Skip to content

fix(registry): remove duplicate BLAKE2b-HMAC variant (#752) #753

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
Mehrn0ush wants to merge 1 commit into
base: master
Choose a base branch
from
Open

fix(registry): remove duplicate BLAKE2b-HMAC variant (#752) #753

Mehrn0ush wants to merge 1 commit into from
+15 −5

Conversation

@Mehrn0ush
Copy link

@Mehrn0ush Mehrn0ush commented Dec 30, 2025

As discussed in ticket #752, this PR fixes a data-quality issue in the Cryptography Registry.

Fixes #752

Details

  • Removes a duplicate BLAKE2b-(160|256|384|512)-HMAC variant entry (primitive: mac)

Scope

  • Cryptography Registry data only (schema/cryptography-defs.json)
  • No schema or specification behavior changes

@Mehrn0ush Mehrn0ush requested a review from a team as a code owner December 30, 2025 17:31
@stevespringett
Copy link
Member

stevespringett commented Dec 31, 2025

cc: @bhess

@stevespringett stevespringett added the cap: cryptography Capability: Cryptography (CBOM) label Jan 2, 2026
bhess
bhess suggested changes Jan 5, 2026
View reviewed changes
Copy link
Contributor

@bhess bhess left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank you for highlighting this issue, @Mehrn0ush. Please see my inline comment, it seems to be a typo that caused the duplicate.

schema/cryptography-defs.json
"primitive": "hash"
},
{
"pattern": "BLAKE2b-(160|256|384|512)-HMAC",
Copy link
Contributor

@bhess bhess Jan 5, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The intention was to describe BLAKE2s with HMAC (instead of BLAKE2b), so this appears to be a typo that caused the duplicate. Could you please update the pattern to BLAKE2s-(160|256|384|512)-HMAC rather than removing the entry?

Copy link
Author

@Mehrn0ush Mehrn0ush Jan 5, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for the review, @bhess — agreed this was a typo.

I updated the entry to preserve both HMAC variants by correcting the duplicate to:

  • BLAKE2s-(160|256)-HMAC

Note: BLAKE2s only defines 160/256-bit digests (whereas BLAKE2b supports up to 512), so I kept the size set aligned with the existing BLAKE2s-(160|256) variant.

PR updated (amended) accordingly.

Copy link
Contributor

@bhess bhess Jan 5, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Indeed, thanks!

@bhess bhess mentioned this pull request Jan 5, 2026
Open
@Mehrn0ush
fix(registry): correct BLAKE2s-HMAC variant typo (CycloneDX#752)
f2a2652 
Signed-off-by: Mehrn0ush <mehrnoush.vaseghi@gmail.com>
@Mehrn0ush Mehrn0ush force-pushed the fix/crypto-registry-blake2-dup branch from 4e67374 to f2a2652 Compare January 5, 2026 16:29
bhess
bhess approved these changes Jan 5, 2026
View reviewed changes
Copy link
Contributor

@bhess bhess left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer

@bhess bhess bhess approved these changes

Reviewers whose approvals may not affect merge requirements

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

cap: cryptography Capability: Cryptography (CBOM)

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

[Defect]: Duplicate BLAKE2b-HMAC variant in Cryptography Registry

3 participants

@Mehrn0ush @stevespringett @bhess