diff --git a/schema/cryptography-defs.json b/schema/cryptography-defs.json index b474e6f3..2d1a7f19 100644 --- a/schema/cryptography-defs.json +++ b/schema/cryptography-defs.json @@ -1,6 +1,6 @@ { "$schema": "http://cyclonedx.org/schema/cryptography-defs.schema.json", - "lastUpdated": "2025-03-22T00:00:00Z", + "lastUpdated": "2026-02-24T00:00:00Z", "algorithms": [ { "family": "RSASSA-PKCS1", @@ -16,7 +16,7 @@ ], "variant": [ { - "pattern": "RSA-PKCS1-1.5[-{digestAlgorithm}][-{keyLength}]", + "pattern": "RSA-PKCS1-1.5[-{hashAlgorithm}][-{keyLength}]", "primitive": "signature" } ] @@ -35,7 +35,7 @@ ], "variant": [ { - "pattern": "RSA-PSS[-{digestAlgorithm}][-{saltLength}][-{keyLength}]", + "pattern": "RSA-PSS[-{hashAlgorithm}][-{maskGenAlgorithm}][-{saltLength}][-{keyLength}]", "primitive": "signature" } ] @@ -99,7 +99,7 @@ ], "variant": [ { - "pattern": "ECDSA[-{ellipticCurve}][-{hash}]", + "pattern": "ECDSA[-{ellipticCurve}][-{hashAlgorithm}]", "primitive": "signature" } ] @@ -186,7 +186,7 @@ ], "variant": [ { - "pattern": "DSA[-{length}][-{hash}]", + "pattern": "DSA[-{length}][-{hashAlgorithm}]", "primitive": "signature" } ] @@ -251,11 +251,11 @@ ], "variant": [ { - "pattern": "SRP-3[-{hashFunction}][-{namedGroup}]", + "pattern": "SRP-3[-{hashAlgorithm}][-{namedGroup}]", "primitive": "key-agree" }, { - "pattern": "SRP-6[-{hashFunction}][-{namedGroup}]", + "pattern": "SRP-6[-{hashAlgorithm}][-{namedGroup}]", "primitive": "key-agree" } ] @@ -465,7 +465,7 @@ ], "variant": [ { - "pattern": "HKDF[-{hashFunction}]", + "pattern": "HKDF[-{hashAlgorithm}]", "primitive": "kdf" } ] @@ -484,7 +484,7 @@ ], "variant": [ { - "pattern": "HMAC[-{hashFunction}][-{tagLength}]", + "pattern": "HMAC[-{hashAlgorithm}][-{tagLength}]", "primitive": "mac" } ] @@ -504,21 +504,6 @@ } ] }, - { - "family": "KMAC", - "standard": [ - { - "name": "SP800-108r1", - "url": "https://doi.org/10.6028/NIST.SP.800-108r1-upd1" - } - ], - "variant": [ - { - "pattern": "KMAC[-(128|256)]", - "primitive": "mac" - } - ] - }, { "family": "UMAC", "standard": [ @@ -733,7 +718,7 @@ "primitive": "signature" }, { - "pattern": "HashML-DSA-(44|65|87)[-{hashFunction}]", + "pattern": "HashML-DSA-(44|65|87)[-{hashAlgorithm}]", "primitive": "signature" } ] @@ -752,7 +737,7 @@ "primitive": "signature" }, { - "pattern": "HashSLH-DSA-(SHA2|SHAKE)-(128s|128f|192s|192f|256s|256f)[-{hashFunction}]", + "pattern": "HashSLH-DSA-(SHA2|SHAKE)-(128s|128f|192s|192f|256s|256f)[-{hashAlgorithm}]", "primitive": "signature" } ] @@ -798,7 +783,7 @@ ], "variant": [ { - "pattern": "LMS[_{hashFunction}][_M{bytesPerNode}][_H{treeHeight}]", + "pattern": "LMS[_{hashAlgorithm}][_M{bytesPerNode}][_H{treeHeight}]", "primitive": "signature" }, { @@ -1006,7 +991,7 @@ "primitive": "block-cipher" }, { - "pattern": "SEED-128[-{mode}][-{padding}]-HMAC[-{hashFunction}][-{tagLength}]", + "pattern": "SEED-128[-{mode}][-{padding}]-HMAC[-{hashAlgorithm}][-{tagLength}]", "primitive": "ae" }, { @@ -1108,7 +1093,7 @@ ], "variant": [ { - "pattern": "SP800_108_(CounterKDF|FeedbackKDF|DoublePipelineKDF)[-{prfFunction}][-{dkmLength}]", + "pattern": "SP800_108_(CounterKDF|FeedbackKDF|DoublePipelineKDF|KMAC)[-{prfFunction}][-{dkmLength}]", "primitive": "key-derive" } ] @@ -1165,7 +1150,7 @@ ], "variant": [ { - "pattern": "X3DH[-{hashFunction}]", + "pattern": "X3DH[-{hashAlgorithm}]", "primitive": "key-agree" } ] @@ -1199,7 +1184,7 @@ ], "variant": [ { - "pattern": "OPAQUE-3DH[-{group}][-{hashFunction}][-{ksf}][-{kdf}][-{mac}]", + "pattern": "OPAQUE-3DH[-{group}][-{hashAlgorithm}][-{ksf}][-{kdf}][-{mac}]", "primitive": "key-agree" } ] @@ -1233,7 +1218,7 @@ ], "variant": [ { - "pattern": "SPAKE2[-{group}][-{hashFunction}][-{kdf}][-{mac}]", + "pattern": "SPAKE2[-{group}][-{hashAlgorithm}][-{kdf}][-{mac}]", "primitive": "key-agree" } ] @@ -1248,7 +1233,7 @@ ], "variant": [ { - "pattern": "SPAKE2+[-{group}][-{hashFunction}][-{kdf}][-{mac}]", + "pattern": "SPAKE2+[-{group}][-{hashAlgorithm}][-{kdf}][-{mac}]", "primitive": "key-agree" } ] @@ -1588,7 +1573,7 @@ ], "variant": [ { - "pattern": "PBKDF1[-{hashFunction}][-{iterations}][-{dkLen}]", + "pattern": "PBKDF1[-{hashAlgorithm}][-{iterations}][-{dkLen}]", "primitive": "kdf" } ] @@ -1607,7 +1592,7 @@ ], "variant": [ { - "pattern": "PBKDF2[-{hashFunction}][-{iterations}][-{dkLen}]", + "pattern": "PBKDF2[-{hashAlgorithm}][-{iterations}][-{dkLen}]", "primitive": "kdf" } ] @@ -1652,7 +1637,7 @@ ], "variant": [ { - "pattern": "PBMAC1[-{macAlgorithm}][-{hashFunction}][-{iterations}][-{dkLen}]", + "pattern": "PBMAC1[-{macAlgorithm}][-{hashAlgorithm}][-{iterations}][-{dkLen}]", "primitive": "mac" } ] @@ -1668,7 +1653,7 @@ "variant": [ { "pattern": "bcrypt[-{cost}]", - "primitive": "hash" + "primitive": "kdf" } ] }, @@ -1683,7 +1668,22 @@ "variant": [ { "pattern": "scrypt[-{N}][-{r}][-{p}][-{dkLen}]", - "primitive": "hash" + "primitive": "kdf" + } + ] + }, + { + "family": "yescrypt", + "standard": [ + { + "name": "yescrypt - scalable KDF and password hashing scheme", + "url": "https://www.openwall.com/yescrypt/" + } + ], + "variant": [ + { + "pattern": "[{hashAlgorithm}-]yescrypt[-{N_log2}][-{r}][-{p}][-{t}]", + "primitive": "kdf" } ] }, @@ -1716,7 +1716,7 @@ "standard": [ { "name": "TIA TR45.0.A", - "url": "" + "url": "https://patents.google.com/patent/US5159634" } ], "variant": [ @@ -1736,7 +1736,7 @@ ], "variant": [ { - "pattern": "Fortuna[-{blockCipher}][-{hashFunction}]", + "pattern": "Fortuna[-{blockCipher}][-{hashAlgorithm}]", "primitive": "drbg" } ] @@ -1751,7 +1751,7 @@ ], "variant": [ { - "pattern": "Yarrow[-{blockCipher}][-{hashFunction}]", + "pattern": "Yarrow[-{blockCipher}][-{hashAlgorithm}]", "primitive": "drbg" } ] @@ -1781,7 +1781,7 @@ ], "variant": [ { - "pattern": "Hash_DRBG[-{hashFunction}]", + "pattern": "Hash_DRBG[-{hashAlgorithm}]", "primitive": "drbg" } ] @@ -1796,7 +1796,7 @@ ], "variant": [ { - "pattern": "HMAC_DRBG[-{hashFunction}]", + "pattern": "HMAC_DRBG[-{hashAlgorithm}]", "primitive": "drbg" } ] diff --git a/schema/cryptography-defs.schema.json b/schema/cryptography-defs.schema.json index 43a06741..e1781505 100644 --- a/schema/cryptography-defs.schema.json +++ b/schema/cryptography-defs.schema.json @@ -1,7 +1,7 @@ { "$schema": "http://json-schema.org/draft-07/schema#", "$id": "http://cyclonedx.org/schema/cryptography-defs.schema.json", - "$comment": "2026-02-26T14:12:39Z", + "$comment": "2026-03-05T14:27:50Z", "title": "Cryptographic Algorithm Family Definitions", "description": "Enumerates cryptographic algorithm families and their specific metadata.", "type": "object", @@ -281,7 +281,6 @@ "IDEA", "IKE-PRF", "J-PAKE", - "KMAC", "LMS", "MD2", "MD4", @@ -334,7 +333,8 @@ "Yarrow", "ZUC", "bcrypt", - "scrypt" + "scrypt", + "yescrypt" ] }, "ellipticCurvesEnum": {