cipherscope 0.2.1

[version]
schema = "1"
updated = "2025-09-12"

# =========================
# C / C++
# =========================

[[library]]
name = "OpenSSL"
languages = ["C", "C++"]
[library.patterns]
include = [
  "^\\s*#\\s*include\\s*<openssl/[A-Za-z0-9_./-]+>",
]
apis = [
  "\\bEVP_[A-Za-z0-9_]+\\s*\\(",
  "\\bHMAC\\s*\\(",
  "\\bRSA_[A-Za-z0-9_]*[a-z][A-Za-z0-9_]*\\s*\\(",
  "\\bDSA_[A-Za-z0-9_]*[a-z][A-Za-z0-9_]*\\s*\\(",
  "\\bEC_KEY_[A-Za-z0-9_]*[a-z][A-Za-z0-9_]*\\s*\\(",
  "\\bECDSA_[A-Za-z0-9_]*[a-z][A-Za-z0-9_]*\\s*\\(",
  "\\bED25519_[A-Za-z0-9_]*[a-z][A-Za-z0-9_]*\\s*\\(",
  "\\bX509_[A-Za-z0-9_]*[a-z][A-Za-z0-9_]*\\s*\\(",
  "\\bPKCS\\d_[A-Za-z0-9_]+\\s*\\(",
]

# Algorithm definitions for OpenSSL
[[library.algorithms]]
name = "RSA"
primitive = "signature"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bRSA_[A-Za-z0-9_]*[a-z][A-Za-z0-9_]*\\s*\\(",
  "\\bEVP_PKEY_CTX_set_rsa_keygen_bits\\s*\\(",
]
[[library.algorithms.parameter_patterns]]
name = "keySize"
pattern = "RSA_generate_key_ex\\s*\\([^,]+,\\s*(\\d{4})"
[[library.algorithms.parameter_patterns]]
name = "keySize"
pattern = "EVP_PKEY_CTX_set_rsa_keygen_bits\\s*\\([^,]+,\\s*(\\d+)"
[[library.algorithms.parameter_patterns]]
name = "keySize"
pattern = "EVP_PKEY_CTX_set_rsa_keygen_bits\\s*\\([^,]+,\\s*(\\d+)"

[[library.algorithms]]
name = "DSA"
primitive = "signature"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bDSA_[A-Za-z0-9_]*[a-z][A-Za-z0-9_]*\\s*\\(",
  "\\bEVP_PKEY_CTX_new_id\\s*\\(\\s*EVP_PKEY_DSA\\b",
  "\\bEVP_PKEY_CTX_new_from_name\\s*\\([^,]+,\\s*[\"']DSA[\"']",
  "\\bEVP_dss1\\s*\\(", # legacy DSA with SHA-1
]

[[library.algorithms]]
name = "ECDSA"
primitive = "signature"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bECDSA_[A-Za-z0-9_]*[a-z][A-Za-z0-9_]*\\s*\\(",
  "\\bEC_KEY_[A-Za-z0-9_]*[a-z][A-Za-z0-9_]*\\s*\\(",
]
[[library.algorithms.parameter_patterns]]
name = "curve"
pattern = "EC_KEY_new_by_curve_name\\s*\\(\\s*(NID_(?:X9_62_prime256v1|secp384r1|secp521r1))"

[[library.algorithms]]
name = "AES-GCM"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bEVP_aes_\\d+_gcm\\s*\\(",
]
[[library.algorithms.parameter_patterns]]
name = "keySize"
pattern = "EVP_aes_(\\d+)_gcm"

[[library.algorithms]]
name = "AES"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bEVP_aes_\\d+_(?:cbc|ctr|ofb|cfb|ecb)\\s*\\(",
  # Explicit EVP AES mode calls
  "\\bEVP_aes_(?:128|192|256)_cbc\\s*\\(",
  "\\bEVP_aes_(?:128|192|256)_ecb\\s*\\(",
  "\\bEVP_aes_(?:128|192|256)_cfb\\s*\\(",
  "\\bEVP_aes_(?:128|192|256)_ofb\\s*\\(",
  "\\bAES_[A-Za-z0-9_]*[a-z][A-Za-z0-9_]*\\s*\\(",
]
[[library.algorithms.parameter_patterns]]
name = "keySize"
pattern = "EVP_aes_(\\d+)"

[[library.algorithms]]
name = "RSA"
primitive = "signature"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bRSA_[A-Za-z0-9_]*[a-z][A-Za-z0-9_]*\\s*\\(",
  "\\bEVP_PKEY_CTX_set_rsa_keygen_bits\\s*\\(",
]
[[library.algorithms.parameter_patterns]]
name = "keySize"
pattern = "RSA_generate_key_ex\\s*\\([^,]+,\\s*(\\d{4})"
[[library.algorithms.parameter_patterns]]
name = "keySize"
pattern = "aes_(\\d+)"

[[library.algorithms]]
name = "SHA-256"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bEVP_sha256\\s*\\(",
  "\\bEVP_DigestInit.*SHA256",
  "\\bSHA256\\s*\\(",
  "\\bSHA256_Init",
  "\\bSHA256_Update",
  "\\bSHA256_Final",
]

[[library.algorithms]]
name = "SHA3-224"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bEVP_sha3_224\\s*\\(",
]

[[library.algorithms]]
name = "SHA3-256"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bEVP_sha3_256\\s*\\(",
]

[[library.algorithms]]
name = "SHA3-384"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bEVP_sha3_384\\s*\\(",
]

[[library.algorithms]]
name = "SHA3-512"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bEVP_sha3_512\\s*\\(",
]

[[library.algorithms]]
name = "SHAKE128"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bEVP_shake128\\s*\\(",
]

[[library.algorithms]]
name = "SHAKE256"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bEVP_shake256\\s*\\(",
]

[[library.algorithms]]
name = "SHA-1"
primitive = "hash"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bEVP_sha1\\s*\\(",
  "\\bEVP_DigestInit.*SHA1",
  "\\bSHA1_Init",
  "\\bSHA1_Update",
  "\\bSHA1_Final",
]

[[library.algorithms]]
name = "SHA-384"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bEVP_sha384\\s*\\(",
  "\\bEVP_DigestInit.*SHA384",
  "\\bSHA384_Init",
  "\\bSHA384_Update",
  "\\bSHA384_Final",
]

[[library.algorithms]]
name = "SHA-512"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bEVP_sha512\\s*\\(",
  "\\bEVP_DigestInit.*SHA512",
  "\\bSHA512_Init",
  "\\bSHA512_Update",
  "\\bSHA512_Final",
]

[[library.algorithms]]
name = "SHA-224"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bEVP_sha224\\s*\\(",
  "\\bEVP_DigestInit.*SHA224",
  "\\bSHA224_Init",
  "\\bSHA224_Update",
  "\\bSHA224_Final",
]

[[library.algorithms]]
name = "MD5"
primitive = "hash"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bEVP_md5\\s*\\(",
  "\\bEVP_DigestInit.*MD5",
  "\\bMD5_Init\\s*\\(",
  "\\bMD5_Update\\s*\\(",
  "\\bMD5_Final\\s*\\(",
]

[[library.algorithms]]
name = "MD4"
primitive = "hash"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bEVP_md4\\s*\\(",
  "\\bEVP_DigestInit.*MD4",
  "\\bMD4_Init",
  "\\bMD4_Update",
  "\\bMD4_Final",
  "\\bMD4",
]

[[library.algorithms]]
name = "RIPEMD-160"
primitive = "hash"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bEVP_ripemd160\\s*\\(",
  "\\bEVP_DigestInit.*RIPEMD",
  "\\bRIPEMD160_Init",
  "\\bRIPEMD160_Update",
  "\\bRIPEMD160_Final",
]

[[library.algorithms]]
name = "Whirlpool"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bEVP_whirlpool\\s*\\(",
  "\\bWHIRLPOOL_Init",
  "\\bWHIRLPOOL_Update",
  "\\bWHIRLPOOL_Final",
]

[[library.algorithms]]
name = "BLAKE2b"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bEVP_blake2b512\\s*\\(",
  "\\bBLAKE2b512_Init",
  "\\bBLAKE2b512_Update",
  "\\bBLAKE2b512_Final",
]

[[library.algorithms]]
name = "BLAKE2s"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bEVP_blake2s256\\s*\\(",
  "\\bBLAKE2s256_Init",
  "\\bBLAKE2s256_Update",
  "\\bBLAKE2s256_Final",
]

[[library.algorithms]]
name = "HMAC-SHA256"
primitive = "mac"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bHMAC\\s*\\(",
]

[[library.algorithms]]
name = "DES"
primitive = "symmetric"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  # Explicit EVP DES mode calls
  "\\bEVP_des_(?:cbc|ecb|cfb|ofb)\\s*\\(",
  "\\bDES_set_key\\s*\\(",
  "\\bDES_encrypt\\s*\\(",
  "\\bDES_decrypt\\s*\\(",
  "\\bDES_ecb_encrypt\\s*\\(",
  "\\bDES_cbc_encrypt\\s*\\(",
]

[[library.algorithms]]
name = "3DES"
primitive = "symmetric"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bEVP_des_ede\\w*\\s*\\(",
  "\\bEVP_des_ede3\\w*\\s*\\(",
  # Explicit EVP 3DES common modes
  "\\bEVP_des_ede3_cbc\\s*\\(",
  "\\bEVP_des_ede3_ecb\\s*\\(",
  "\\bDES_ede3_\\w+\\s*\\(",
  "\\bDES3_\\w+\\s*\\(",
]

[[library.algorithms]]
name = "Blowfish"
primitive = "symmetric"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bEVP_bf_\\w+\\s*\\(",
  # Explicit EVP Blowfish mode calls
  "\\bEVP_bf_(?:cbc|ecb|cfb|ofb)\\s*\\(",
  "\\bBF_set_key\\s*\\(",
  "\\bBF_encrypt\\s*\\(",
  "\\bBF_decrypt\\s*\\(",
  "\\bBF_ecb_encrypt\\s*\\(",
  "\\bBF_cbc_encrypt\\s*\\(",
]

[[library.algorithms]]
name = "CAST5"
primitive = "symmetric"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bEVP_cast5_\\w+\\s*\\(",
  # Explicit EVP CAST5 mode calls
  "\\bEVP_cast5_(?:cbc|ecb|cfb|ofb)\\s*\\(",
  "\\bCAST_set_key\\s*\\(",
  "\\bCAST_encrypt\\s*\\(",
  "\\bCAST_decrypt\\s*\\(",
  "\\bCAST_ecb_encrypt\\s*\\(",
  "\\bCAST_cbc_encrypt\\s*\\(",
]

[[library.algorithms]]
name = "Camellia"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bEVP_camellia_",
  "\\bCamellia_",
  "\\bEVP_camellia_128",
  "\\bEVP_camellia_192",
  "\\bEVP_camellia_256",
  "\\bCamellia_set_key",
  "\\bCamellia_encrypt",
  "\\bCamellia_decrypt",
]

[[library.algorithms]]
name = "IDEA"
primitive = "symmetric"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bEVP_idea_",
  "\\bIDEA_",
  "\\bEVP_idea_cbc",
  "\\bEVP_idea_ecb",
  "\\bEVP_idea_cfb",
  "\\bEVP_idea_ofb",
  "\\bIDEA_set_encrypt_key",
  "\\bIDEA_set_decrypt_key",
]

[[library.algorithms]]
name = "RC2"
primitive = "symmetric"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bEVP_rc2_",
  "\\bRC2_",
  "\\bEVP_rc2_cbc",
  "\\bEVP_rc2_ecb",
  "\\bEVP_rc2_cfb",
  "\\bEVP_rc2_ofb",
  "\\bRC2_set_key",
  "\\bRC2_encrypt",
  "\\bRC2_decrypt",
]

[[library.algorithms]]
name = "RC4"
primitive = "symmetric"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bEVP_rc4\\s*\\(",
  "\\bEVP_rc4_40\\s*\\(",
  "\\bRC4_set_key\\s*\\(",
  "\\bRC4\\s*\\(",
]

[[library.algorithms]]
name = "RC5"
primitive = "symmetric"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bEVP_rc5_",
  "\\bRC5_",
  "\\bEVP_rc5_32_12_16",
  "\\bRC5_32_set_key",
  "\\bRC5_32_encrypt",
  "\\bRC5_32_decrypt",
]

[[library.algorithms]]
name = "SEED"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bEVP_seed_",
  "\\bSEED_",
  "\\bEVP_seed_cbc",
  "\\bEVP_seed_ecb",
  "\\bEVP_seed_cfb",
  "\\bEVP_seed_ofb",
  "\\bSEED_set_key",
  "\\bSEED_encrypt",
  "\\bSEED_decrypt",
]

[[library.algorithms]]
name = "ChaCha20"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bEVP_chacha20\\s*\\(",
  "\\bChaCha20_",
  "\\bCHACHA20",
]

[[library.algorithms]]
name = "ChaCha20-Poly1305"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bEVP_chacha20_poly1305\\s*\\(",
  "\\bChaCha20_Poly1305",
]

[[library.algorithms]]
name = "ARIA"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bEVP_aria_",
  "\\bARIA_",
  "\\bEVP_aria_128",
  "\\bEVP_aria_192",
  "\\bEVP_aria_256",
  "\\bARIA_set_encrypt_key",
  "\\bARIA_set_decrypt_key",
  "\\bARIA_encrypt",
  "\\bARIA_decrypt",
]

[[library.algorithms]]
name = "SM4"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bEVP_sm4_",
  "\\bSM4_",
  "\\bEVP_sm4_cbc",
  "\\bEVP_sm4_ecb",
  "\\bEVP_sm4_cfb",
  "\\bEVP_sm4_ofb",
  "\\bSM4_set_key",
  "\\bSM4_encrypt",
  "\\bSM4_decrypt",
]

[[library.algorithms]]
name = "AES-CBC"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bEVP_aes_(?:128|192|256)_cbc\\s*\\(",
]
[[library.algorithms.parameter_patterns]]
name = "keySize"
pattern = "EVP_aes_(\\d+)_cbc"

[[library.algorithms]]
name = "ECDSA-P256"
primitive = "signature"
nistQuantumSecurityLevel = 1
symbol_patterns = [
  "\\bNID_X9_62_prime256v1",
  "\\bNID_prime256v1",
]

[[library.algorithms]]
name = "ECDSA-P384"
primitive = "signature"
nistQuantumSecurityLevel = 2
symbol_patterns = [
  "\\bNID_secp384r1",
]

[[library.algorithms]]
name = "ECDSA-P521"
primitive = "signature"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bNID_secp521r1",
]

[[library.algorithms]]
name = "DH"
primitive = "keyexchange"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bEVP_PKEY_DH",
  "\\bDH_",
  "\\bEVP_PKEY_CTX_set_dh_paramgen_prime_len",
]
[[library.algorithms.parameter_patterns]]
name = "keySize"
pattern = "EVP_PKEY_CTX_set_dh_paramgen_prime_len\\s*\\([^,]+,\\s*(\\d+)"

[[library.algorithms]]
name = "PBKDF2"
primitive = "kdf"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bPKCS5_PBKDF2_HMAC",
]
[[library.algorithms.parameter_patterns]]
name = "iterations"
pattern = "PKCS5_PBKDF2_HMAC\\([^,]+,[^,]+,[^,]+,[^,]+,\\s*(\\d+)"

[[library.algorithms]]
name = "Scrypt"
primitive = "kdf"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bEVP_PBE_scrypt",
]
[[library.algorithms.parameter_patterns]]
name = "N"
pattern = "EVP_PBE_scrypt\\([^,]+,[^,]+,[^,]+,[^,]+,\\s*(\\d+)"

[[library.algorithms]]
name = "HKDF"
primitive = "kdf"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bEVP_PKEY_HKDF",
  "\\bEVP_PKEY_derive_init",
  "\\bEVP_PKEY_CTX_set_hkdf_md",
]

[[library]]
name = "libsodium"
languages = ["C", "C++"]
[library.patterns]
include = [
  "^\\s*#\\s*include\\s*<sodium(?:/[^>]+)?(?:\\.h)?>",
  "^\\s*#\\s*include\\s*<sodium\\.h>",
]
apis = [
  "\\bcrypto_secretbox_(?:easy|open_easy)\\s*\\(",
  "\\bcrypto_aead_aes256gcm_(?:encrypt|decrypt|keygen)\\s*\\(",
  "\\bcrypto_aead_chacha20poly1305_ietf_(?:encrypt|decrypt)\\s*\\(",
  "\\bcrypto_aead_xchacha20poly1305_ietf_(?:encrypt|decrypt)\\s*\\(",
  "\\bcrypto_auth(?:_verify)?\\s*\\(",
  "\\bcrypto_auth_hmacsha256(?:_keygen|_verify)?\\s*\\(",
  "\\bcrypto_hash_sha256\\s*\\(",
  "\\bcrypto_sign(?:_keypair|_detached|_verify_detached|_open)?\\s*\\(",
  "\\bcrypto_generichash\\s*\\(",
  "\\bcrypto_scalarmult\\s*\\(",
  "\\bsodium_init\\s*\\(",
  "\\brandombytes_buf\\s*\\(",
]

# Algorithm definitions for libsodium
[[library.algorithms]]
name = "XSalsa20-Poly1305"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bcrypto_secretbox",
  "\\bcrypto_box_(?:easy|open_easy|detached|open_detached|seal|seal_open|afternm|open_afternm|easy_afternm|open_easy_afternm)",
]

