Skip to content

Add Argon2 (RFC 9106) to Cryptography Registry #793

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
Mehrn0ush wants to merge 3 commits into
base: master
Choose a base branch
from
Open

Add Argon2 (RFC 9106) to Cryptography Registry #793

Mehrn0ush wants to merge 3 commits into from
+16 −0

Conversation

@Mehrn0ush
Copy link
Contributor

@Mehrn0ush Mehrn0ush commented Jan 25, 2026

This PR adds Argon2 (RFC 9106) to schema/cryptography-defs.json.

Notes on parameter naming vs Issue #756

Issue #756 proposes: Argon2(id|i|d)[-{memoryMiB}][-{iterations}][-{parallelism}].

RFC 9106 defines:

  • m as memory size in kibibytes (KiB),
  • t as number of passes,
  • p as degree of parallelism.

Accordingly, this PR uses:
Argon2(id|i|d)[-{memoryKiB}][-{passes}][-{parallelism}]

If the community prefers the Issue's naming for consistency with existing conventions, I can update the pattern accordingly.

Refs: #756

@Mehrn0ush Mehrn0ush requested a review from a team as a code owner January 25, 2026 20:00
@meghsaha-ibm
Copy link

meghsaha-ibm commented Feb 1, 2026
edited
Loading

The primitive for the variant Argon2(id|i|d)[-{memoryKiB}][-{passes}][-{parallelism}] should be kdf. Also, the variable {dkLen} may be considered.

@Mehrn0ush
Copy link
Contributor Author

Mehrn0ush commented Feb 1, 2026

The primitive for the variant Argon2(id|i|d)[-{memoryKiB}][-{passes}][-{parallelism}] should be kdf. Also, the variable {dkLen} may be considered.

Updated Argon2 variant primitive to kdf and added optional [-{dkLen}] for derived key length, consistent with existing {dkLen} usage in the registry.
Thanks.

@Mehrn0ush
feat(crypto-registry): add Argon2 (RFC 9106)
eb3e76c 
Add Argon2 (RFC 9106) to the Cryptography Registry with a parameterized pattern aligned to RFC terminology.

Signed-off-by: Mehrn0ush <[email protected]>
@Mehrn0ush
fix(registry): treat Argon2 as kdf and add dkLen
28eacb1 
Signed-off-by: Mehrn0ush <[email protected]>
@Mehrn0ush Mehrn0ush force-pushed the feat/crypto-registry-argon2-rfc9106 branch from 95e1727 to 28eacb1 Compare February 2, 2026 11:03
@Mehrn0ush
Copy link
Contributor Author

Mehrn0ush commented Feb 3, 2026

Added Argon2 to schema/cryptography-defs.schema.json#/definitions/algorithmFamiliesEnum to keep the schema enum aligned with the registry data in schema/cryptography-defs.json.
Without this, BOM 1.7 validation rejects cryptoProperties.algorithmProperties.algorithmFamily: "Argon2" even though Argon2 is present in the registry.
This is a schema-only alignment change; it does not modify the Argon2 registry entry or its variant pattern/primitive semantics.

@Mehrn0ush Mehrn0ush force-pushed the feat/crypto-registry-argon2-rfc9106 branch from 520e69f to 48455b8 Compare February 3, 2026 12:58
@Mehrn0ush
Copy link
Contributor Author

Mehrn0ush commented Feb 3, 2026

I noticed schema/cryptography-defs.schema.json did not end with a trailing newline in the current base.
My earlier update inadvertently introduced an EOF newline change alongside the intended enum update.
This follow-up commit keeps the file’s original EOF formatting (no trailing newline) and only adds "Argon2" to algorithmFamiliesEnum, so the schema enum remains consistent with cryptography-defs.json without unrelated formatting noise.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@Mehrn0ush @meghsaha-ibm