From 0f4f69d7a67a184564fa53a5c97ed13f951d2c47 Mon Sep 17 00:00:00 2001 From: Steve Springett Date: Thu, 19 Feb 2026 17:24:00 -0600 Subject: [PATCH 1/5] Initial commit to regenerate all crypto definition enums based on the definition, ensuring that they are both in sync. Signed-off-by: Steve Springett --- .../workflows/generate_algorithm_families.yml | 47 +++++++++++++++++++ 1 file changed, 47 insertions(+) create mode 100644 .github/workflows/generate_algorithm_families.yml diff --git a/.github/workflows/generate_algorithm_families.yml b/.github/workflows/generate_algorithm_families.yml new file mode 100644 index 00000000..1ebbdb20 --- /dev/null +++ b/.github/workflows/generate_algorithm_families.yml @@ -0,0 +1,47 @@ +name: Generate Algorithm Families Enum + +on: + push: + paths: + - 'schema/cryptography-defs.json' + - 'tools/src/main/python/algorithmFamilyGeneration.py' + workflow_dispatch: + +jobs: + generate-families: + runs-on: ubuntu-latest + + permissions: + contents: write + + steps: + - name: Checkout repository + uses: actions/checkout@v6 + with: + token: ${{ secrets.GITHUB_TOKEN }} + + - name: Set up Python + uses: actions/setup-python@v5 + with: + python-version: '3.x' + + - name: Run algorithm family generator + run: python3 tools/src/main/python/algorithmFamilyGeneration.py + + - name: Check for changes and commit + run: | + SCHEMA_FILE="schema/cryptography-defs.schema.json" + + # Add the file + git add "$SCHEMA_FILE" + + # Check if there are staged changes + if git diff --staged --quiet; then + echo "No changes to algorithm families" + else + echo "Committing algorithm family changes" + git config --local user.email "github-actions[bot]@users.noreply.github.com" + git config --local user.name "github-actions[bot]" + git commit -m "chore: update algorithm families [skip ci]" + git push + fi From 52629fc3ca5bfd836f8938d05c49870edb115992 Mon Sep 17 00:00:00 2001 From: Steve Springett Date: Thu, 19 Feb 2026 17:29:03 -0600 Subject: [PATCH 2/5] Updated working directory. Signed-off-by: Steve Springett --- .github/workflows/generate_algorithm_families.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/generate_algorithm_families.yml b/.github/workflows/generate_algorithm_families.yml index 1ebbdb20..826233f3 100644 --- a/.github/workflows/generate_algorithm_families.yml +++ b/.github/workflows/generate_algorithm_families.yml @@ -26,7 +26,8 @@ jobs: python-version: '3.x' - name: Run algorithm family generator - run: python3 tools/src/main/python/algorithmFamilyGeneration.py + working-directory: tools/src/main/python + run: python3 algorithmFamilyGeneration.py - name: Check for changes and commit run: | From 9d40f8088fe79035e2bd11570733391c8b3053df Mon Sep 17 00:00:00 2001 From: Steve Springett Date: Thu, 19 Feb 2026 17:33:55 -0600 Subject: [PATCH 3/5] Changed to using PRs due to branch protection Signed-off-by: Steve Springett --- .../workflows/generate_algorithm_families.yml | 28 ++++++++----------- 1 file changed, 11 insertions(+), 17 deletions(-) diff --git a/.github/workflows/generate_algorithm_families.yml b/.github/workflows/generate_algorithm_families.yml index 826233f3..351f09cb 100644 --- a/.github/workflows/generate_algorithm_families.yml +++ b/.github/workflows/generate_algorithm_families.yml @@ -13,6 +13,7 @@ jobs: permissions: contents: write + pull-requests: write steps: - name: Checkout repository @@ -29,20 +30,13 @@ jobs: working-directory: tools/src/main/python run: python3 algorithmFamilyGeneration.py - - name: Check for changes and commit - run: | - SCHEMA_FILE="schema/cryptography-defs.schema.json" - - # Add the file - git add "$SCHEMA_FILE" - - # Check if there are staged changes - if git diff --staged --quiet; then - echo "No changes to algorithm families" - else - echo "Committing algorithm family changes" - git config --local user.email "github-actions[bot]@users.noreply.github.com" - git config --local user.name "github-actions[bot]" - git commit -m "chore: update algorithm families [skip ci]" - git push - fi + - name: Create Pull Request + uses: peter-evans/create-pull-request@v6 + with: + token: ${{ secrets.GITHUB_TOKEN }} + commit-message: "chore: update algorithm families [skip ci]" + branch: "update-algorithm-families" + title: "chore: update algorithm