[[library.algorithms]]
name = "ChaCha20-Poly1305"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bcrypto_aead_chacha20poly1305_ietf",
]

[[library.algorithms]]
name = "XChaCha20-Poly1305"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bcrypto_aead_xchacha20poly1305_ietf",
]

[[library.algorithms]]
name = "AES-256-GCM"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bcrypto_aead_aes256gcm_(?:keygen|encrypt|decrypt)",
]

[[library.algorithms]]
name = "X25519"
primitive = "keyexchange"
nistQuantumSecurityLevel = 1
symbol_patterns = [
  "\\bcrypto_scalarmult",
  "\\bcrypto_scalarmult_curve25519",
  "\\bcrypto_kx",
  "\\bcrypto_box",
]

[[library.algorithms]]
name = "Ed25519"
primitive = "signature"
nistQuantumSecurityLevel = 1
symbol_patterns = [
  "\\bcrypto_sign",
  "\\bcrypto_sign_ed25519",
]

[[library.algorithms]]
name = "BLAKE2b"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bcrypto_generichash",
  "\\bcrypto_generichash_blake2b",
]

[[library.algorithms]]
name = "SHA-256"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bcrypto_hash_sha256",
]

[[library.algorithms]]
name = "SHA-512"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bcrypto_hash_sha512",
]

[[library.algorithms]]
name = "HMAC-SHA256"
primitive = "mac"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bcrypto_auth_hmacsha256",
]

[[library.algorithms]]
name = "HMAC-SHA512"
primitive = "mac"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bcrypto_auth_hmacsha512",
]

[[library.algorithms]]
name = "HMAC-SHA512-256"
primitive = "mac"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bcrypto_auth\\s*\\(",
  "\\bcrypto_auth_verify\\s*\\(",
  "\\bcrypto_auth_keygen\\s*\\(",
]

[[library.algorithms]]
name = "Poly1305"
primitive = "mac"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bcrypto_onetimeauth",
]

[[library]]
name = "liboqs"
languages = ["C", "C++"]
[library.patterns]
include = [
  "^\\s*#\\s*include\\s*<oqs/oqs\\.h>",
  "^\\s*#\\s*include\\s*<oqs/kem\\.h>",
  "^\\s*#\\s*include\\s*<oqs/sig\\.h>",
]
apis = [
  "\\bOQS_KEM_[A-Za-z0-9_]+\\s*\\(",
  "\\bOQS_SIG_[A-Za-z0-9_]+\\s*\\(",
  "\\bOQS_KEM_[A-Za-z0-9_]+\\b",
  "\\bOQS_SIG_[A-Za-z0-9_]+\\b",
]

# Algorithm definitions for liboqs
[[library.algorithms]]
name = "Kyber-512"
primitive = "keyexchange"
nistQuantumSecurityLevel = 1
symbol_patterns = [
  "\\bOQS_KEM_(?:alg_)?kyber_512\\b",
  "\\bkyber_512\\b",
]

[[library.algorithms]]
name = "Kyber-768"
primitive = "keyexchange"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bOQS_KEM_(?:alg_)?kyber_768\\b",
  "\\bkyber_768\\b",
]

[[library.algorithms]]
name = "Kyber-1024"
primitive = "keyexchange"
nistQuantumSecurityLevel = 5
symbol_patterns = [
  "\\bOQS_KEM_(?:alg_)?kyber_1024\\b",
  "\\bkyber_1024\\b",
]

[[library.algorithms]]
name = "ML-DSA-44"
primitive = "signature"
nistQuantumSecurityLevel = 2
symbol_patterns = [
  "\\bOQS_SIG_alg_ml_dsa_44\\b",
  "\\bML-DSA-44\\b",
]

[[library.algorithms]]
name = "ML-DSA-65"
primitive = "signature"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bOQS_SIG_alg_ml_dsa_65\\b",
  "\\bML-DSA-65\\b",
]

[[library.algorithms]]
name = "ML-DSA-87"
primitive = "signature"
nistQuantumSecurityLevel = 5
symbol_patterns = [
  "\\bOQS_SIG_alg_ml_dsa_87\\b",
  "\\bML-DSA-87\\b",
]

[[library.algorithms]]
name = "Falcon-512"
primitive = "signature"
nistQuantumSecurityLevel = 1
symbol_patterns = [
  "\\bOQS_SIG_(?:alg_)?falcon_512\\b",
  "\\bfalcon_512\\b",
]

[[library.algorithms]]
name = "Falcon-1024"
primitive = "signature"
nistQuantumSecurityLevel = 5
symbol_patterns = [
  "\\bOQS_SIG_(?:alg_)?falcon_1024\\b",
  "\\bfalcon_1024\\b",
]

[[library.algorithms]]
name = "SPHINCS+-128"
primitive = "signature"
nistQuantumSecurityLevel = 1
symbol_patterns = [
  "\\bOQS_SIG_(?:alg_)?sphincs(?:_sha2|_shake)?_128\\w*\\b",
  "\\bsphincs(?:_sha2|_shake)?_128\\w*\\b",
]

[[library.algorithms]]
name = "SPHINCS+-192"
primitive = "signature"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bOQS_SIG_(?:alg_)?sphincs(?:_sha2|_shake)?_192\\w*\\b",
  "\\bsphincs(?:_sha2|_shake)?_192\\w*\\b",
]

[[library.algorithms]]
name = "SPHINCS+-256"
primitive = "signature"
nistQuantumSecurityLevel = 5
symbol_patterns = [
  "\\bOQS_SIG_(?:alg_)?sphincs(?:_sha2|_shake)?_256\\w*\\b",
  "\\bsphincs(?:_sha2|_shake)?_256\\w*\\b",
]

[[library]]
name = "mlkem-native"
languages = ["C", "C++"]
[library.patterns]
include = [
  "^\\s*#\\s*include\\s*<mlkem/mlkem_native\\.h>",
  "^\\s*#\\s*include\\s*<mlkem_native\\.h>",
  "^\\s*#\\s*include\\s*\"mlkem_native\\.h\"",
]
apis = [
  "\\bcrypto_kem_(?:keypair(?:_derand)?|enc(?:_derand)?|dec|check_pk|check_sk)\\b",
  "\\bMLKEM(?:512|768|1024)_(?:SECRETKEYBYTES|PUBLICKEYBYTES|CIPHERTEXTBYTES|SYMBYTES|BYTES)\\b",
]

# Algorithm definitions for mlkem-native
[[library.algorithms]]
name = "ML-KEM-512"
primitive = "keyexchange"
nistQuantumSecurityLevel = 1
symbol_patterns = [
  "\\bMLKEM512_(?:SECRETKEYBYTES|PUBLICKEYBYTES|CIPHERTEXTBYTES|SYMBYTES|BYTES)\\b",
]

[[library.algorithms]]
name = "ML-KEM-768"
primitive = "keyexchange"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bMLKEM768_(?:SECRETKEYBYTES|PUBLICKEYBYTES|CIPHERTEXTBYTES|SYMBYTES|BYTES)\\b",
]

[[library.algorithms]]
name = "ML-KEM-1024"
primitive = "keyexchange"
nistQuantumSecurityLevel = 5
symbol_patterns = [
  "\\bMLKEM1024_(?:SECRETKEYBYTES|PUBLICKEYBYTES|CIPHERTEXTBYTES|SYMBYTES|BYTES)\\b",
]

[[library]]
name = "Libgcrypt"
languages = ["C", "C++"]
[library.patterns]
include = [
  "^\\s*#\\s*include\\s*<gcrypt\\.h>",
]
apis = [
  "\\bgcry_[A-Za-z0-9_]+\\s*\\(",
]

# Algorithm definitions for Libgcrypt
[[library.algorithms]]
name = "RSA"
primitive = "signature"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bgcry_pk_genkey.*RSA",
  "\\bGCRY_PK_RSA",
]

[[library.algorithms]]
name = "AES"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bgcry_cipher_open.*AES",
  "\\bGCRY_CIPHER_AES",
  "\\bGCRY_CIPHER_AES128",
  "\\bGCRY_CIPHER_AES192",
  "\\bGCRY_CIPHER_AES256",
]

[[library.algorithms]]
name = "DES"
primitive = "symmetric"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bgcry_cipher_open.*DES",
  "\\bGCRY_CIPHER_DES",
]

[[library.algorithms]]
name = "3DES"
primitive = "symmetric"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bgcry_cipher_open.*3DES",
  "\\bGCRY_CIPHER_3DES",
  "\\bGCRY_CIPHER_DES_SK",
]

[[library.algorithms]]
name = "Blowfish"
primitive = "symmetric"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bgcry_cipher_open.*BLOWFISH",
  "\\bGCRY_CIPHER_BLOWFISH",
]

[[library.algorithms]]
name = "CAST5"
primitive = "symmetric"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bgcry_cipher_open.*CAST5",
  "\\bGCRY_CIPHER_CAST5",
]

[[library.algorithms]]
name = "Twofish"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bgcry_cipher_open.*TWOFISH",
  "\\bGCRY_CIPHER_TWOFISH",
  "\\bGCRY_CIPHER_TWOFISH128",
]

[[library.algorithms]]
name = "Serpent"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bgcry_cipher_open.*SERPENT",
  "\\bGCRY_CIPHER_SERPENT128",
  "\\bGCRY_CIPHER_SERPENT192",
  "\\bGCRY_CIPHER_SERPENT256",
]

[[library.algorithms]]
name = "Camellia"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bgcry_cipher_open.*CAMELLIA",
  "\\bGCRY_CIPHER_CAMELLIA128",
  "\\bGCRY_CIPHER_CAMELLIA192",
  "\\bGCRY_CIPHER_CAMELLIA256",
]

[[library.algorithms]]
name = "SEED"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bgcry_cipher_open.*SEED",
  "\\bGCRY_CIPHER_SEED",
]

[[library.algorithms]]
name = "IDEA"
primitive = "symmetric"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bgcry_cipher_open.*IDEA",
  "\\bGCRY_CIPHER_IDEA",
]

[[library.algorithms]]
name = "RC2"
primitive = "symmetric"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bgcry_cipher_open.*RC2",
  "\\bGCRY_CIPHER_RFC2268_40",
  "\\bGCRY_CIPHER_RFC2268_128",
]

[[library.algorithms]]
name = "RC4"
primitive = "symmetric"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bgcry_cipher_open.*ARCFOUR",
  "\\bGCRY_CIPHER_ARCFOUR",
]

[[library.algorithms]]
name = "Salsa20"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bgcry_cipher_open.*SALSA20",
  "\\bGCRY_CIPHER_SALSA20",
  "\\bGCRY_CIPHER_SALSA20R12",
]

[[library.algorithms]]
name = "ChaCha20"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bgcry_cipher_open.*CHACHA20",
  "\\bGCRY_CIPHER_CHACHA20",
]

[[library.algorithms]]
name = "GOST28147"
primitive = "symmetric"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bgcry_cipher_open.*GOST",
  "\\bGCRY_CIPHER_GOST28147",
]

[[library.algorithms]]
name = "SHA-256"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bgcry_md_open.*SHA256",
  "\\bGCRY_MD_SHA256",
  "\\bgcry_md_hash_buffer.*SHA256",
]

[[library.algorithms]]
name = "SHA-1"
primitive = "hash"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bgcry_md_open.*SHA1",
  "\\bGCRY_MD_SHA1",
  "\\bgcry_md_hash_buffer.*SHA1",
]

[[library.algorithms]]
name = "SHA-224"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bgcry_md_open.*SHA224",
  "\\bGCRY_MD_SHA224",
]

[[library.algorithms]]
name = "SHA-384"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bgcry_md_open.*SHA384",
  "\\bGCRY_MD_SHA384",
]

[[library.algorithms]]
name = "SHA-512"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bgcry_md_open.*SHA512",
  "\\bGCRY_MD_SHA512",
]

[[library.algorithms]]
name = "MD5"
primitive = "hash"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bgcry_md_open.*MD5",
  "\\bGCRY_MD_MD5",
  "\\bgcry_md_hash_buffer.*MD5",
]

[[library.algorithms]]
name = "MD4"
primitive = "hash"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bgcry_md_open.*MD4",
  "\\bGCRY_MD_MD4",
]

[[library.algorithms]]
name = "RIPEMD-160"
primitive = "hash"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bgcry_md_open.*RMD160",
  "\\bGCRY_MD_RMD160",
]

[[library.algorithms]]
name = "Whirlpool"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bgcry_md_open.*WHIRLPOOL",
  "\\bGCRY_MD_WHIRLPOOL",
]

[[library.algorithms]]
name = "BLAKE2b"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bgcry_md_open.*BLAKE2B",
  "\\bGCRY_MD_BLAKE2B_512",
]

[[library.algorithms]]
name = "BLAKE2s"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bgcry_md_open.*BLAKE2S",
  "\\bGCRY_MD_BLAKE2S_256",
]

[[library.algorithms]]
name = "SHA3-256"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bgcry_md_open.*SHA3_256",
  "\\bGCRY_MD_SHA3_256",
]

[[library.algorithms]]
name = "SHA3-512"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bgcry_md_open.*SHA3_512",
  "\\bGCRY_MD_SHA3_512",
]

[[library]]
name = "libMD"
languages = ["C", "C++"]
[library.patterns]
include = [
  "^\\s*#\\s*include\\s*<sys/md[45]\\.h>",
  "^\\s*#\\s*include\\s*<sys/sha\\.h>",
  "^\\s*#\\s*include\\s*<sys/sha[0-9]+\\.h>",
  "^\\s*#\\s*include\\s*<sys/ripemd\\.h>",
  "^\\s*#\\s*include\\s*<md5\\.h>",
  "^\\s*#\\s*include\\s*<sha\\.h>",
  "^\\s*#\\s*include\\s*<sha256\\.h>",
  "^\\s*#\\s*include\\s*<ripemd\\.h>",
]
apis = [
  "\\bMD[45]_?[A-Za-z]+\\s*\\(",
  "\\bSHA[0-9]*_?[A-Za-z]+\\s*\\(",
  "\\bRIPEMD160_[A-Za-z]+\\s*\\(",
]

# Algorithm definitions for libMD
[[library.algorithms]]
name = "SHA-1"
primitive = "hash"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bSHA1_End\\s*\\(",
  "\\bSHA1_Data\\s*\\(",
  "\\bSHA1_File\\s*\\(",
  "\\bSHA1_FileChunk\\s*\\(",
  "\\bSHA_End\\s*\\(",
  "\\bSHA_Data\\s*\\(",
  "\\bSHA_File\\s*\\(",
  "\\bSHA_FileChunk\\s*\\(",
]

[[library.algorithms]]
name = "SHA-224"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bSHA224_End\\s*\\(",
  "\\bSHA224_Data\\s*\\(",
  "\\bSHA224_File\\s*\\(",
  "\\bSHA224_FileChunk\\s*\\(",
]

[[library.algorithms]]
name = "SHA-256"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bSHA256_End\\s*\\(",
  "\\bSHA256_Data\\s*\\(",
  "\\bSHA256_File\\s*\\(",
  "\\bSHA256_FileChunk\\s*\\(",
]

[[library.algorithms]]
name = "SHA-384"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bSHA384_End\\s*\\(",
  "\\bSHA384_Data\\s*\\(",
  "\\bSHA384_File\\s*\\(",
  "\\bSHA384_FileChunk\\s*\\(",
]

[[library.algorithms]]
name = "SHA-512"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bSHA512_End\\s*\\(",
  "\\bSHA512_Data\\s*\\(",
  "\\bSHA512_File\\s*\\(",
  "\\bSHA512_FileChunk\\s*\\(",
]

[[library.algorithms]]
name = "MD4"
primitive = "hash"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bMD4Init\\s*\\(",
  "\\bMD4Update\\s*\\(",
  "\\bMD4Pad\\s*\\(",
  "\\bMD4Final\\s*\\(",
  "\\bMD4End\\s*\\(",
  "\\bMD4File\\s*\\(",
  "\\bMD4FileChunk\\s*\\(",
  "\\bMD4Data\\s*\\(",
]

[[library.algorithms]]
name = "MD5"
primitive = "hash"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bMD5End\\s*\\(",
  "\\bMD5File\\s*\\(",
  "\\bMD5FileChunk\\s*\\(",
  "\\bMD5Data\\s*\\(",
]

[[library.algorithms]]
name = "RIPEMD-160"
primitive = "hash"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bRIPEMD160_Init\\s*\\(",
  "\\bRIPEMD160_Update\\s*\\(",
  "\\bRIPEMD160_Final\\s*\\(",
  "\\bRIPEMD160_End\\s*\\(",
  "\\bRIPEMD160_File\\s*\\(",
  "\\bRIPEMD160_FileChunk\\s*\\(",
  "\\bRIPEMD160_Data\\s*\\(",
]

[[library]]
name = "GLib"
languages = ["C", "C++"]
[library.patterns]
include = [
  "^\\s*#\\s*include\\s*<glib\\.h>",
  "^\\s*#\\s*include\\s*<glib/[A-Za-z0-9_./-]+>",
]
apis = [
  "\\bg_checksum_[A-Za-z0-9_]+\\s*\\(",
  "\\bg_compute_checksum_[A-Za-z0-9_]+\\s*\\(",
]

