm_families.yml b/.github/workflows/generate_algorithm_families.yml new file mode 100644 index 00000000..d349edcf --- /dev/null +++ b/.github/workflows/generate_algorithm_families.yml @@ -0,0 +1,63 @@ +name: Generate Algorithm Families Enum + +on: + push: + paths: + - 'schema/cryptography-defs.json' + - 'tools/src/main/python/algorithmFamilyGeneration.py' + workflow_dispatch: + +jobs: + generate-families: + runs-on: ubuntu-latest + + permissions: + contents: write + pull-requests: write + + steps: + - name: Checkout repository + uses: actions/checkout@v6 + with: + token: ${{ secrets.GITHUB_TOKEN }} + persist-credentials: false + + - name: Set up Python + uses: actions/setup-python@v5 + with: + python-version: '3.x' + + - name: Run algorithm family generator + working-directory: tools/src/main/python + run: python3 algorithmFamilyGeneration.py + + - name: Create Pull Request + env: + GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} + run: | + BRANCH_NAME="update-algorithm-families" + + # Configure Git + git config --local user.email "github-actions[bot]@users.noreply.github.com" + git config --local user.name "github-actions[bot]" + + # Check for changes + if git diff --quiet schema/cryptography-defs.schema.json; then + echo "No changes to algorithm families" + exit 0 + fi + + # Create branch and commit + git checkout -b "$BRANCH_NAME" + git add schema/cryptography-defs.schema.json + git commit -m "chore: update algorithm families [skip ci]" + + # Push to the branch (use GH_TOKEN for authentication) + git push -u "https://x-access-token:${GH_TOKEN}@github.com/${{ github.repository }}.git" "$BRANCH_NAME" --force + + # Create Pull Request using GitHub CLI (gh) + gh pr create \ + --title "chore: update algorithm families" \ + --body "This PR updates \`schema/cryptography-defs.schema.json\` with the latest algorithm families generated from \`schema/cryptography-defs.json\`." \ + --base "master" \ + --head "$BRANCH_NAME" || echo "Pull request already exists" diff --git a/schema/cryptography-defs.schema.json b/schema/cryptography-defs.schema.json index b76175a9..235c3bd5 100644 --- a/schema/cryptography-defs.schema.json +++ b/schema/cryptography-defs.schema.json @@ -1,7 +1,7 @@ { "$schema": "http://json-schema.org/draft-07/schema#", "$id": "http://cyclonedx.org/schema/cryptography-defs.schema.json", - "$comment": "2025-09-07T11:12:52Z", + "$comment": "2026-02-19T23:43:11Z", "title": "Cryptographic Algorithm Family Definitions", "description": "Enumerates cryptographic algorithm families and their specific metadata.", "type": "object", @@ -259,9 +259,9 @@ "CAST6", "CMAC", "CMEA", + "CTR_DRBG", "ChaCha", "ChaCha20", - "CTR_DRBG", "DES", "DSA", "ECDH", @@ -272,12 +272,12 @@ "FFDH", "Fortuna", "GOST", - "Hash_DRBG", - "HPKE", "HC", "HKDF", "HMAC", "HMAC_DRBG", + "HPKE", + "Hash_DRBG", "IDEA", "IKE-PRF", "J-PAKE", @@ -307,7 +307,6 @@ "RSAES-PKCS1", "RSASSA-PKCS1", "RSASSA-PSS", - "scrypt", "SEED", "SHA-1", "SHA-2", @@ -319,11 +318,13 @@ "SM9", "SNOW3G", "SP800-108", + "SPAKE2", + "SPAKE2PLUS", + "SRP", "Salsa20", "Serpent", "SipHash", "Skipjack", - "SRP", "TUAK", "Twofish", "UMAC", @@ -332,7 +333,8 @@ "XMSS", "Yarrow", "ZUC", - "bcrypt" + "bcrypt", + "scrypt" ] }, "ellipticCurvesEnum": { @@ -587,4 +589,4 @@ ] } } -} +} \ No newline at end of file