families" + body: "This PR updates `schema/cryptography-defs.schema.json` with the latest algorithm families generated from `schema/cryptography-defs.json`." + base: "master" + delete-branch: true From 66aef5a40f9447846fb0b45ec4b490e9d17b0529 Mon Sep 17 00:00:00 2001 From: Steve Springett Date: Thu, 19 Feb 2026 17:41:42 -0600 Subject: [PATCH 4/5] Removed dependency on third-party action. Rewrote PR logic for the command line Signed-off-by: Steve Springett --- .../workflows/generate_algorithm_families.yml | 39 ++++++++++++++----- 1 file changed, 30 insertions(+), 9 deletions(-) diff --git a/.github/workflows/generate_algorithm_families.yml b/.github/workflows/generate_algorithm_families.yml index 351f09cb..d349edcf 100644 --- a/.github/workflows/generate_algorithm_families.yml +++ b/.github/workflows/generate_algorithm_families.yml @@ -20,6 +20,7 @@ jobs: uses: actions/checkout@v6 with: token: ${{ secrets.GITHUB_TOKEN }} + persist-credentials: false - name: Set up Python uses: actions/setup-python@v5 @@ -31,12 +32,32 @@ jobs: run: python3 algorithmFamilyGeneration.py - name: Create Pull Request - uses: peter-evans/create-pull-request@v6 - with: - token: ${{ secrets.GITHUB_TOKEN }} - commit-message: "chore: update algorithm families [skip ci]" - branch: "update-algorithm-families" - title: "chore: update algorithm families" - body: "This PR updates `schema/cryptography-defs.schema.json` with the latest algorithm families generated from `schema/cryptography-defs.json`." - base: "master" - delete-branch: true + env: + GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} + run: | + BRANCH_NAME="update-algorithm-families" + + # Configure Git + git config --local user.email "github-actions[bot]@users.noreply.github.com" + git config --local user.name "github-actions[bot]" + + # Check for changes + if git diff --quiet schema/cryptography-defs.schema.json; then + echo "No changes to algorithm families" + exit 0 + fi + + # Create branch and commit + git checkout -b "$BRANCH_NAME" + git add schema/cryptography-defs.schema.json + git commit -m "chore: update algorithm families [skip ci]" + + # Push to the branch (use GH_TOKEN for authentication) + git push -u "https://x-access-token:${GH_TOKEN}@github.com/${{ github.repository }}.git" "$BRANCH_NAME" --force + + # Create Pull Request using GitHub CLI (gh) + gh pr create \ + --title "chore: update algorithm families" \ + --body "This PR updates \`schema/cryptography-defs.schema.json\` with the latest algorithm families generated from \`schema/cryptography-defs.json\`." \ + --base "master" \ + --head "$BRANCH_NAME" || echo "Pull request already exists" From 74433b3a256f3cdab896824fc1fcf62df574a7ce Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" Date: Thu, 19 Feb 2026 23:43:11 +0000 Subject: [PATCH 5/5] chore: update algorithm families [skip ci] --- schema/cryptography-defs.schema.json | 18 ++++++++++-------- 1 file changed, 10 insertions(+), 8 deletions(-) diff --git a/schema/cryptography-defs.schema.json b/schema/cryptography-defs.schema.json index b76175a9..235c3bd5 100644 --- a/schema/cryptography-defs.schema.json +++ b/schema/cryptography-defs.schema.json @@ -1,7 +1,7 @@ { "$schema": "http://json-schema.org/draft-07/schema#", "$id": "http://cyclonedx.org/schema/cryptography-defs.schema.json", - "$comment": "2025-09-07T11:12:52Z", + "$comment": "2026-02-19T23:43:11Z", "title": "Cryptographic Algorithm Family Definitions", "description": "Enumerates cryptographic algorithm families and their specific metadata.", "type": "object", @@ -259,9 +259,9 @@ "CAST6", "CMAC", "CMEA", + "CTR_DRBG", "ChaCha", "ChaCha20", - "CTR_DRBG", "DES", "DSA", "ECDH", @@ -272,12 +272,12 @@ "FFDH", "Fortuna", "GOST", - "Hash_DRBG", - "HPKE", "HC", "HKDF", "HMAC", "HMAC_DRBG", + "HPKE", + "Hash_DRBG", "IDEA", "IKE-PRF", "J-PAKE", @@ -307,7 +307,6 @@ "RSAES-PKCS1", "RSASSA-PKCS1", "RSASSA-PSS", - "scrypt", "SEED", "SHA-1", "SHA-2", @@ -319,11 +318,13 @@ "SM9", "SNOW3G", "SP800-108", + "SPAKE2", + "SPAKE2PLUS", + "SRP", "Salsa20", "Serpent", "SipHash", "Skipjack", - "SRP", "TUAK", "Twofish", "UMAC", @@ -332,7 +333,8 @@ "XMSS", "Yarrow", "ZUC", - "bcrypt" + "bcrypt", + "scrypt" ] }, "ellipticCurvesEnum": { @@ -587,4 +589,4 @@ ] } } -} +} \ No newline at end of file