# Algorithm definitions for GLib
[[library.algorithms]]
name = "Hash"
primitive = "hash"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bg_checksum_type_get_length",
  "\\bg_checksum_new",
  "\\bg_checksum_copy",
  "\\bg_checksum_free",
  "\\bg_checksum_reset",
  "\\bg_checksum_update",
  "\\bg_checksum_get_string",
  "\\bg_checksum_get_digest",
  "\\bg_compute_checksum_for_data",
  "\\bg_compute_checksum_for_string",
  "\\bg_compute_checksum_for_bytes",
]

[[library]]
name = "MbedTLS"
languages = ["C", "C++"]
[library.patterns]
include = [
  "^\\s*#\\s*include\\s*<mbedtls/[^>]+\\.h>",
]
apis = [
  "\\bmbedtls_[a-z0-9_]+\\s*\\(",
]

# Algorithm definitions for MbedTLS
[[library.algorithms]]
name = "AES"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bmbedtls_aes_init",
  "\\bmbedtls_aes_setkey_enc",
  "\\bmbedtls_aes_setkey_dec",
  "\\bmbedtls_aes_crypt_ecb",
]

[[library.algorithms]]
name = "AES-CBC"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bmbedtls_aes_crypt_cbc",
]

[[library.algorithms]]
name = "AES-CTR"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bmbedtls_aes_crypt_ctr",
]

[[library.algorithms]]
name = "AES-GCM"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bmbedtls_gcm_init",
  "\\bmbedtls_gcm_setkey",
  "\\bmbedtls_gcm_crypt_and_tag",
]

[[library.algorithms]]
name = "AES-CCM"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bmbedtls_ccm_init",
  "\\bmbedtls_ccm_setkey",
  "\\bmbedtls_ccm_encrypt_and_tag",
]

[[library.algorithms]]
name = "AES-OFB"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bMBEDTLS_CIPHER_AES_\\d+_OFB",
]

[[library.algorithms]]
name = "AES-CFB"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bMBEDTLS_CIPHER_AES_\\d+_CFB",
]

[[library.algorithms]]
name = "DES"
primitive = "symmetric"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bmbedtls_des_init",
  "\\bmbedtls_des_setkey_enc",
  "\\bmbedtls_des_crypt_cbc",
]

[[library.algorithms]]
name = "3DES"
primitive = "symmetric"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bmbedtls_des3_init",
  "\\bmbedtls_des3_set3key_enc",
  "\\bmbedtls_des3_crypt_cbc",
]

[[library.algorithms]]
name = "Blowfish"
primitive = "symmetric"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bmbedtls_blowfish_init",
  "\\bmbedtls_blowfish_setkey",
  "\\bmbedtls_blowfish_crypt_cbc",
]

[[library.algorithms]]
name = "Camellia"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bmbedtls_camellia_init",
  "\\bmbedtls_camellia_setkey_enc",
  "\\bmbedtls_camellia_crypt_cbc",
]

[[library.algorithms]]
name = "ARIA"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bmbedtls_aria_init",
  "\\bmbedtls_aria_setkey_enc",
  "\\bmbedtls_aria_crypt_cbc",
]

[[library.algorithms]]
name = "ChaCha20"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bmbedtls_chacha20_init",
  "\\bmbedtls_chacha20_setkey",
  "\\bmbedtls_chacha20_crypt",
]

[[library.algorithms]]
name = "ChaCha20-Poly1305"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bmbedtls_chachapoly_init",
  "\\bmbedtls_chachapoly_setkey",
  "\\bmbedtls_chachapoly_encrypt_and_tag",
]

[[library.algorithms]]
name = "RSA"
primitive = "asymmetric"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bmbedtls_rsa_init",
  "\\bmbedtls_rsa_gen_key",
]

[[library.algorithms]]
name = "RSA-PKCS1"
primitive = "asymmetric"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bmbedtls_rsa_pkcs1_encrypt",
  "\\bmbedtls_rsa_pkcs1_decrypt",
  "\\bmbedtls_rsa_pkcs1_sign",
  "\\bmbedtls_rsa_pkcs1_verify",
  "\\bMBEDTLS_RSA_PKCS_V15",
]

[[library.algorithms]]
name = "RSA-OAEP"
primitive = "asymmetric"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bmbedtls_rsa_rsaes_oaep_encrypt",
  "\\bmbedtls_rsa_rsaes_oaep_decrypt",
]

[[library.algorithms]]
name = "RSA-PSS"
primitive = "signature"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bmbedtls_rsa_rsassa_pss_sign",
  "\\bmbedtls_rsa_rsassa_pss_verify",
]

[[library.algorithms]]
name = "ECDSA"
primitive = "signature"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bmbedtls_ecdsa_init",
  "\\bmbedtls_ecdsa_genkey",
  "\\bmbedtls_ecdsa_write_signature",
  "\\bmbedtls_ecdsa_read_signature",
]

[[library.algorithms]]
name = "ECDSA-P192"
primitive = "signature"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bMBEDTLS_ECP_DP_SECP192R1",
]

[[library.algorithms]]
name = "ECDSA-P224"
primitive = "signature"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bMBEDTLS_ECP_DP_SECP224R1",
]

[[library.algorithms]]
name = "ECDSA-P256"
primitive = "signature"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bMBEDTLS_ECP_DP_SECP256R1",
]

[[library.algorithms]]
name = "ECDSA-P384"
primitive = "signature"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bMBEDTLS_ECP_DP_SECP384R1",
]

[[library.algorithms]]
name = "ECDSA-P521"
primitive = "signature"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bMBEDTLS_ECP_DP_SECP521R1",
]

[[library.algorithms]]
name = "secp256k1"
primitive = "signature"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bMBEDTLS_ECP_DP_SECP256K1",
]

[[library.algorithms]]
name = "ECDH"
primitive = "keyexchange"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bmbedtls_ecdh_init",
  "\\bmbedtls_ecdh_gen_public",
  "\\bmbedtls_ecdh_calc_secret",
]

[[library.algorithms]]
name = "Curve25519"
primitive = "keyexchange"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bMBEDTLS_ECP_DP_CURVE25519",
]

[[library.algorithms]]
name = "Curve448"
primitive = "keyexchange"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bMBEDTLS_ECP_DP_CURVE448",
]

[[library.algorithms]]
name = "DH"
primitive = "keyexchange"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bmbedtls_dhm_init",
  "\\bmbedtls_dhm_make_public",
  "\\bmbedtls_dhm_calc_secret",
  "\\bmbedtls_dhm_set_group",
]

[[library.algorithms]]
name = "MD2"
primitive = "hash"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bmbedtls_md2_init",
  "\\bmbedtls_md2_starts",
  "\\bmbedtls_md2_ret",
]

[[library.algorithms]]
name = "MD5"
primitive = "hash"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bmbedtls_md5_init",
  "\\bmbedtls_md5_starts",
  "\\bmbedtls_md5_ret",
  "\\bMBEDTLS_MD_MD5",
]

[[library.algorithms]]
name = "SHA-1"
primitive = "hash"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bmbedtls_sha1_init",
  "\\bmbedtls_sha1_starts",
  "\\bmbedtls_sha1_ret",
  "\\bMBEDTLS_MD_SHA1",
]

[[library.algorithms]]
name = "SHA-224"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bmbedtls_sha256_starts_ret.*1",
  "\\bmbedtls_sha256_ret.*1",
  "\\bMBEDTLS_MD_SHA224",
]

[[library.algorithms]]
name = "SHA-256"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bmbedtls_sha256_init",
  "\\bmbedtls_sha256_starts_ret.*0",
  "\\bmbedtls_sha256_ret.*0",
  "\\bMBEDTLS_MD_SHA256",
]

[[library.algorithms]]
name = "SHA-384"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bmbedtls_sha512_starts_ret.*1",
  "\\bmbedtls_sha512_ret.*1",
  "\\bMBEDTLS_MD_SHA384",
]

[[library.algorithms]]
name = "SHA-512"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bmbedtls_sha512_init",
  "\\bmbedtls_sha512_starts_ret.*0",
  "\\bmbedtls_sha512_ret.*0",
  "\\bMBEDTLS_MD_SHA512",
]

[[library.algorithms]]
name = "RIPEMD-160"
primitive = "hash"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bmbedtls_ripemd160_init",
  "\\bmbedtls_ripemd160_starts",
  "\\bmbedtls_ripemd160_ret",
  "\\bMBEDTLS_MD_RIPEMD160",
]

[[library.algorithms]]
name = "PBKDF2"
primitive = "kdf"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bmbedtls_pkcs5_pbkdf2_hmac",
  "\\bmbedtls_pkcs5_pbkdf2_hmac_sha1",
]

[[library.algorithms]]
name = "HKDF"
primitive = "kdf"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bmbedtls_hkdf",
  "\\bmbedtls_hkdf_extract",
  "\\bmbedtls_hkdf_expand",
]

[[library.algorithms]]
name = "HMAC"
primitive = "mac"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bmbedtls_md_hmac",
  "\\bmbedtls_md_hmac_starts",
  "\\bmbedtls_md_hmac_update",
  "\\bmbedtls_md_hmac_finish",
]

[[library]]
name = "wolfSSL/wolfCrypt"
languages = ["C", "C++"]
[library.patterns]
include = [
  "^\\s*#\\s*include\\s*<wolfssl/[A-Za-z0-9_./-]+>",
]
apis = [
  "\\bwc_[A-Za-z0-9_]+\\s*\\(",
]

# Algorithm definitions for wolfSSL/wolfCrypt
[[library.algorithms]]
name = "RSA"
primitive = "signature"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bwc_RsaPublicKeyDecode",
  "\\bwc_MakeRsaKey",
]

[[library.algorithms]]
name = "AES"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bwc_AesSetKey",
  "\\bwc_AesGcmSetKey",
]

[[library.algorithms]]
name = "ECDSA"
primitive = "signature"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bwc_ecc_",
  "\\bwc_EccPrivateKeyDecode",
]

[[library]]
name = "Crypto++"
languages = ["C++"]
[library.patterns]
include = [
  "^\\s*#\\s*include\\s*<cryptopp/[A-Za-z0-9_./-]+>",
]
apis = [
  "\\bCryptoPP::[A-Za-z0-9_:]+\\s*\\(",
  "\\bCryptoPP::[A-Za-z0-9_:]+\\b", # namespace/class use
]

# Algorithm definitions for Crypto++
[[library.algorithms]]
name = "RSA"
primitive = "signature"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bCryptoPP::RSA",
  "\\bRSA::",
]

[[library.algorithms]]
name = "AES"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bCryptoPP::AES",
  "\\bGCM<AES>",
  "\\bAES::Encryption",
  "\\bAES::Decryption",
]
[[library.algorithms.parameter_patterns]]
name = "mode"
pattern = "(GCM|CBC|CTR|CFB|OFB)<AES>"

[[library.algorithms]]
name = "DES"
primitive = "symmetric"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bCryptoPP::DES",
  "\\bDES::Encryption",
  "\\bDES::Decryption",
]

[[library.algorithms]]
name = "3DES"
primitive = "symmetric"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bCryptoPP::DES_EDE3",
  "\\bDES_EDE3::Encryption",
  "\\bDES_EDE3::Decryption",
]

[[library.algorithms]]
name = "Blowfish"
primitive = "symmetric"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bCryptoPP::Blowfish",
  "\\bBlowfish::Encryption",
  "\\bBlowfish::Decryption",
]

[[library.algorithms]]
name = "Twofish"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bCryptoPP::Twofish",
  "\\bTwofish::Encryption",
  "\\bTwofish::Decryption",
]

[[library.algorithms]]
name = "Serpent"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bCryptoPP::Serpent",
  "\\bSerpent::Encryption",
  "\\bSerpent::Decryption",
]

[[library.algorithms]]
name = "CAST128"
primitive = "symmetric"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bCryptoPP::CAST128",
  "\\bCAST128::Encryption",
  "\\bCAST128::Decryption",
]

[[library.algorithms]]
name = "CAST256"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bCryptoPP::CAST256",
  "\\bCAST256::Encryption",
  "\\bCAST256::Decryption",
]

[[library.algorithms]]
name = "RC2"
primitive = "symmetric"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bCryptoPP::RC2",
  "\\bRC2::Encryption",
  "\\bRC2::Decryption",
]

[[library.algorithms]]
name = "RC4"
primitive = "symmetric"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bCryptoPP::ARC4",
  "\\bARC4::",
  "\\bCryptoPP::MARC4",
]

[[library.algorithms]]
name = "RC5"
primitive = "symmetric"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bCryptoPP::RC5",
  "\\bRC5::Encryption",
  "\\bRC5::Decryption",
]

[[library.algorithms]]
name = "RC6"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bCryptoPP::RC6",
  "\\bRC6::Encryption",
  "\\bRC6::Decryption",
]

[[library.algorithms]]
name = "IDEA"
primitive = "symmetric"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bCryptoPP::IDEA",
  "\\bIDEA::Encryption",
  "\\bIDEA::Decryption",
]

[[library.algorithms]]
name = "Camellia"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bCryptoPP::Camellia",
  "\\bCamellia::Encryption",
  "\\bCamellia::Decryption",
]

[[library.algorithms]]
name = "SEED"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bCryptoPP::SEED",
  "\\bSEED::Encryption",
  "\\bSEED::Decryption",
]

[[library.algorithms]]
name = "TEA"
primitive = "symmetric"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bCryptoPP::TEA",
  "\\bCryptoPP::TEA::Encryption",
  "\\bCryptoPP::TEA::Decryption",
]

[[library.algorithms]]
name = "XTEA"
primitive = "symmetric"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bCryptoPP::XTEA",
  "\\bCryptoPP::XTEA::Encryption",
  "\\bCryptoPP::XTEA::Decryption",
]

[[library.algorithms]]
name = "Salsa20"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bCryptoPP::Salsa20",
  "\\bSalsa20::",
]

[[library.algorithms]]
name = "ChaCha20"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bCryptoPP::ChaCha",
  "\\bChaCha::",
  "\\bCryptoPP::ChaChaTLS",
]

[[library.algorithms]]
name = "ECDSA"
primitive = "signature"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bCryptoPP::ECDSA",
  "\\bECDSA::",
]

[[library.algorithms]]
name = "SHA-256"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bCryptoPP::SHA256",
  "\\bSHA256::",
]

[[library.algorithms]]
name = "SHA-1"
primitive = "hash"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bCryptoPP::SHA1",
  "\\bSHA1::",
  "\\bSHA::",
]

[[library.algorithms]]
name = "SHA-224"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bCryptoPP::SHA224",
  "\\bSHA224::",
]

[[library.algorithms]]
name = "SHA-384"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bCryptoPP::SHA384",
  "\\bSHA384::",
]

[[library.algorithms]]
name = "SHA-512"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bCryptoPP::SHA512",
  "\\bSHA512::",
]

[[library.algorithms]]
name = "SHA3-256"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bCryptoPP::SHA3_256",
  "\\bSHA3_256::",
]

[[library.algorithms]]
name = "SHA3-512"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bCryptoPP::SHA3_512",
  "\\bSHA3_512::",
]

[[library.algorithms]]
name = "MD5"
primitive = "hash"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bCryptoPP::MD5",
  "\\bMD5::",
]

[[library.algorithms]]
name = "MD4"
primitive = "hash"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bCryptoPP::MD4",
  "\\bMD4::",
]

[[library.algorithms]]
name = "RIPEMD-160"
primitive = "hash"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bCryptoPP::RIPEMD160",
  "\\bRIPEMD160::",
]

[[library.algorithms]]
name = "Whirlpool"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bCryptoPP::Whirlpool",
  "\\bWhirlpool::",
]

[[library.algorithms]]
name = "BLAKE2b"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bCryptoPP::BLAKE2b",
  "\\bBLAKE2b::",
]

[[library.algorithms]]
name = "BLAKE2s"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bCryptoPP::BLAKE2s",
  "\\bBLAKE2s::",
]

[[library.algorithms]]
name = "HMAC-SHA256"
primitive = "mac"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bHMAC<SHA256>",
  "\\bCryptoPP::HMAC",
]

[[library.algorithms]]
name = "SHA3-224"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bCryptoPP::SHA3_224",
  "\\bSHA3_224::",
]

[[library.algorithms]]
name = "SHA3-384"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bCryptoPP::SHA3_384",
  "\\bSHA3_384::",
]

[[library.algorithms]]
name = "SHAKE128"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bCryptoPP::SHAKE128",
  "\\bSHAKE128::",
]

[[library.algorithms]]
name = "SHAKE256"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bCryptoPP::SHAKE256",
  "\\bSHAKE256::",
]

[[library.algorithms]]
name = "ChaCha20-Poly1305"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bCryptoPP::ChaCha20Poly1305",
  "\\bChaCha20Poly1305::",
  "\\bChaChaPoly1305::",
]

[[library.algorithms]]
name = "CAST5"
primitive = "symmetric"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bCryptoPP::CAST5",
  "\\bCAST5::Encryption",
  "\\bCAST5::Decryption",
]

[[library]]
name = "Google Tink (C++)"
languages = ["C++"]
[library.patterns]
include = [
  "^\\s*#\\s*include\\s*\"tink/",
]
apis = [
  "\\bcrypto::tink::[A-Za-z0-9_]+",
  "\\btink::[A-Za-z0-9_]+",
  "\\b(?:Aead|Mac|HybridDecrypt|HybridEncrypt|PublicKeySign|PublicKeyVerify)Config::Register",
  "\\b(?:AeadKeyTemplates|MacKeyTemplates|SignatureKeyTemplates|HybridKeyTemplates)::",
  "\\bKeysetHandle::",
  "\\bCleartextKeysetHandle::",
  "\\bHybridConfig::Register",
  "\\bEciesAeadHkdfDemHelper",
  "\\bHpkeContext",
  "\\bDeterministicAeadConfig::Register",
  "\\bStreamingAeadConfig::Register",
]

