CycloneDX · stevespringett · Jun 19, 2025 · May 22, 2025 · Jun 12, 2025 · Jun 12, 2025
diff --git a/schema/bom-1.7.schema.json b/schema/bom-1.7.schema.json
@@ -5114,6 +5114,12 @@
                 "unknown": "The primitive is not known."
               }
             },
+            "algorithmFamily": {
+              "$ref": "cryptography-defs.schema.json#/properties/algorithmFamilies",
+              "title": "Algorithm Family",
+              "description": "A valid algorithm family identifier. If specified, this value must be one of the enumeration of valid algorithm Family identifiers defined in the cryptography-defs.schema.json subschema.",
+              "examples": ["3DES", "Blowfish", "ECDH"]
+            },
             "parameterSetIdentifier": {
               "type": "string",
               "title": "Parameter Set Identifier",
@@ -5526,6 +5532,8 @@
                 "ike",
                 "sstp",
                 "wpa",
+                "dtls",
+                "quic",
                 "other",
                 "unknown"
               ],

diff --git a/schema/cryptography-defs.json b/schema/cryptography-defs.json
@@ -143,7 +143,7 @@
     {
       "family": "SHA-3",
       "standard": [
-        {"name": "FIPS202", "url": "https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.202.pdf"}
+        {"name": "FIPS202", "url": "https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.202.pdf"},
         {"name": "SP800-185", "url": "https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.202.pdf"}
       ],
       "variant": [

diff --git a/schema/cryptography-defs.schema.json b/schema/cryptography-defs.schema.json
@@ -1,6 +1,7 @@
 {
   "$schema": "http://json-schema.org/draft-07/schema#",
   "$id": "http://cyclonedx.org/schema/cryptography-defs.schema.json",
+  "$comment": "2025-06-12T08:47:23.114985",
   "title": "Cryptographic Algorithm Family Definitions",
   "description": "Enumerates cryptographic algorithm families and their specific metadata.",
   "type": "object",
@@ -54,7 +55,10 @@
                   "description": "A URL pointing to the standard's official documentation."
                 }
               },
-              "required": ["name", "url"]
+              "required": [
+                "name",
+                "url"
+              ]
             }
           },
           "variant": {
@@ -101,17 +105,83 @@
                         "description": "A URL pointing to the standard's official documentation."
                       }
                     },
-                    "required": ["name", "url"]
+                    "required": [
+                      "name",
+                      "url"
+                    ]
                   }
                 }
               },
-              "required": ["pattern", "primitive"]
+              "required": [
+                "pattern",
+                "primitive"
+              ]
             }
           }
         },
-        "required": ["family", "variant"]
+        "required": [
+          "family",
+          "variant"
+        ]
       }
+    },
+    "algorithmFamilies": {
+      "type": "string",
+      "title": "Algorithm Families",
+      "description": "An enum for the algorithm families.",
+      "enum": [
+        "3DES",
+        "AES",
+        "ARIA",
+        "BLAKE2b",
+        "Blowfish",
+        "CAMELLIA",
+        "CMAC",
+        "ChaCha",
+        "ChaCha20",
+        "DES",
+        "DSA",
+        "ECDH",
+        "ECDSA",
+        "EdDSA",
+        "FFDH",
+        "GOST",
+        "HKDF",
+        "HMAC",
+        "HashML-DSA",
+        "HashSLH-DSA",
+        "IDEA",
+        "IKE-PRF",
+        "KMAC",
+        "LMS",
+        "MD4",
+        "MD5",
+        "ML-DSA",
+        "ML-KEM",
+        "PKCS12-PBEA",
+        "PKCS5-PBE",
+        "Poly1305",
+        "RC2",
+        "RC4",
+        "RSAES-OAEP",
+        "RSAES-PKCS1",
+        "RSASSA-PKCS1",
+        "RSASSA-PSS",
+        "SEED",
+        "SHA-1",
+        "SHA-2",
+        "SHA-3",
+        "SP800-108",
+        "Salsa20",
+        "Twofish",
+        "X3DH",
+        "XMSS"
+      ]
     }
   },
-  "required": ["lastUpdated", "algorithms"]
+  "required": [
+    "lastUpdated",
+    "algorithms",
+    "algorithmFamilies"
+  ]
 }
diff --git a/tools/algorithmFamilyGeneration.py b/tools/algorithmFamilyGeneration.py
@@ -0,0 +1,39 @@
+import json
+from datetime import datetime
+from pathlib import Path
+from typing import Dict, List, Any
+
+# Step 1: Load JSON data safely using context managers
+SCHEMA_DIR = Path(__file__).parent.parent / "schema"
+DEFS_FILE = SCHEMA_DIR / "cryptography-defs.json"
+SCHEMA_FILE = SCHEMA_DIR / "cryptography-defs.schema.json"
+
+with DEFS_FILE.open("r", encoding="utf-8") as defs_file:
+    defs_data: Dict[str, List[Dict[str, Any]]] = json.load(defs_file)
+
+with SCHEMA_FILE.open("r", encoding="utf-8") as schema_file:
+    schema_data: Dict[str, Any] = json.load(schema_file)
+
+# Step 2: Extract unique algorithm families and sort them
+families: List[str] = sorted({algo['family'] for algo in defs_data.get('algorithms', [])})
+
+# Step 3: Update the schema with the extracted families
+try:
+    schema_properties = schema_data['properties']
+except KeyError as e:
+    raise KeyError(f"Required schema property 'properties' missing: {e}")
+
+schema_data['$comment'] = datetime.now().isoformat()
+
+schema_data['properties']['algorithmFamilies'] = {
+    "type": "string",
+    "title": "Algorithm Families",
+    "description": "An enum for the algorithm families.",
+    "enum": families,
+}
+
+# Step 4: Write the updated schema back to the file
+with SCHEMA_FILE.open("w", encoding="utf-8") as update_file:
+    json.dump(schema_data, update_file, indent=2, ensure_ascii=False)
+
+print("Schema updated successfully.")