# Algorithm definitions for Google Tink (C++)
[[library.algorithms]]
name = "AES-GCM"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bAeadKeyTemplates::Aes\\d+Gcm",
  "\\bAesGcmKeyManager",
  "\\btink::Aead",
  "\\bAES\\d+_GCM",
]

[[library.algorithms]]
name = "AES-CTR-HMAC"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bAeadKeyTemplates::Aes\\d+CtrHmacSha256",
  "\\bAesCtrHmacAeadKeyManager",
  "\\bAES\\d+_CTR_HMAC_SHA256",
]

[[library.algorithms]]
name = "AES-EAX"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bAeadKeyTemplates::Aes\\d+Eax",
  "\\bAesEaxKeyManager",
  "\\bAES\\d+_EAX",
]

[[library.algorithms]]
name = "AES-GCM-SIV"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bAeadKeyTemplates::Aes\\d+GcmSiv",
  "\\bAesGcmSivKeyManager",
  "\\bAES\\d+_GCM_SIV",
]

[[library.algorithms]]
name = "XChaCha20-Poly1305"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bAeadKeyTemplates::XChaCha20Poly1305",
  "\\bXChaCha20Poly1305KeyManager",
  "\\bXCHACHA20_POLY1305",
]

[[library.algorithms]]
name = "ChaCha20-Poly1305"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bChaCha20Poly1305KeyManager",
  "\\bCHACHA20_POLY1305",
]

[[library.algorithms]]
name = "KMS Envelope AEAD"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bKmsEnvelopeAead",
  "\\bKmsEnvelopeAeadKeyManager",
]

[[library.algorithms]]
name = "HMAC-SHA256"
primitive = "mac"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bMacKeyTemplates::HmacSha256",
  "\\bHmacKeyManager",
  "\\bHMAC_SHA256",
]

[[library.algorithms]]
name = "HMAC-SHA512"
primitive = "mac"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bMacKeyTemplates::HmacSha512",
  "\\bHMAC_SHA512",
]

[[library.algorithms]]
name = "AES-CMAC"
primitive = "mac"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bMacKeyTemplates::AesCmac",
  "\\bAesCmacKeyManager",
  "\\bAES_CMAC",
]

[[library.algorithms]]
name = "ECDSA"
primitive = "signature"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bSignatureKeyTemplates::EcdsaP256",
  "\\bEcdsaSignKeyManager",
  "\\bEcdsaVerifyKeyManager",
  "\\btink::PublicKeySign",
  "\\btink::PublicKeyVerify",
]

[[library.algorithms]]
name = "Ed25519"
primitive = "signature"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bSignatureKeyTemplates::Ed25519",
  "\\bEd25519SignKeyManager",
  "\\bEd25519VerifyKeyManager",
]

[[library.algorithms]]
name = "RSA-PSS"
primitive = "signature"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bSignatureKeyTemplates::RsaSsaPss\\d+Sha\\d+Sha\\d+F4",
  "\\bRsaSsaPssSignKeyManager",
  "\\bRsaSsaPssVerifyKeyManager",
]

[[library.algorithms]]
name = "RSA-PKCS1"
primitive = "signature"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bSignatureKeyTemplates::RsaPkcs1_\\d+",
  "\\bRsaSsaPkcs1SignKeyManager",
  "\\bRsaSsaPkcs1VerifyKeyManager",
]

[[library.algorithms]]
name = "ECIES-P256-HKDF-HMAC-SHA256-AES128-GCM"
primitive = "asymmetric"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bHybridKeyTemplates::EciesP256HkdfHmacSha256Aes128Gcm\\s*\\(",
  "\\bEciesAeadHkdfPrivateKeyManager",
  "\\bEciesAeadHkdfPublicKeyManager",
  "\\btink::HybridEncrypt",
  "\\btink::HybridDecrypt",
  "\\bECIES_P256_HKDF_HMAC_SHA256_AES128_GCM",
]

[[library.algorithms]]
name = "ECIES-P256-HKDF-HMAC-SHA256-AES128-CTR-HMAC"
primitive = "asymmetric"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bHybridKeyTemplates::EciesP256HkdfHmacSha256Aes128CtrHmacSha256\\s*\\(",
  "\\bECIES_P256_HKDF_HMAC_SHA256_AES128_CTR_HMAC_SHA256",
]

[[library.algorithms]]
name = "ECIES-P256-Compressed-HKDF-AES128-GCM"
primitive = "asymmetric"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bHybridKeyTemplates::EciesP256CompressedHkdfHmacSha256Aes128Gcm\\s*\\(",
  "\\bECIES_P256_COMPRESSED_HKDF_HMAC_SHA256_AES128_GCM",
]

[[library.algorithms]]
name = "ECIES-P256-Compressed-HKDF-AES128-CTR-HMAC"
primitive = "asymmetric"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bHybridKeyTemplates::EciesP256CompressedHkdfHmacSha256Aes128CtrHmacSha256",
  "\\bECIES_P256_COMPRESSED_HKDF_HMAC_SHA256_AES128_CTR_HMAC_SHA256",
]

[[library.algorithms]]
name = "ECIES-X25519-HKDF-SHA256-AES128-GCM"
primitive = "asymmetric"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bHybridKeyTemplates::EciesX25519HkdfHmacSha256Aes128Gcm",
  "\\bEciesX25519HkdfDemHelper",
  "\\bECIES_X25519_HKDF_HMAC_SHA256_AES128_GCM",
]

[[library.algorithms]]
name = "ECIES-X25519-HKDF-SHA256-AES128-CTR-HMAC"
primitive = "asymmetric"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bHybridKeyTemplates::EciesX25519HkdfHmacSha256Aes128CtrHmacSha256",
  "\\bECIES_X25519_HKDF_HMAC_SHA256_AES128_CTR_HMAC_SHA256",
]

[[library.algorithms]]
name = "ECIES-X25519-HKDF-SHA256-AES256-GCM"
primitive = "asymmetric"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bHybridKeyTemplates::EciesX25519HkdfHmacSha256Aes256Gcm",
  "\\bECIES_X25519_HKDF_HMAC_SHA256_AES256_GCM",
]

[[library.algorithms]]
name = "ECIES-X25519-HKDF-SHA256-XChaCha20-Poly1305"
primitive = "asymmetric"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bHybridKeyTemplates::EciesX25519HkdfHmacSha256XChaCha20Poly1305",
  "\\bECIES_X25519_HKDF_HMAC_SHA256_XCHACHA20_POLY1305",
]

[[library.algorithms]]
name = "HPKE-X25519-HKDF-SHA256-AES128-GCM"
primitive = "asymmetric"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bHybridKeyTemplates::HpkeX25519HkdfSha256Aes128Gcm",
  "\\bHybridKeyTemplates::HpkeX25519HkdfSha256Aes128GcmRaw",
]

[[library.algorithms]]
name = "HPKE-X25519-HKDF-SHA256-AES256-GCM"
primitive = "asymmetric"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bHybridKeyTemplates::HpkeX25519HkdfSha256Aes256Gcm",
  "\\bHybridKeyTemplates::HpkeX25519HkdfSha256Aes256GcmRaw",
]

[[library.algorithms]]
name = "HPKE-X25519-HKDF-SHA256-ChaCha20-Poly1305"
primitive = "asymmetric"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bHybridKeyTemplates::HpkeX25519HkdfSha256ChaCha20Poly1305",
  "\\bHybridKeyTemplates::HpkeX25519HkdfSha256ChaCha20Poly1305Raw",
]

[[library.algorithms]]
name = "AES-SIV"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bDeterministicAeadKeyTemplates::Aes256Siv",
  "\\bAesSivKeyManager",
  "\\bAES256_SIV",
]

[[library.algorithms]]
name = "AES-CTR-HMAC-Streaming"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bStreamingAeadKeyTemplates::Aes128CtrHmacSha256",
  "\\bStreamingAeadKeyTemplates::Aes256CtrHmacSha256",
  "\\bAesCtrHmacStreamingKeyManager",
  "\\btink::StreamingAead",
  "\\bAES\\d+_CTR_HMAC_SHA256",
]

[[library.algorithms]]
name = "AES-GCM-HKDF-Streaming"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bStreamingAeadKeyTemplates::Aes128GcmHkdf",
  "\\bStreamingAeadKeyTemplates::Aes256GcmHkdf",
  "\\bAesGcmHkdfStreamingKeyManager",
  "\\bAES\\d+_GCM_HKDF",
]

[[library.algorithms]]
name = "HKDF"
primitive = "kdf"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bHkdf",
  "\\bHkdfStreamingPrf",
  "\\btink::subtle::Hkdf",
]

[[library.algorithms]]
name = "HMAC-PRF"
primitive = "kdf"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bPrfKeyTemplates::HmacSha256",
  "\\bPrfKeyTemplates::HmacSha512",
  "\\bHmacPrfKeyManager",
  "\\btink::Prf",
]

[[library.algorithms]]
name = "AES-CMAC-PRF"
primitive = "kdf"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bPrfKeyTemplates::AesCmac",
  "\\bAesCmacPrfKeyManager",
]

[[library.algorithms]]
name = "HKDF-PRF"
primitive = "kdf"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bPrfKeyTemplates::HkdfSha256",
  "\\bHkdfPrfKeyManager",
]

[[library]]
name = "Botan"
languages = ["C++"]
[library.patterns]
include = [
  "^\\s*#\\s*include\\s*<botan/[A-Za-z0-9_./-]+>",
]
apis = [
  "\\bBotan::[A-Za-z0-9_:]+\\s*\\(",
  "\\bBotan::[A-Za-z0-9_:]+\\b",
]

# Algorithm definitions for Botan
[[library.algorithms]]
name = "RSA"
primitive = "signature"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bBotan::RSA_PrivateKey",
  "\\bRSA_PrivateKey",
]
[[library.algorithms.parameter_patterns]]
name = "keySize"
pattern = "RSA_PrivateKey\\s*\\([^,]*,\\s*(\\d+)"

[[library.algorithms]]
name = "AES-GCM"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bBotan::AEAD_Mode.*AES.*GCM",
  "\\bAES-\\d+/GCM",
]
[[library.algorithms.parameter_patterns]]
name = "keySize"
pattern = "AES-(\\d+)/GCM"

[[library.algorithms]]
name = "AES"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bBotan::BlockCipher.*AES",
  "\\bAES-128",
  "\\bAES-192",
  "\\bAES-256",
]
[[library.algorithms.parameter_patterns]]
name = "keySize"
pattern = "AES-(\\d+)"

[[library.algorithms]]
name = "DES"
primitive = "symmetric"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bBotan::BlockCipher.*DES",
]

[[library.algorithms]]
name = "3DES"
primitive = "symmetric"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bBotan::BlockCipher.*TripleDES",
  "\\bTripleDES",
  "\\b3DES",
  "\\bDES-EDE",
]

[[library.algorithms]]
name = "Blowfish"
primitive = "symmetric"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bBotan::BlockCipher.*Blowfish",
  "\\bBlowfish",
]

[[library.algorithms]]
name = "Twofish"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bBotan::BlockCipher.*Twofish",
  "\\bTwofish",
]

[[library.algorithms]]
name = "Serpent"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bBotan::BlockCipher.*Serpent",
  "\\bSerpent",
]

[[library.algorithms]]
name = "CAST-128"
primitive = "symmetric"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bBotan::BlockCipher.*CAST-128",
  "\\bCAST-128",
]

[[library.algorithms]]
name = "CAST-256"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bBotan::BlockCipher.*CAST-256",
  "\\bCAST-256",
]

[[library.algorithms]]
name = "Camellia"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bBotan::BlockCipher.*Camellia",
  "\\bCamellia",
]

[[library.algorithms]]
name = "SEED"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bBotan::BlockCipher.*SEED",
  "\\bSEED",
]

[[library.algorithms]]
name = "IDEA"
primitive = "symmetric"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bBotan::BlockCipher.*IDEA",
  "\\bIDEA",
]

[[library.algorithms]]
name = "RC4"
primitive = "symmetric"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bBotan::StreamCipher.*RC4",
  "\\bRC4",
  "\\bARC4",
]

[[library.algorithms]]
name = "ChaCha20"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bBotan::StreamCipher.*ChaCha",
  "\\bChaCha20",
  "\\bChaCha",
]

[[library.algorithms]]
name = "Salsa20"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bBotan::StreamCipher.*Salsa20",
  "\\bSalsa20",
]

[[library.algorithms]]
name = "ARIA"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bBotan::BlockCipher.*ARIA",
  "\\bARIA",
]

[[library.algorithms]]
name = "SM4"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bBotan::BlockCipher.*SM4",
  "\\bSM4",
]

[[library.algorithms]]
name = "Threefish"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bBotan::BlockCipher.*Threefish",
  "\\bThreefish-512",
]

[[library.algorithms]]
name = "SHA-256"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bBotan::HashFunction.*SHA-256",
  "\\bSHA-256",
]

[[library.algorithms]]
name = "SHA-1"
primitive = "hash"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bBotan::HashFunction.*SHA-1",
  "\\bSHA-1",
]

[[library.algorithms]]
name = "SHA-224"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bBotan::HashFunction.*SHA-224",
  "\\bSHA-224",
]

[[library.algorithms]]
name = "SHA-384"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bBotan::HashFunction.*SHA-384",
  "\\bSHA-384",
]

[[library.algorithms]]
name = "SHA-512"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bBotan::HashFunction.*SHA-512",
  "\\bSHA-512",
]

[[library.algorithms]]
name = "SHA3-256"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bBotan::HashFunction.*SHA3-256",
  "\\bSHA3-256",
]

[[library.algorithms]]
name = "SHA3-512"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bBotan::HashFunction.*SHA3-512",
  "\\bSHA3-512",
]

[[library.algorithms]]
name = "MD5"
primitive = "hash"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bBotan::HashFunction.*MD5",
  "\\bBotan::MD5",
]

[[library.algorithms]]
name = "RIPEMD-160"
primitive = "hash"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bBotan::HashFunction.*RIPEMD-160",
  "\\bRIPEMD-160",
]

[[library.algorithms]]
name = "Whirlpool"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bBotan::HashFunction.*Whirlpool",
  "\\bWhirlpool",
]

[[library.algorithms]]
name = "BLAKE2b"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bBotan::HashFunction.*BLAKE2b",
  "\\bBLAKE2b",
]

[[library.algorithms]]
name = "BLAKE2s"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bBotan::HashFunction.*BLAKE2s",
  "\\bBLAKE2s",
]

[[library.algorithms]]
name = "SHA3-224"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bBotan::HashFunction.*SHA3-224",
  "\\bSHA3-224",
]

[[library.algorithms]]
name = "SHA3-384"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bBotan::HashFunction.*SHA3-384",
  "\\bSHA3-384",
]

[[library.algorithms]]
name = "SHAKE128"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bBotan::HashFunction.*SHAKE-128",
  "\\bSHAKE-128",
]

[[library.algorithms]]
name = "SHAKE256"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bBotan::HashFunction.*SHAKE-256",
  "\\bSHAKE-256",
]

[[library.algorithms]]
name = "ChaCha20-Poly1305"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bBotan::AEAD_Mode.*ChaCha20Poly1305",
  "\\bChaCha20Poly1305",
]

[[library.algorithms]]
name = "CAST5"
primitive = "symmetric"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bBotan::BlockCipher.*CAST5",
  "\\bBotan::BlockCipher.*CAST-128",
  "\\bCAST5",
]

# =========================
# Java
# =========================

[[library]]
name = "Java JCA/JCE"
languages = ["Java"]
[library.patterns]
include = [
  "^\\s*import\\s+javax\\.crypto\\.",
  "^\\s*import\\s+java\\.security\\.",
]
apis = [
  "\\b(?:Cipher|MessageDigest|Signature|KeyPairGenerator|Mac)\\.getInstance\\s*\\(",
  "\\bKeyFactory\\.getInstance\\s*\\(",
  "\\bKeyAgreement\\.getInstance\\s*\\(",
  "\\bSecretKeySpec\\s*\\(",
  # ParameterSpec classes
  "\\bIvParameterSpec\\s*\\(",
  "\\bPBEParameterSpec\\s*\\(",
  "\\bRC2ParameterSpec\\s*\\(",
  "\\bRC5ParameterSpec\\s*\\(",
  "\\bGCMParameterSpec\\s*\\(",
  "\\bChaCha20ParameterSpec\\s*\\(",
  "\\bDHParameterSpec\\s*\\(",
  "\\bDSAParameterSpec\\s*\\(",
  "\\bECParameterSpec\\b",
  "\\bRSAKeyGenParameterSpec\\s*\\(",
  "\\bMGF1ParameterSpec\\b",
  "\\bPSSParameterSpec\\s*\\(",
  "\\bOAEPParameterSpec\\s*\\(",
]

# Algorithm definitions for JCA/JCE
[[library.algorithms]]
name = "RSA"
primitive = "signature"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bKeyPairGenerator\\.getInstance\\s*\\(\\s*[\"']RSA[\"']",
  "\\bRSA",
]
[[library.algorithms.parameter_patterns]]
name = "keySize"
pattern = "RSAKeyGenParameterSpec\\s*\\(\\s*(\\d+)"

[[library.algorithms]]
name = "AES"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bCipher\\.getInstance\\s*\\(\\s*[\"']AES",
  "\\bCipher\\.getInstance\\s*\\(\\s*[\"']AES/(?:ECB|CBC|CFB|CFB8|CFB128|OFB|OFB8|OFB128|CTR|GCM|CCM|CTS)/(?:NoPadding|PKCS5Padding|ISO10126Padding)[\"']",
  "\\bKeyGenerator\\.getInstance\\s*\\(\\s*[\"']AES[\"']",
]
[[library.algorithms.parameter_patterns]]
name = "keySize"
pattern = "init\\s*\\(\\s*(\\d+)"

[[library.algorithms]]
name = "DES"
primitive = "symmetric"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bCipher\\.getInstance\\s*\\(\\s*[\"']DES/(?:ECB|CBC)/(?:NoPadding|PKCS5Padding)[\"']",
]
[[library.algorithms.parameter_patterns]]
name = "mode"
pattern = "Cipher\\.getInstance\\s*\\([^)]*DES/(ECB|CBC)"

[[library.algorithms]]
name = "3DES"
primitive = "symmetric"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bCipher\\.getInstance\\s*\\(\\s*[\"']DESede/(?:ECB|CBC)/(?:NoPadding|PKCS5Padding)[\"']",
]
[[library.algorithms.parameter_patterns]]
name = "mode"
pattern = "Cipher\\.getInstance\\s*\\([^)]*DESede/(ECB|CBC)"

[[library.algorithms]]
name = "Blowfish"
primitive = "symmetric"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bCipher\\.getInstance\\s*\\(\\s*[\"']Blowfish/(?:ECB|CBC)/(?:NoPadding|PKCS5Padding)[\"']",
]

[[library.algorithms]]
name = "RC4"
primitive = "symmetric"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bCipher\\.getInstance\\s*\\(\\s*[\"']RC4[\"']",
]

[[library.algorithms]]
name = "ChaCha20"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bCipher\\.getInstance\\s*\\(\\s*[\"']ChaCha20[\"']",
]

[[library.algorithms]]
name = "ChaCha20-Poly1305"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bCipher\\.getInstance\\s*\\(\\s*[\"']ChaCha20-Poly1305[\"']",
]

[[library.algorithms]]
name = "RSA-Cipher"
primitive = "pke"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bCipher\\.getInstance\\s*\\(\\s*[\"']RSA/ECB/(?:PKCS1Padding|OAEPPadding|OAEPWithSHA-1AndMGF1Padding|OAEPWithSHA-256AndMGF1Padding|NoPadding)[\"']",
]

[[library.algorithms]]
name = "ECDSA"
primitive = "signature"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bSignature\\.getInstance\\s*\\([^)]*ECDSA",
  "\\bKeyPairGenerator\\.getInstance\\s*\\(\\s*[\"']EC[\"']",
]
[[library.algorithms.parameter_patterns]]
name = "curve"
pattern = "initialize\\s*\\(\\s*(256|384|521)"

[[library.algorithms]]
name = "SHA-256"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bMessageDigest\\.getInstance\\s*\\([^)]*SHA-?256",
  "\\bSHA256with",
]

[[library.algorithms]]
name = "HMAC-SHA256"
primitive = "mac"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bMac\\.getInstance\\s*\\([^)]*HmacSHA256",
]

[[library.algorithms]]
name = "SHA-1"
primitive = "hash"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bMessageDigest\\.getInstance\\s*\\([^)]*SHA-?1[\"']",
  "\\bSHA1with",
]

[[library.algorithms]]
name = "SHA-224"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bMessageDigest\\.getInstance\\s*\\([^)]*SHA-?224",
]

[[library.algorithms]]
name = "SHA-384"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bMessageDigest\\.getInstance\\s*\\([^)]*SHA-?384",
]

[[library.algorithms]]
name = "SHA-512"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bMessageDigest\\.getInstance\\s*\\([^)]*SHA-?512",
]

[[library.algorithms]]
name = "SHA3-224"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bMessageDigest\\.getInstance\\s*\\([^)]*SHA3-224",
]

[[library.algorithms]]
name = "SHA3-256"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bMessageDigest\\.getInstance\\s*\\([^)]*SHA3-256",
]

[[library.algorithms]]
name = "SHA3-384"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bMessageDigest\\.getInstance\\s*\\([^)]*SHA3-384",
]

[[library.algorithms]]
name = "SHA3-512"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bMessageDigest\\.getInstance\\s*\\([^)]*SHA3-512",
]

[[library.algorithms]]
name = "MD5"
primitive = "hash"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bMessageDigest\\.getInstance\\s*\\([^)]*MD5",
]

[[library.algorithms]]
name = "AES-GCM"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bCipher\\.getInstance\\s*\\(\\s*[\"']AES/GCM/NoPadding[\"']",
]

[[library.algorithms]]
name = "CAST5"
primitive = "symmetric"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bCipher\\.getInstance\\s*\\(\\s*[\"']CAST5",
]

[[library.algorithms]]
name = "AES-CBC"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bCipher\\.getInstance\\s*\\(\\s*[\"']AES/CBC/PKCS5Padding[\"']",
]

[[library.algorithms]]
name = "AES-ECB"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bCipher\\.getInstance\\s*\\(\\s*[\"']AES/ECB/PKCS5Padding[\"']",
]

[[library.algorithms]]
name = "RC2"
primitive = "symmetric"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bCipher\\.getInstance\\s*\\(\\s*[\"']RC2",
  "\\bKeyGenerator\\.getInstance\\s*\\(\\s*[\"']RC2[\"']",
]

[[library.algorithms]]
name = "DH"
primitive = "keyexchange"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bKeyPairGenerator\\.getInstance\\s*\\(\\s*[\"']DH[\"']",
  "\\bKeyAgreement\\.getInstance\\s*\\(\\s*[\"']DH[\"']",
]

[[library.algorithms]]
name = "DSA"
primitive = "signature"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bKeyPairGenerator\\.getInstance\\s*\\(\\s*[\"']DSA[\"']",
  "\\bSignature\\.getInstance\\s*\\([^)]*DSA",
]

[[library.algorithms]]
name = "ECDSA-P256"
primitive = "signature"
nistQuantumSecurityLevel = 1
symbol_patterns = [
  "\\bECGenParameterSpec\\s*\\(\\s*[\"']secp256r1[\"']",
]

[[library.algorithms]]
name = "ECDSA-P384"
primitive = "signature"
nistQuantumSecurityLevel = 2
symbol_patterns = [
  "\\bECGenParameterSpec\\s*\\(\\s*[\"']secp384r1[\"']",
]

[[library.algorithms]]
name = "ECDSA-P521"
primitive = "signature"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bECGenParameterSpec\\s*\\(\\s*[\"']secp521r1[\"']",
]

[[library.algorithms]]
name = "SHA1withRSA"
primitive = "signature"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bSignature\\.getInstance\\s*\\(\\s*[\"']SHA1withRSA[\"']",
]

[[library.algorithms]]
name = "SHA256withRSA"
primitive = "signature"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bSignature\\.getInstance\\s*\\(\\s*[\"']SHA256withRSA[\"']",
]

[[library.algorithms]]
name = "SHA512withRSA"
primitive = "signature"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bSignature\\.getInstance\\s*\\(\\s*[\"']SHA512withRSA[\"']",
]

[[library.algorithms]]
name = "SHA1withDSA"
primitive = "signature"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bSignature\\.getInstance\\s*\\(\\s*[\"']SHA1withDSA[\"']",
]

[[library.algorithms]]
name = "SHA256withDSA"
primitive = "signature"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bSignature\\.getInstance\\s*\\(\\s*[\"']SHA256withDSA[\"']",
]

[[library.algorithms]]
name = "SHA256withECDSA"
primitive = "signature"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bSignature\\.getInstance\\s*\\(\\s*[\"']SHA256withECDSA[\"']",
]

[[library.algorithms]]
name = "SHA384withECDSA"
primitive = "signature"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bSignature\\.getInstance\\s*\\(\\s*[\"']SHA384withECDSA[\"']",
]

[[library.algorithms]]
name = "SHA512withECDSA"
primitive = "signature"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bSignature\\.getInstance\\s*\\(\\s*[\"']SHA512withECDSA[\"']",
]

[[library.algorithms]]
name = "RSASSA-PSS"
primitive = "signature"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bSignature\\.getInstance\\s*\\(\\s*[\"']RSASSA-PSS[\"']",
]

[[library.algorithms]]
name = "Ed25519"
primitive = "signature"
nistQuantumSecurityLevel = 1
symbol_patterns = [
  "\\bKeyPairGenerator\\.getInstance\\s*\\(\\s*[\"']Ed25519[\"']",
  "\\bSignature\\.getInstance\\s*\\(\\s*[\"']Ed25519[\"']",
]

[[library.algorithms]]
name = "Ed448"
primitive = "signature"
nistQuantumSecurityLevel = 2
symbol_patterns = [
  "\\bKeyPairGenerator\\.getInstance\\s*\\(\\s*[\"']Ed448[\"']",
  "\\bSignature\\.getInstance\\s*\\(\\s*[\"']Ed448[\"']",
]

[[library.algorithms]]
name = "HmacMD5"
primitive = "mac"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bMac\\.getInstance\\s*\\(\\s*[\"']HmacMD5[\"']",
  "\\bKeyGenerator\\.getInstance\\s*\\(\\s*[\"']HmacMD5[\"']",
]

[[library.algorithms]]
name = "HmacSHA1"
primitive = "mac"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bMac\\.getInstance\\s*\\(\\s*[\"']HmacSHA1[\"']",
  "\\bKeyGenerator\\.getInstance\\s*\\(\\s*[\"']HmacSHA1[\"']",
]

[[library.algorithms]]
name = "HmacSHA224"
primitive = "mac"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bMac\\.getInstance\\s*\\(\\s*[\"']HmacSHA224[\"']",
  "\\bKeyGenerator\\.getInstance\\s*\\(\\s*[\"']HmacSHA224[\"']",
]

[[library.algorithms]]
name = "HmacSHA384"
primitive = "mac"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bMac\\.getInstance\\s*\\(\\s*[\"']HmacSHA384[\"']",
  "\\bKeyGenerator\\.getInstance\\s*\\(\\s*[\"']HmacSHA384[\"']",
]

[[library.algorithms]]
name = "HmacSHA512"
primitive = "mac"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bMac\\.getInstance\\s*\\(\\s*[\"']HmacSHA512[\"']",
  "\\bKeyGenerator\\.getInstance\\s*\\(\\s*[\"']HmacSHA512[\"']",
]

[[library.algorithms]]
name = "HmacSHA3-224"
primitive = "mac"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bMac\\.getInstance\\s*\\(\\s*[\"']HmacSHA3-224[\"']",
  "\\bKeyGenerator\\.getInstance\\s*\\(\\s*[\"']HmacSHA3-224[\"']",
]

[[library.algorithms]]
name = "HmacSHA3-256"
primitive = "mac"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bMac\\.getInstance\\s*\\(\\s*[\"']HmacSHA3-256[\"']",
  "\\bKeyGenerator\\.getInstance\\s*\\(\\s*[\"']HmacSHA3-256[\"']",
]

[[library.algorithms]]
name = "HmacSHA3-384"
primitive = "mac"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bMac\\.getInstance\\s*\\(\\s*[\"']HmacSHA3-384[\"']",
  "\\bKeyGenerator\\.getInstance\\s*\\(\\s*[\"']HmacSHA3-384[\"']",
]

[[library.algorithms]]
name = "HmacSHA3-512"
primitive = "mac"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bMac\\.getInstance\\s*\\(\\s*[\"']HmacSHA3-512[\"']",
  "\\bKeyGenerator\\.getInstance\\s*\\(\\s*[\"']HmacSHA3-512[\"']",
]

[[library.algorithms]]
name = "PBKDF2"
primitive = "kdf"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bSecretKeyFactory\\.getInstance\\s*\\(\\s*[\"']PBKDF2",
]

[[library]]
name = "BouncyCastle"
languages = ["Java"]
[library.patterns]
include = [
  "^\\s*import\\s+org\\.bouncycastle\\.",
]
apis = [
  "\\borg\\.bouncycastle\\.[A-Za-z0-9_.]+\\b",
  "\\bnew\\s+org\\.bouncycastle\\.[A-Za-z0-9_.]+\\s*\\(",
]

# Algorithm definitions for BouncyCastle
[[library.algorithms]]
name = "RSA"
primitive = "signature"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bBouncyCastleProvider",
  "\\bKeyPairGenerator\\.getInstance\\s*\\([^)]*RSA[^)]*BC",
]
[[library.algorithms.parameter_patterns]]
name = "keySize"
pattern = "initialize\\s*\\([^)]*?(\\d{4})"

[[library.algorithms]]
name = "ECDSA"
primitive = "signature"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bKeyPairGenerator\\.getInstance\\s*\\([^)]*EC[^)]*BC",
  "\\bSignature\\.getInstance\\s*\\([^)]*ECDSA[^)]*BC",
]

[[library.algorithms]]
name = "Kyber-512"
primitive = "keyexchange"
nistQuantumSecurityLevel = 1
symbol_patterns = [
  "\\bKeyPairGenerator\\.getInstance\\s*\\([^)]*(?:KYBER512|MLKEM512)[^)]*BCPQC",
  "\\bKEMGenerator\\.getInstance\\s*\\([^)]*(?:KYBER512|MLKEM512)[^)]*BCPQC",
]

[[library.algorithms]]
name = "Kyber-768"
primitive = "keyexchange"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bKeyPairGenerator\\.getInstance\\s*\\([^)]*(?:KYBER768|MLKEM768)[^)]*BCPQC",
  "\\bKEMGenerator\\.getInstance\\s*\\([^)]*(?:KYBER768|MLKEM768)[^)]*BCPQC",
]

[[library.algorithms]]
name = "Kyber-1024"
primitive = "keyexchange"
nistQuantumSecurityLevel = 5
symbol_patterns = [
  "\\bKeyPairGenerator\\.getInstance\\s*\\([^)]*(?:KYBER1024|MLKEM1024)[^)]*BCPQC",
  "\\bKEMGenerator\\.getInstance\\s*\\([^)]*(?:KYBER1024|MLKEM1024)[^)]*BCPQC",
]

[[library.algorithms]]
name = "Dilithium2"
primitive = "signature"
nistQuantumSecurityLevel = 2
symbol_patterns = [
  "\\bKeyPairGenerator\\.getInstance\\s*\\([^)]*DILITHIUM2[^)]*BCPQC",
  "\\bSignature\\.getInstance\\s*\\([^)]*DILITHIUM2[^)]*BCPQC",
]

[[library.algorithms]]
name = "Dilithium3"
primitive = "signature"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bKeyPairGenerator\\.getInstance\\s*\\([^)]*DILITHIUM3[^)]*BCPQC",
  "\\bSignature\\.getInstance\\s*\\([^)]*DILITHIUM3[^)]*BCPQC",
]

[[library.algorithms]]
name = "Dilithium5"
primitive = "signature"
nistQuantumSecurityLevel = 5
symbol_patterns = [
  "\\bKeyPairGenerator\\.getInstance\\s*\\([^)]*DILITHIUM5[^)]*BCPQC",
  "\\bSignature\\.getInstance\\s*\\([^)]*DILITHIUM5[^)]*BCPQC",
]

[[library.algorithms]]
name = "Falcon-512"
primitive = "signature"
nistQuantumSecurityLevel = 1
symbol_patterns = [
  "\\bKeyPairGenerator\\.getInstance\\s*\\([^)]*FALCON-?512[^)]*BCPQC",
  "\\bSignature\\.getInstance\\s*\\([^)]*FALCON-?512[^)]*BCPQC",
]

[[library.algorithms]]
name = "Falcon-1024"
primitive = "signature"
nistQuantumSecurityLevel = 5
symbol_patterns = [
  "\\bKeyPairGenerator\\.getInstance\\s*\\([^)]*FALCON-?1024[^)]*BCPQC",
  "\\bSignature\\.getInstance\\s*\\([^)]*FALCON-?1024[^)]*BCPQC",
]

[[library.algorithms]]
name = "SPHINCS+-128"
primitive = "signature"
nistQuantumSecurityLevel = 1
symbol_patterns = [
  "\\bKeyPairGenerator\\.getInstance\\s*\\([^)]*SPHINCS\\+?.*128[^)]*BCPQC",
  "\\bSignature\\.getInstance\\s*\\([^)]*SPHINCS\\+?.*128[^)]*BCPQC",
]

[[library.algorithms]]
name = "SPHINCS+-192"
primitive = "signature"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bKeyPairGenerator\\.getInstance\\s*\\([^)]*SPHINCS\\+?.*192[^)]*BCPQC",
  "\\bSignature\\.getInstance\\s*\\([^)]*SPHINCS\\+?.*192[^)]*BCPQC",
]

[[library.algorithms]]
name = "SPHINCS+-256"
primitive = "signature"
nistQuantumSecurityLevel = 5
symbol_patterns = [
  "\\bKeyPairGenerator\\.getInstance\\s*\\([^)]*SPHINCS\\+?.*256[^)]*BCPQC",
  "\\bSignature\\.getInstance\\s*\\([^)]*SPHINCS\\+?.*256[^)]*BCPQC",
]

[[library.algorithms]]
name = "AES"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bCipher\\.getInstance\\s*\\([^)]*AES[^)]*BC",
]

[[library.algorithms]]
name = "SHA-256"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bMessageDigest\\.getInstance\\s*\\([^)]*SHA-?256[^)]*BC",
]

[[library.algorithms]]
name = "HMAC-SHA256"
primitive = "mac"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bMac\\.getInstance\\s*\\([^)]*HmacSHA256[^)]*BC",
]

[[library.algorithms]]
name = "AES-GCM"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bCipher\\.getInstance\\s*\\([^)]*AES/GCM[^)]*BC",
]

[[library.algorithms]]
name = "DES"
primitive = "symmetric"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bCipher\\.getInstance\\s*\\([^)]*DES[^)]*BC",
]

[[library.algorithms]]
name = "3DES"
primitive = "symmetric"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bCipher\\.getInstance\\s*\\([^)]*DESede[^)]*BC",
]

[[library.algorithms]]
name = "Blowfish"
primitive = "symmetric"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bCipher\\.getInstance\\s*\\([^)]*Blowfish[^)]*BC",
]

[[library.algorithms]]
name = "CAST5"
primitive = "symmetric"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bCipher\\.getInstance\\s*\\([^)]*CAST5[^)]*BC",
]

[[library.algorithms]]
name = "RC4"
primitive = "symmetric"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bCipher\\.getInstance\\s*\\([^)]*RC4[^)]*BC",
  "\\bCipher\\.getInstance\\s*\\([^)]*ARC4[^)]*BC",
]

[[library.algorithms]]
name = "ChaCha20"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bCipher\\.getInstance\\s*\\([^)]*ChaCha20[^)]*BC",
  "\\bCipher\\.getInstance\\s*\\([^)]*ChaCha7539[^)]*BC",
]

[[library.algorithms]]
name = "ChaCha20-Poly1305"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bCipher\\.getInstance\\s*\\([^)]*ChaCha20-Poly1305[^)]*BC",
]

[[library.algorithms]]
name = "SHA-1"
primitive = "hash"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bMessageDigest\\.getInstance\\s*\\([^)]*SHA-?1[^)]*BC",
]

[[library.algorithms]]
name = "SHA-224"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bMessageDigest\\.getInstance\\s*\\([^)]*SHA-?224[^)]*BC",
]

[[library.algorithms]]
name = "SHA-384"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bMessageDigest\\.getInstance\\s*\\([^)]*SHA-?384[^)]*BC",
]

[[library.algorithms]]
name = "SHA-512"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bMessageDigest\\.getInstance\\s*\\([^)]*SHA-?512[^)]*BC",
]

[[library.algorithms]]
name = "SHA3-224"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bMessageDigest\\.getInstance\\s*\\([^)]*SHA3-224[^)]*BC",
]

[[library.algorithms]]
name = "SHA3-256"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bMessageDigest\\.getInstance\\s*\\([^)]*SHA3-256[^)]*BC",
]

[[library.algorithms]]
name = "SHA3-384"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bMessageDigest\\.getInstance\\s*\\([^)]*SHA3-384[^)]*BC",
]

[[library.algorithms]]
name = "SHA3-512"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bMessageDigest\\.getInstance\\s*\\([^)]*SHA3-512[^)]*BC",
]

[[library.algorithms]]
name = "SHAKE128"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bMessageDigest\\.getInstance\\s*\\([^)]*SHAKE128[^)]*BC",
]

[[library.algorithms]]
name = "SHAKE256"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bMessageDigest\\.getInstance\\s*\\([^)]*SHAKE256[^)]*BC",
]

[[library.algorithms]]
name = "MD5"
primitive = "hash"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bMessageDigest\\.getInstance\\s*\\([^)]*MD5[^)]*BC",
]

[[library.algorithms]]
name = "BLAKE2b"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bMessageDigest\\.getInstance\\s*\\([^)]*BLAKE2B[^)]*BC",
]

[[library.algorithms]]
name = "BLAKE2s"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bMessageDigest\\.getInstance\\s*\\([^)]*BLAKE2S[^)]*BC",
]

[[library.algorithms]]
name = "RIPEMD-160"
primitive = "hash"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bMessageDigest\\.getInstance\\s*\\([^)]*RIPEMD160[^)]*BC",
]

[[library]]
name = "Google Tink (Java)"
languages = ["Java"]
[library.patterns]
include = [
  "^\\s*import\\s+com\\.google\\.crypto\\.tink\\.",
]
apis = [
  "\\bTinkConfig\\.register\\s*\\(",
  "\\b(?:AeadConfig|MacConfig|SignatureConfig)\\.register\\s*\\(",
  "\\b(?:Aead|Mac|HybridDecrypt|HybridEncrypt|PublicKeySign|PublicKeyVerify)\\b",
  "\\b(?:AeadKeyTemplates|MacKeyTemplates|SignatureKeyTemplates)\\b",
]

# Algorithm definitions for Google Tink (Java)
[[library.algorithms]]
name = "AES-GCM"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bAeadKeyTemplates\\.AES\\d+_GCM",
  "\\bcom\\.google\\.crypto\\.tink\\.aead\\.AesGcmKeyManager",
  "\\bAesGcmKeyManager\\.aes\\d+GcmTemplate",
  "\\btink\\.aead\\.AesGcmKeyManager",
]
[[library.algorithms.parameter_patterns]]
name = "keySize"
pattern = "AES(\\d+)_GCM"

[[library.algorithms]]
name = "AES-CTR-HMAC"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bAeadKeyTemplates\\.AES\\d+_CTR_HMAC_SHA256",
  "\\bAesCtrHmacAeadKeyManager",
  "\\bAES\\d+_CTR_HMAC_SHA256",
]

[[library.algorithms]]
name = "AES-EAX"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bAeadKeyTemplates\\.AES\\d+_EAX",
  "\\bAesEaxKeyManager",
  "\\bAES\\d+_EAX",
]

[[library.algorithms]]
name = "AES-GCM-SIV"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bAeadKeyTemplates\\.AES\\d+_GCM_SIV",
  "\\bAesGcmSivKeyManager",
  "\\bAES\\d+_GCM_SIV",
]

[[library.algorithms]]
name = "ChaCha20-Poly1305"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bAeadKeyTemplates\\.CHACHA20_POLY1305",
  "\\bChaCha20Poly1305KeyManager",
]

[[library.algorithms]]
name = "XChaCha20-Poly1305"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bAeadKeyTemplates\\.XCHACHA20_POLY1305",
  "\\bXChaCha20Poly1305KeyManager",
]

[[library.algorithms]]
name = "HMAC-SHA256"
primitive = "mac"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bMacKeyTemplates\\.HMAC_SHA256",
  "\\bMac\\.class",
]

[[library.algorithms]]
name = "SHA-256"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bSHA256",
  "\\bPrfKeyTemplates\\.HMAC_SHA256_PRF",
  "\\bPrf\\.class",
]

[[library]]
name = "Conscrypt"
languages = ["Java"]
[library.patterns]
include = [
  "^\\s*import\\s+org\\.conscrypt\\.",
]
apis = [
  "\\bConscrypt\\.newProvider\\s*\\(",
  "\\bOpenSSLProvider\\b",
]

# Algorithm definitions for Conscrypt
[[library.algorithms]]
name = "AES-GCM"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bConscrypt\\.newProvider",
  "\\bCipher\\.getInstance\\s*\\([^)]*AES.*GCM",
]

[[library.algorithms]]
name = "RSA"
primitive = "signature"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bKeyPairGenerator\\.getInstance\\s*\\([^)]*RSA",
]

# =========================
# Go
# =========================

[[library]]
name = "Go std crypto"
languages = ["Go"]
[library.patterns]
include = [
  "^\\s*import\\s*(?:\\(.*\\)|)\\s*[\\s\\S]*?\"crypto/(?:aes|des|rc4|sha\\d*|md5|rsa|ecdsa|ed25519|x509|rand|tls|cipher|hmac)\"",
  "^\\s*import\\s*(?:\\(.*\\)|)\\s*[\\s\\S]*?\"golang\\.org/x/crypto/",
]
apis = [
  "\\baes\\.NewCipher\\b",
  "\\bcipher\\.New(?:GCM|CTR|CFB|OFB)\\b",
  "\\bsha256\\.(?:Sum256|New)\\b",
  "\\bhmac\\.(?:New|Equal)\\b",
  "\\brsa\\.(?:GenerateKey|SignPKCS1v15|VerifyPKCS1v15|EncryptOAEP)\\b",
  "\\becdsa\\.(?:GenerateKey|Sign|Verify)\\b",
  "\\bed25519\\.(?:GenerateKey|Sign|Verify)\\b",
]

# Algorithm definitions for Go std crypto
[[library.algorithms]]
name = "AES-GCM"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bcipher\\.NewGCM",
]

[[library.algorithms]]
name = "SHA-256"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bsha256\\.Sum256",
  "\\bsha256\\.New",
]

[[library.algorithms]]
name = "HMAC-SHA256"
primitive = "mac"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bhmac\\.New.*sha256",
]

[[library.algorithms]]
name = "RSA"
primitive = "signature"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\brsa\\.GenerateKey",
  "\\brsa\\.SignPKCS1v15",
  "\\brsa\\.VerifyPKCS1v15",
  "\\brsa\\.EncryptOAEP",
]
[[library.algorithms.parameter_patterns]]
name = "keySize"
pattern = "GenerateKey\\s*\\([^,]*,\\s*(\\d+)"

[[library.algorithms]]
name = "ECDSA"
primitive = "signature"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\becdsa\\.GenerateKey",
  "\\becdsa\\.Sign",
]

[[library.algorithms]]
name = "AES-GCM"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bcipher\\.NewGCM",
]

[[library.algorithms]]
name = "SHA-256"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bsha256\\.Sum256",
  "\\bsha256\\.New",
]

[[library.algorithms]]
name = "SHA-512"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bsha512\\.Sum512",
  "\\bsha512\\.New",
]

[[library.algorithms]]
name = "SHA-1"
primitive = "hash"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bsha1\\.Sum",
  "\\bsha1\\.New",
]

[[library.algorithms]]
name = "SHA-224"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bsha256\\.Sum224",
  "\\bsha256\\.New224",
]

[[library.algorithms]]
name = "SHA-384"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bsha512\\.Sum384",
  "\\bsha512\\.New384",
]

[[library.algorithms]]
name = "MD5"
primitive = "hash"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bmd5\\.Sum",
  "\\bmd5\\.New",
]

[[library.algorithms]]
name = "AES"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\baes\\.NewCipher",
  "\\bcipher\\.NewCBCEncrypter",
  "\\bcipher\\.NewCBCDecrypter",
  "\\bcipher\\.NewCFBEncrypter",
  "\\bcipher\\.NewCFBDecrypter",
  "\\bcipher\\.NewOFB",
  "\\bcipher\\.NewCTR",
]

[[library.algorithms]]
name = "DES"
primitive = "symmetric"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bdes\\.NewCipher",
  "\\bdes\\.NewTripleDESCipher",
]

[[library.algorithms]]
name = "3DES"
primitive = "symmetric"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bdes\\.NewTripleDESCipher",
]

[[library.algorithms]]
name = "RC4"
primitive = "symmetric"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\brc4\\.NewCipher",
]

[[library]]
name = "golang.org/x/crypto"
languages = ["Go"]
[library.patterns]
include = [
  "^\\s*import\\s*(?:\\(.*\\)|)\\s*[\\s\\S]*?\"golang\\.org/x/crypto/",
]
apis = [
  "\\bx?crypto\\b", # weak signal; primary detection via import above
]

# Algorithm definitions for golang.org/x/crypto
[[library.algorithms]]
name = "ChaCha20Poly1305"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bchacha20poly1305\\.New",
  "\\bchachapolykey",
]
[[library.algorithms.parameter_patterns]]
name = "keySize"
pattern = "chacha20poly1305\\.Key\\s*\\{[^}]*\\}"

[[library.algorithms]]
name = "Argon2"
primitive = "kdf"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bargon2\\.IDKey",
  "\\bargon2\\.Key",
]

[[library.algorithms]]
name = "PBKDF2"
primitive = "kdf"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bpbkdf2\\.Key",
]

[[library.algorithms]]
name = "ChaCha20"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bchacha20\\.NewUnauthenticatedCipher",
]

[[library.algorithms]]
name = "SHA3-224"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bsha3\\.Sum224",
  "\\bsha3\\.New224",
]

[[library.algorithms]]
name = "SHA3-256"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bsha3\\.Sum256",
  "\\bsha3\\.New256",
]

[[library.algorithms]]
name = "SHA3-384"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bsha3\\.Sum384",
  "\\bsha3\\.New384",
]

[[library.algorithms]]
name = "SHA3-512"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bsha3\\.Sum512",
  "\\bsha3\\.New512",
]

[[library.algorithms]]
name = "SHAKE128"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bsha3\\.NewShake128",
]

[[library.algorithms]]
name = "SHAKE256"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bsha3\\.NewShake256",
]

[[library.algorithms]]
name = "BLAKE2b"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bblake2b\\.Sum256",
  "\\bblake2b\\.Sum384",
  "\\bblake2b\\.Sum512",
  "\\bblake2b\\.New256",
  "\\bblake2b\\.New384",
  "\\bblake2b\\.New512",
]

[[library.algorithms]]
name = "BLAKE2s"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bblake2s\\.Sum256",
  "\\bblake2s\\.New256",
  "\\bblake2s\\.New128",
]

[[library.algorithms]]
name = "Ed25519"
primitive = "signature"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bed25519\\.GenerateKey",
  "\\bed25519\\.Sign",
  "\\bed25519\\.Verify",
]

[[library.algorithms]]
name = "AES-CBC"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bcipher\\.NewCBCEncrypter",
  "\\bcipher\\.NewCBCDecrypter",
]

[[library.algorithms]]
name = "AES-CTR"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bcipher\\.NewCTR",
]

[[library.algorithms]]
name = "AES-CFB"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bcipher\\.NewCFBEncrypter",
  "\\bcipher\\.NewCFBDecrypter",
]

[[library.algorithms]]
name = "AES-OFB"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bcipher\\.NewOFB",
]

[[library.algorithms]]
name = "RSA-OAEP"
primitive = "asymmetric"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\brsa\\.EncryptOAEP",
  "\\brsa\\.DecryptOAEP",
]

[[library.algorithms]]
name = "RSA-PSS"
primitive = "signature"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\brsa\\.SignPSS",
  "\\brsa\\.VerifyPSS",
]

[[library.algorithms]]
name = "RSA-PKCS1"
primitive = "asymmetric"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\brsa\\.EncryptPKCS1v15",
  "\\brsa\\.DecryptPKCS1v15",
  "\\brsa\\.SignPKCS1v15",
  "\\brsa\\.VerifyPKCS1v15",
]

[[library.algorithms]]
name = "ECDSA-P224"
primitive = "signature"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\belliptic\\.P224",
]

[[library.algorithms]]
name = "ECDSA-P256"
primitive = "signature"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\belliptic\\.P256",
]

[[library.algorithms]]
name = "ECDSA-P384"
primitive = "signature"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\belliptic\\.P384",
]

[[library.algorithms]]
name = "ECDSA-P521"
primitive = "signature"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\belliptic\\.P521",
]

[[library.algorithms]]
name = "ECDH-P256"
primitive = "keyexchange"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\becdh\\.P256",
]

[[library.algorithms]]
name = "ECDH-P384"
primitive = "keyexchange"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\becdh\\.P384",
]

[[library.algorithms]]
name = "ECDH-P521"
primitive = "keyexchange"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\becdh\\.P521",
]

[[library.algorithms]]
name = "X25519"
primitive = "keyexchange"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\becdh\\.X25519",
]

[[library.algorithms]]
name = "SHA-512/224"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bsha512\\.Sum512_224",
  "\\bsha512\\.New512_224",
]

[[library.algorithms]]
name = "SHA-512/256"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bsha512\\.Sum512_256",
  "\\bsha512\\.New512_256",
]

[[library.algorithms]]
name = "HMAC-MD5"
primitive = "mac"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bhmac\\.New.*md5",
]

[[library.algorithms]]
name = "HMAC-SHA1"
primitive = "mac"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bhmac\\.New.*sha1",
]

[[library.algorithms]]
name = "HMAC-SHA512"
primitive = "mac"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bhmac\\.New.*sha512",
]

[[library.algorithms]]
name = "scrypt"
primitive = "kdf"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bscrypt\\.Key",
]

[[library.algorithms]]
name = "HKDF"
primitive = "kdf"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bhkdf\\.New",
  "\\bhkdf\\.Extract",
  "\\bhkdf\\.Expand",
]

[[library.algorithms]]
name = "XChaCha20-Poly1305"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bchacha20poly1305\\.NewX",
]

[[library.algorithms]]
name = "ChaCha20-Poly1305"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bchacha20poly1305\\.New\\b",
]

[[library.algorithms]]
name = "RIPEMD-160"
primitive = "hash"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bripemd160\\.Sum",
  "\\bripemd160\\.New",
]

[[library.algorithms]]
name = "Blowfish"
primitive = "symmetric"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bblowfish\\.NewCipher",
  "\\bblowfish\\.NewSaltedCipher",
]

[[library.algorithms]]
name = "CAST5"
primitive = "symmetric"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bcast5\\.NewCipher",
]

[[library]]
name = "Google Tink (Go)"
languages = ["Go"]
[library.patterns]
include = [
  "^\\s*import\\s*(?:\\(.*\\)|)\\s*[\\s\\S]*?\"github\\.com/google/tink/go/",
]
apis = [
  "\\baead\\.(?:Init|New|AES256GCMKeyTemplate)\\s*\\(",
  "\\bmac\\.(?:Init|New|HMACSHA256Tag256KeyTemplate)\\s*\\(",
  "\\bsignature\\.(?:Init|NewSigner|NewVerifier|RSA_PSS_3072_SHA256_F4_KeyTemplate)\\s*\\(",
  "\\bkeyset\\.NewHandle\\s*\\(",
]

# Algorithm definitions for Google Tink (Go)
[[library.algorithms]]
name = "AES-GCM"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\baead\\.AES\\d+GCMKeyTemplate",
  "\\bgithub\\.com/google/tink/go/aead\\.New",
  "\\btink/go/aead/subtle/aesgcm",
  "\\baesgcm\\.New",
]

[[library.algorithms]]
name = "AES-CTR-HMAC"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\baead\\.AES\\d+CTRHMACSHA256KeyTemplate",
  "\\baesctrhmac\\.",
]

[[library.algorithms]]
name = "AES-GCM-SIV"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\baead\\.AES\\d+GCMSIVKeyTemplate",
  "\\baesgcmsiv\\.",
]

[[library.algorithms]]
name = "ChaCha20-Poly1305"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\baead\\.ChaCha20Poly1305KeyTemplate",
  "\\bchacha20poly1305\\.",
]

[[library.algorithms]]
name = "XChaCha20-Poly1305"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\baead\\.XChaCha20Poly1305KeyTemplate",
  "\\bxchacha20poly1305\\.",
]

[[library.algorithms]]
name = "HMAC-SHA256"
primitive = "mac"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bmac\\.HMACSHA256Tag256KeyTemplate",
  "\\bmac\\.New",
]

[[library.algorithms]]
name = "RSA"
primitive = "signature"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bsignature\\.RSA_PSS_3072_SHA256_F4_KeyTemplate",
  "\\bsignature\\.NewSigner",
]

[[library]]
name = "CIRCL (Cloudflare)"
languages = ["Go"]
[library.patterns]
include = [
  "^\\s*import\\s*(?:\\(.*\\)|)\\s*[\\s\\S]*?\"github\\.com/cloudflare/circl/(?:kem/kyber|sign/dilithium|sign/falcon|sign/sphincsplus)",
]
apis = [
  "\\bkyber(?:512|768|1024)?\\.",
  "\\bdilithium\\.",
  "\\bfalcon\\.",
  "\\bsphincsplus\\.",
]

# Algorithm definitions for CIRCL
[[library.algorithms]]
name = "Kyber-512"
primitive = "keyexchange"
nistQuantumSecurityLevel = 1
symbol_patterns = [
  "\\bkyber512\\.",
  "\\bKyber512\\b",
]

[[library.algorithms]]
name = "Kyber-768"
primitive = "keyexchange"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bkyber768\\.",
  "\\bKyber768\\b",
]

[[library.algorithms]]
name = "Kyber-1024"
primitive = "keyexchange"
nistQuantumSecurityLevel = 5
symbol_patterns = [
  "\\bkyber1024\\.",
  "\\bKyber1024\\b",
]

[[library.algorithms]]
name = "Dilithium2"
primitive = "signature"
nistQuantumSecurityLevel = 2
symbol_patterns = [
  "\\bdilithium\\.Mode2",
  "\\bDilithium2\\b",
]

[[library.algorithms]]
name = "Dilithium3"
primitive = "signature"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bdilithium\\.Mode3",
  "\\bDilithium3\\b",
]

[[library.algorithms]]
name = "Dilithium5"
primitive = "signature"
nistQuantumSecurityLevel = 5
symbol_patterns = [
  "\\bdilithium\\.Mode5",
  "\\bDilithium5\\b",
]

[[library.algorithms]]
name = "Falcon-512"
primitive = "signature"
nistQuantumSecurityLevel = 1
symbol_patterns = [
  "\\bfalcon512\\.",
  "\\bFalcon512\\b",
]

[[library.algorithms]]
name = "Falcon-1024"
primitive = "signature"
nistQuantumSecurityLevel = 5
symbol_patterns = [
  "\\bfalcon1024\\.",
  "\\bFalcon1024\\b",
]

[[library.algorithms]]
name = "SPHINCS+-128"
primitive = "signature"
nistQuantumSecurityLevel = 1
symbol_patterns = [
  "\\bsphincsplus\\.(?:SHA2|SHAKE)_128",
  "\\bSPHINCS\\+.*128\\b",
]

[[library.algorithms]]
name = "SPHINCS+-192"
primitive = "signature"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bsphincsplus\\.(?:SHA2|SHAKE)_192",
  "\\bSPHINCS\\+.*192\\b",
]

[[library.algorithms]]
name = "SPHINCS+-256"
primitive = "signature"
nistQuantumSecurityLevel = 5
symbol_patterns = [
  "\\bsphincsplus\\.(?:SHA2|SHAKE)_256",
  "\\bSPHINCS\\+.*256\\b",
]

# =========================
# Rust
# =========================

[[library]]
name = "ring"
languages = ["Rust"]
[library.patterns]
include = [
  "\\bextern\\s+crate\\s+ring\\b",
  "\\buse\\s+ring::",
  "\\bring::[A-Za-z0-9_]+::",
]
apis = [
  "\\bring::[A-Za-z0-9_:]+\\b",
]

# Algorithm definitions for ring
[[library.algorithms]]
name = "RSA"
primitive = "signature"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bring::signature::RSA_",
  "\\bRsaKeyPair",
]

[[library.algorithms]]
name = "ECDSA"
primitive = "signature"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bring::signature::ECDSA_",
  "\\bEcdsaKeyPair",
]
[[library.algorithms.parameter_patterns]]
name = "curve"
pattern = "\\bp(256|384|521)"

[[library.algorithms]]
name = "Ed25519"
primitive = "signature"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bring::signature::Ed25519KeyPair",
  "\\bEd25519KeyPair",
]

[[library.algorithms]]
name = "AES-GCM"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bring::aead::AES_",
  "\\bUnboundKey",
]

[[library.algorithms]]
name = "SHA-256"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bring::digest::SHA256",
  "\\bdigest::digest",
]

[[library.algorithms]]
name = "HMAC-SHA256"
primitive = "mac"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bhmac::HMAC_SHA256",
  "\\bhmac::sign",
  "\\bhmac::Key::new",
]

[[library.algorithms]]
name = "ChaCha20Poly1305"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bring::aead::CHACHA20_POLY1305",
  "\\bCHACHA20_POLY1305",
]

[[library.algorithms]]
name = "SHA-256"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bring::digest::SHA256",
  "\\bdigest::digest.*SHA256",
]

[[library]]
name = "openssl (Rust)"
languages = ["Rust"]
[library.patterns]
include = [
  "\\bextern\\s+crate\\s+openssl\\b",
  "\\buse\\s+openssl::",
  "\\bopenssl::[A-Za-z0-9_]+::",
]
apis = [
  "\\bopenssl::[A-Za-z0-9_:]+\\b",
]

# Algorithm definitions for openssl (Rust)
[[library.algorithms]]
name = "RSA"
primitive = "signature"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bopenssl::rsa::",
  "\\bRsa::",
]

[[library.algorithms]]
name = "AES"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bopenssl::symm::Cipher",
  "\\bCipher::aes_",
]

[[library.algorithms]]
name = "ECDSA"
primitive = "signature"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bopenssl::ec::",
  "\\bEcKey::",
]

[[library]]
name = "RustCrypto (common crates)"
languages = ["Rust"]
[library.patterns]
include = [
  "\\buse\\s+(?:aes|aes_gcm|chacha20|chacha20poly1305|poly1305|sha1|sha2|sha3|blake2|blake3|ed25519_dalek|curve25519_dalek|argon2|scrypt|rsa|p256|p384|k256)[A-Za-z0-9_:]*",
]
apis = [
  "\\b(?:aes_gcm|chacha20poly1305|sha2|sha3|blake3|ed25519_dalek|curve25519_dalek|rsa|p256|p384|k256)::[A-Za-z0-9_:]+\\b",
  "\\b(?:RsaPrivateKey|RsaPublicKey|Pkcs1v15Encrypt)\\b",
  "\\b(?:Sha256|Sha512|Digest)\\b",
]

# Algorithm definitions for RustCrypto
[[library.algorithms]]
name = "RSA"
primitive = "signature"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\b(?:rsa::|RsaPrivateKey|RsaPublicKey)",
]
[[library.algorithms.parameter_patterns]]
name = "keySize"
pattern = "(?:new|generate).*?(\\d{4})|RsaPrivateKey::new.*?(\\d{4})"

[[library.algorithms]]
name = "AES-GCM"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\baes_gcm::|Aes\\d+Gcm",
]
[[library.algorithms.parameter_patterns]]
name = "keySize"
pattern = "Aes(\\d+)Gcm"

[[library.algorithms]]
name = "ChaCha20Poly1305"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bchacha20poly1305::|ChaCha20Poly1305",
]
[[library.algorithms.parameter_patterns]]
name = "keySize"
pattern = ".*"

[[library.algorithms]]
name = "SHA-256"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bsha2::|Sha256",
]
[[library.algorithms.parameter_patterns]]
name = "outputSize"
pattern = "Sha(\\d+)"

[[library.algorithms]]
name = "SHA-512"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bsha2::|Sha512",
]
[[library.algorithms.parameter_patterns]]
name = "outputSize"
pattern = "Sha(\\d+)"

[[library.algorithms]]
name = "BLAKE3"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bblake3::|Blake3",
]

[[library.algorithms]]
name = "Ed25519"
primitive = "signature"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bed25519_dalek::|Ed25519",
]
[[library.algorithms.parameter_patterns]]
name = "curve"
pattern = ".*"

[[library.algorithms]]
name = "ECDSA"
primitive = "signature"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bp256::|p384::|k256::|Ecdsa",
]
[[library.algorithms.parameter_patterns]]
name = "curve"
pattern = "p(\\d+)"

[[library]]
name = "pqcrypto (Rust)"
languages = ["Rust"]
[library.patterns]
include = [
  "\\bextern\\s+crate\\s+pqcrypto_",
  "\\buse\\s+pqcrypto_",
]
apis = [
  "\\bpqcrypto_[a-z0-9_]+::",
]

# Algorithm definitions for pqcrypto (Rust)
[[library.algorithms]]
name = "Kyber-512"
primitive = "keyexchange"
nistQuantumSecurityLevel = 1
symbol_patterns = [
  "\\bpqcrypto_kyber::kyber512",
  "\\bkyber512::",
]

[[library.algorithms]]
name = "Kyber-768"
primitive = "keyexchange"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bpqcrypto_kyber::kyber768",
  "\\bkyber768::",
]

[[library.algorithms]]
name = "Kyber-1024"
primitive = "keyexchange"
nistQuantumSecurityLevel = 5
symbol_patterns = [
  "\\bpqcrypto_kyber::kyber1024",
  "\\bkyber1024::",
]

[[library.algorithms]]
name = "Dilithium2"
primitive = "signature"
nistQuantumSecurityLevel = 2
symbol_patterns = [
  "\\bpqcrypto_dilithium::dilithium2",
  "\\bdilithium2::",
]

[[library.algorithms]]
name = "Dilithium3"
primitive = "signature"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bpqcrypto_dilithium::dilithium3",
  "\\bdilithium3::",
]

[[library.algorithms]]
name = "Dilithium5"
primitive = "signature"
nistQuantumSecurityLevel = 5
symbol_patterns = [
  "\\bpqcrypto_dilithium::dilithium5",
  "\\bdilithium5::",
]

[[library.algorithms]]
name = "Falcon-512"
primitive = "signature"
nistQuantumSecurityLevel = 1
symbol_patterns = [
  "\\bpqcrypto_falcon::falcon512",
  "\\bfalcon512::",
]

[[library.algorithms]]
name = "Falcon-1024"
primitive = "signature"
nistQuantumSecurityLevel = 5
symbol_patterns = [
  "\\bpqcrypto_falcon::falcon1024",
  "\\bfalcon1024::",
]

[[library.algorithms]]
name = "SPHINCS+-128"
primitive = "signature"
nistQuantumSecurityLevel = 1
symbol_patterns = [
  "\\bpqcrypto_sphincsplus::.*128",
  "\\bsphincs.*128",
]

[[library.algorithms]]
name = "SPHINCS+-192"
primitive = "signature"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bpqcrypto_sphincsplus::.*192",
  "\\bsphincs.*192",
]

[[library.algorithms]]
name = "SPHINCS+-256"
primitive = "signature"
nistQuantumSecurityLevel = 5
symbol_patterns = [
  "\\bpqcrypto_sphincsplus::.*256",
  "\\bsphincs.*256",
]

[[library]]
name = "oqs (Rust)"
languages = ["Rust"]
[library.patterns]
include = [
  "\\bextern\\s+crate\\s+oqs\\b",
  "\\buse\\s+oqs::",
]
apis = [
  "\\boqs::(?:kem|sig)::",
]

# Algorithm definitions for oqs (Rust)
[[library.algorithms]]
name = "Kyber-512"
primitive = "keyexchange"
nistQuantumSecurityLevel = 1
symbol_patterns = [
  "\\boqs::kem::Algorithm::Kyber512",
  "\\bKyber512\\b",
]

[[library.algorithms]]
name = "Kyber-768"
primitive = "keyexchange"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\boqs::kem::Algorithm::Kyber768",
  "\\bKyber768\\b",
]

[[library.algorithms]]
name = "Kyber-1024"
primitive = "keyexchange"
nistQuantumSecurityLevel = 5
symbol_patterns = [
  "\\boqs::kem::Algorithm::Kyber1024",
  "\\bKyber1024\\b",
]

[[library.algorithms]]
name = "Dilithium2"
primitive = "signature"
nistQuantumSecurityLevel = 2
symbol_patterns = [
  "\\boqs::sig::Algorithm::Dilithium2",
  "\\bDilithium2\\b",
]

[[library.algorithms]]
name = "Dilithium3"
primitive = "signature"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\boqs::sig::Algorithm::Dilithium3",
  "\\bDilithium3\\b",
]

[[library.algorithms]]
name = "Dilithium5"
primitive = "signature"
nistQuantumSecurityLevel = 5
symbol_patterns = [
  "\\boqs::sig::Algorithm::Dilithium5",
  "\\bDilithium5\\b",
]

[[library.algorithms]]
name = "Falcon-512"
primitive = "signature"
nistQuantumSecurityLevel = 1
symbol_patterns = [
  "\\boqs::sig::Algorithm::Falcon512",
  "\\bFalcon512\\b",
]

[[library.algorithms]]
name = "Falcon-1024"
primitive = "signature"
nistQuantumSecurityLevel = 5
symbol_patterns = [
  "\\boqs::sig::Algorithm::Falcon1024",
  "\\bFalcon1024\\b",
]

[[library.algorithms]]
name = "SPHINCS+-128"
primitive = "signature"
nistQuantumSecurityLevel = 1
symbol_patterns = [
  "\\boqs::sig::Algorithm::Sphincs\\w*128",
  "\\bSphincs\\w*128",
]

[[library.algorithms]]
name = "SPHINCS+-192"
primitive = "signature"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\boqs::sig::Algorithm::Sphincs\\w*192",
  "\\bSphincs\\w*192",
]

[[library.algorithms]]
name = "SPHINCS+-256"
primitive = "signature"
nistQuantumSecurityLevel = 5
symbol_patterns = [
  "\\boqs::sig::Algorithm::Sphincs\\w*256",
  "\\bSphincs\\w*256",
]

# =========================
# Swift
# =========================

[[library]]
name = "Security.framework (Swift)"
languages = ["Swift"]
[library.patterns]
include = [
  "^\\s*import\\s+Security\\b",
]
apis = [
  "\\bSec(?:Key|Certificate|Trust|Identity)[A-Za-z0-9_]*\\b",
  "\\bkSec[A-Za-z0-9_]+\\b",
]

# Algorithm definitions for Security.framework (Swift)
[[library.algorithms]]
name = "RSA"
primitive = "signature"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bkSecAttrKeyTypeRSA",
  "\\brsaSignatureMessagePSSSHA256",
]

[[library]]
name = "CryptoKit"
languages = ["Swift"]
[library.patterns]
include = [
  "^\\s*import\\s+CryptoKit\\b",
]
apis = [
  "\\b(SHA(?:256|384|512)|HMAC|ChaChaPoly|AES\\.GCM|Curve25519|P256|P384|P521)\\b",
]

# Algorithm definitions for CryptoKit
[[library.algorithms]]
name = "AES-GCM"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bAES\\.GCM",
]

[[library.algorithms]]
name = "ChaCha20Poly1305"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bChaChaPoly",
]

[[library.algorithms]]
name = "SHA-256"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bSHA256",
]

[[library.algorithms]]
name = "ECDSA-P256"
primitive = "signature"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bP256\\.Signing",
]

[[library.algorithms]]
name = "ECDSA-P384"
primitive = "signature"
nistQuantumSecurityLevel = 5
symbol_patterns = [
  "\\bP384\\.Signing",
]

[[library.algorithms]]
name = "ECDSA-P521"
primitive = "signature"
nistQuantumSecurityLevel = 5
symbol_patterns = [
  "\\bP521\\.Signing",
]

[[library.algorithms]]
name = "Ed25519"
primitive = "signature"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bCurve25519\\.Signing",
]

[[library.algorithms]]
name = "X25519"
primitive = "asymmetric"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bCurve25519\\.KeyAgreement",
]

[[library.algorithms]]
name = "SHA-384"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bSHA384",
]

[[library.algorithms]]
name = "SHA-512"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bSHA512",
]

[[library.algorithms]]
name = "HMAC-SHA256"
primitive = "mac"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bHMAC<SHA256>",
  "\\bHMAC.*SHA256",
]

[[library.algorithms]]
name = "HMAC-SHA384"
primitive = "mac"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bHMAC<SHA384>",
  "\\bHMAC.*SHA384",
]

[[library.algorithms]]
name = "HMAC-SHA512"
primitive = "mac"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bHMAC<SHA512>",
  "\\bHMAC.*SHA512",
]

[[library.algorithms]]
name = "P256-KeyAgreement"
primitive = "keyexchange"
nistQuantumSecurityLevel = 1
symbol_patterns = [
  "\\bP256\\.KeyAgreement",
]

[[library.algorithms]]
name = "P384-KeyAgreement"
primitive = "keyexchange"
nistQuantumSecurityLevel = 2
symbol_patterns = [
  "\\bP384\\.KeyAgreement",
]

[[library.algorithms]]
name = "P521-KeyAgreement"
primitive = "keyexchange"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bP521\\.KeyAgreement",
]

[[library.algorithms]]
name = "SHA-1"
primitive = "hash"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bInsecure\\.SHA1",
]

[[library.algorithms]]
name = "MD5"
primitive = "hash"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bInsecure\\.MD5",
]

[[library.algorithms]]
name = "HKDF-SHA256"
primitive = "kdf"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bHKDF<SHA256>",
  "\\bHKDF.*SHA256",
]

[[library.algorithms]]
name = "HKDF-SHA384"
primitive = "kdf"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bHKDF<SHA384>",
  "\\bHKDF.*SHA384",
]

[[library.algorithms]]
name = "HKDF-SHA512"
primitive = "kdf"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bHKDF<SHA512>",
  "\\bHKDF.*SHA512",
]

[[library.algorithms]]
name = "HKDF"
primitive = "kdf"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bhkdfDerivedSymmetricKey",
]

[[library.algorithms]]
name = "HMAC"
primitive = "mac"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bHMAC[<>]",
  "\\bHMAC\\(",
]

[[library]]
name = "CommonCrypto (Swift)"
languages = ["Swift"]
[library.patterns]
include = [
  "^\\s*import\\s+CommonCrypto\\b",
]
apis = [
  "\\bCC_(?:Crypt|SHA(?:1|224|256|384|512)|MD5|KeyDerivation|Random|Hmac)[A-Za-z0-9_]*\\s*\\(",
  "\\bCCHmac\\s*\\(",
]

# Algorithm definitions for CommonCrypto (Swift)
[[library.algorithms]]
name = "SHA-256"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bCC_SHA256\\s*\\(",
]

[[library.algorithms]]
name = "HMAC-SHA256"
primitive = "mac"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bCCHmac.*kCCHmacAlgSHA256",
]

[[library.algorithms]]
name = "AES"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bCCCrypt.*kCCAlgorithmAES",
  "\\bCCCryptorCreate.*kCCAlgorithmAES",
]

[[library.algorithms]]
name = "DES"
primitive = "symmetric"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bCCCrypt.*kCCAlgorithmDES",
  "\\bCCCryptorCreate.*kCCAlgorithmDES",
]

[[library.algorithms]]
name = "3DES"
primitive = "symmetric"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bCCCrypt.*kCCAlgorithm3DES",
  "\\bCCCryptorCreate.*kCCAlgorithm3DES",
]

[[library.algorithms]]
name = "Blowfish"
primitive = "symmetric"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bCCCrypt.*kCCAlgorithmBlowfish",
  "\\bCCCryptorCreate.*kCCAlgorithmBlowfish",
]

[[library.algorithms]]
name = "CAST5"
primitive = "symmetric"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bCCCrypt.*kCCAlgorithmCAST",
  "\\bCCCryptorCreate.*kCCAlgorithmCAST",
]

[[library.algorithms]]
name = "RC4"
primitive = "symmetric"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bCCCrypt.*kCCAlgorithmRC4",
  "\\bCCCryptorCreate.*kCCAlgorithmRC4",
]

[[library.algorithms]]
name = "SHA-1"
primitive = "hash"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bCC_SHA1\\s*\\(",
]

[[library.algorithms]]
name = "SHA-224"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bCC_SHA224\\s*\\(",
]

[[library.algorithms]]
name = "SHA-384"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bCC_SHA384\\s*\\(",
]

[[library.algorithms]]
name = "SHA-512"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bCC_SHA512\\s*\\(",
]

[[library.algorithms]]
name = "MD5"
primitive = "hash"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bCC_MD5\\s*\\(",
]

[[library]]
name = "CryptoSwift"
languages = ["Swift"]
[library.patterns]
include = [
  "^\\s*import\\s+CryptoSwift\\b",
]
apis = [
  "\\bAES\\s*\\(",
  "\\bChaCha20\\s*\\(",
  "\\bPoly1305\\b",
  "\\bHMAC\\b",
  "\\bSHA(?:1|224|256|384|512)\\b",
]

[[library]]
name = "Swift-Sodium"
languages = ["Swift"]
[library.patterns]
include = [
  "^\\s*import\\s+Sodium\\b",
]
apis = [
  "\\bSodium\\s*\\(",
  "\\bsodium\\.[A-Za-z0-9_]+\\b",
]

# =========================
# Kotlin
# =========================

[[library]]
name = "JCA/JCE (Kotlin)"
languages = ["Kotlin"]
[library.patterns]
include = [
  "^\\s*import\\s+javax\\.crypto\\.",
  "^\\s*import\\s+java\\.security\\.",
]
apis = [
  "\\b(?:Cipher|MessageDigest|Signature|KeyPairGenerator|KeyGenerator|Mac)\\.getInstance\\s*\\(",
  "\\bKeyFactory\\.getInstance\\s*\\(",
  "\\bKeyAgreement\\.getInstance\\s*\\(",
  "\\bSecretKeySpec\\s*\\(",
]

# Algorithm definitions for JCA/JCE (Kotlin) - Same as Java
[[library.algorithms]]
name = "RSA"
primitive = "signature"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bKeyPairGenerator\\.getInstance\\s*\\([^)]*RSA",
]
[[library.algorithms.parameter_patterns]]
name = "keySize"
pattern = "RSAKeyGenParameterSpec\\s*\\(\\s*(\\d+)"

[[library.algorithms]]
name = "AES"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bCipher\\.getInstance\\s*\\([^)]*AES",
  "\\bKeyGenerator\\.getInstance\\s*\\([^)]*AES",
]
[[library.algorithms.parameter_patterns]]
name = "keySize"
pattern = "init\\s*\\(\\s*(\\d+)"

[[library.algorithms]]
name = "ECDSA"
primitive = "signature"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bKeyPairGenerator\\.getInstance\\s*\\([^)]*EC",
  "\\bSignature\\.getInstance\\s*\\([^)]*ECDSA",
]
[[library.algorithms.parameter_patterns]]
name = "curve"
pattern = "initialize\\s*\\(\\s*(256|384|521)"

[[library.algorithms]]
name = "SHA-256"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bMessageDigest\\.getInstance\\s*\\([^)]*SHA-?256",
]

[[library.algorithms]]
name = "HMAC-SHA256"
primitive = "mac"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bMac\\.getInstance\\s*\\([^)]*HmacSHA256",
]

[[library]]
name = "BouncyCastle (Kotlin)"
languages = ["Kotlin"]
[library.patterns]
include = [
  "^\\s*import\\s+org\\.bouncycastle\\.",
]
apis = [
  "\\borg\\.bouncycastle\\.[A-Za-z0-9_.]+\\b",
]

[[library]]
name = "Korlibs Krypto (Kotlin MPP)"
languages = ["Kotlin"]
[library.patterns]
include = [
  "^\\s*import\\s+com\\.soywiz\\.krypto\\.",
]
apis = [
  "\\bcom\\.soywiz\\.krypto\\.[A-Za-z0-9_.]+\\b",
]

# =========================
# Python
# =========================

[[library]]
name = "PyCA cryptography"
languages = ["Python"]
[library.patterns]
include = [
  "^\\s*from\\s+cryptography\\b",
  "^\\s*import\\s+cryptography\\b",
]
apis = [
  "\\bFernet\\(",
  "\\bAESGCM\\(",
  "\\bhmac\\.HMAC\\(",
  "\\.finalize\\(",
  "\\b(?:cryptography\\.|from\\s+cryptography\\s+import).*?\\.(?:encrypt|decrypt)\\(",
  "\\b(?:Fernet|AESGCM|ChaCha20Poly1305|AES|Blowfish|CAST5|ARC4|ChaCha20|Salsa20|XOR)\\(",
  "\\.verify\\(",
  "\\.sign\\(",
]

# Algorithm definitions for PyCA cryptography
[[library.algorithms]]
name = "RSA"
primitive = "signature"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\brsa\\.generate_private_key",
  "\\brsa\\.(?:RSAPrivateKey|RSAPublicKey|RSAPrivateNumbers|RSAPublicNumbers)\\b",
]
[[library.algorithms.parameter_patterns]]
name = "keySize"
pattern = "key_size\\s*=\\s*(\\d+)"

[[library.algorithms]]
name = "Fernet"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bFernet\\(",
  "\\bfernet",
]
[[library.algorithms.parameter_patterns]]
name = "algorithm"
pattern = ".*"

[[library.algorithms]]
name = "AES-GCM"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bAESGCM\\(",
  "\\bAES.*GCM",
]

[[library.algorithms]]
name = "PBKDF2"
primitive = "kdf"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bPBKDF2HMAC\\(",
  "\\bpbkdf2",
]

[[library.algorithms]]
name = "AES"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\balgorithms\\.AES\\(",
  "\\bmodes\\.CBC\\(",
  "\\bmodes\\.CTR\\(",
  "\\bmodes\\.ECB\\(",
  "\\bmodes\\.OFB\\(",
  "\\bmodes\\.CFB\\(",
]

[[library.algorithms]]
name = "AES-OCB3"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bAESOCB3\\(",
]

[[library.algorithms]]
name = "AES-CCM"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bAESCCM\\(",
]

[[library.algorithms]]
name = "AES-GCM-SIV"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bAESGCMSIV\\(",
]

[[library.algorithms]]
name = "ChaCha20"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\balgorithms\\.ChaCha20\\(",
]

[[library.algorithms]]
name = "ChaCha20-Poly1305"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bChaCha20Poly1305\\(",
]

[[library.algorithms]]
name = "3DES"
primitive = "symmetric"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\balgorithms\\.TripleDES\\(",
]

[[library.algorithms]]
name = "Camellia"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\balgorithms\\.Camellia\\(",
]

[[library.algorithms]]
name = "CAST5"
primitive = "symmetric"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\balgorithms\\.CAST5\\(",
]

[[library.algorithms]]
name = "IDEA"
primitive = "symmetric"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\balgorithms\\.IDEA\\(",
]

[[library.algorithms]]
name = "SEED"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\balgorithms\\.SEED\\(",
]

[[library.algorithms]]
name = "SM4"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\balgorithms\\.SM4\\(",
]

[[library.algorithms]]
name = "ECDSA"
primitive = "signature"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bec\\.ECDSA\\(",
]

[[library.algorithms]]
name = "Ed25519"
primitive = "signature"
nistQuantumSecurityLevel = 1
symbol_patterns = [
  "\\bed25519\\.Ed25519PrivateKey",
]

[[library.algorithms]]
name = "Ed448"
primitive = "signature"
nistQuantumSecurityLevel = 2
symbol_patterns = [
  "\\bed448\\.Ed448PrivateKey",
]

[[library.algorithms]]
name = "X25519"
primitive = "keyexchange"
nistQuantumSecurityLevel = 1
symbol_patterns = [
  "\\bx25519\\.X25519PrivateKey",
]

[[library.algorithms]]
name = "X448"
primitive = "keyexchange"
nistQuantumSecurityLevel = 2
symbol_patterns = [
  "\\bx448\\.X448PrivateKey",
]

[[library.algorithms]]
name = "DSA"
primitive = "signature"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bdsa\\.generate_private_key\\(",
]

[[library.algorithms]]
name = "DH"
primitive = "keyexchange"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bdh\\.generate_parameters\\(",
]

[[library.algorithms]]
name = "RSA-PSS"
primitive = "signature"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bpadding\\.PSS\\(",
]

[[library.algorithms]]
name = "RSA-OAEP"
primitive = "pke"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bpadding\\.OAEP\\(",
]

[[library.algorithms]]
name = "RSA-PKCS1"
primitive = "signature"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bpadding\\.PKCS1v15\\(",
]

[[library.algorithms]]
name = "SHA-1"
primitive = "hash"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bhashes\\.SHA1\\(",
]

[[library.algorithms]]
name = "SHA-224"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bhashes\\.SHA224\\(",
]

[[library.algorithms]]
name = "SHA-256"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bhashes\\.SHA256\\(",
]

[[library.algorithms]]
name = "SHA-384"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bhashes\\.SHA384\\(",
]

[[library.algorithms]]
name = "SHA-512"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bhashes\\.SHA512\\(",
]

[[library.algorithms]]
name = "SHA3-224"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bhashes\\.SHA3_224\\(",
]

[[library.algorithms]]
name = "SHA3-256"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bhashes\\.SHA3_256\\(",
]

[[library.algorithms]]
name = "SHA3-384"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bhashes\\.SHA3_384\\(",
]

[[library.algorithms]]
name = "SHA3-512"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bhashes\\.SHA3_512\\(",
]

[[library.algorithms]]
name = "BLAKE2b"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bhashes\\.BLAKE2b\\(",
]

[[library.algorithms]]
name = "BLAKE2s"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bhashes\\.BLAKE2s\\(",
]

[[library.algorithms]]
name = "MD5"
primitive = "hash"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bhashes\\.MD5\\(",
]

[[library.algorithms]]
name = "SM3"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bhashes\\.SM3\\(",
]

[[library.algorithms]]
name = "HMAC"
primitive = "mac"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bhmac\\.HMAC\\(",
]

[[library.algorithms]]
name = "Scrypt"
primitive = "kdf"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bScrypt\\(",
]

[[library.algorithms]]
name = "HKDF"
primitive = "kdf"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bHKDF\\(",
  "\\bHKDFExpand\\(",
]

[[library.algorithms]]
name = "KBKDF"
primitive = "kdf"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bKBKDFHMAC\\(",
  "\\bKBKDFCMAC\\(",
]

[[library.algorithms]]
name = "X963KDF"
primitive = "kdf"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bX963KDF\\(",
]

[[library.algorithms]]
name = "ConcatKDF"
primitive = "kdf"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bConcatKDFHash\\(",
  "\\bConcatKDFHMAC\\(",
]

# Python standard library crypto usage
[[library]]
name = "Python stdlib crypto"
languages = ["Python"]
[library.patterns]
include = [
  "^\\s*import\\s+hashlib\\b",
  "^\\s*from\\s+hashlib\\s+import\\b",
  "^\\s*import\\s+hmac\\b",
  "^\\s*from\\s+hmac\\s+import\\b",
  "^\\s*import\\s+ssl\\b",
  "^\\s*from\\s+ssl\\s+import\\b",
]
apis = [
  "\\bhashlib\\.(?:md5|sha1|sha224|sha256|sha384|sha512|blake2b|blake2s)\\s*\\(",
  "\\bhashlib\\.new\\s*\\(",
  "\\bhashlib\\.pbkdf2_hmac\\s*\\(",
  "\\bhashlib\\.scrypt\\s*\\(",
  "\\bhmac\\.new\\s*\\(",
  "\\bhmac\\.compare_digest\\s*\\(",
  "\\bhmac\\.HMAC\\s*\\(",
  "\\bssl\\.SSLContext\\s*\\(",
  "\\bssl\\.create_default_context\\s*\\(",
]

# Algorithm definitions for Python stdlib crypto
[[library.algorithms]]
name = "SHA-1"
primitive = "hash"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bhashlib\\.sha1\\s*\\(",
  "\\bhashlib\\.new\\s*\\(\\s*[\"']sha1[\"']",
]

[[library.algorithms]]
name = "SHA-224"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bhashlib\\.sha224\\s*\\(",
  "\\bhashlib\\.new\\s*\\(\\s*[\"']sha224[\"']",
]

[[library.algorithms]]
name = "SHA-256"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bhashlib\\.sha256\\s*\\(",
  "\\bhashlib\\.new\\s*\\(\\s*[\"']sha256[\"']",
]

[[library.algorithms]]
name = "SHA-384"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bhashlib\\.sha384\\s*\\(",
  "\\bhashlib\\.new\\s*\\(\\s*[\"']sha384[\"']",
]

[[library.algorithms]]
name = "SHA-512"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bhashlib\\.sha512\\s*\\(",
  "\\bhashlib\\.new\\s*\\(\\s*[\"']sha512[\"']",
]

[[library.algorithms]]
name = "MD5"
primitive = "hash"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bhashlib\\.md5\\s*\\(",
  "\\bhashlib\\.new\\s*\\(\\s*[\"']md5[\"']",
]

[[library.algorithms]]
name = "BLAKE2b"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bhashlib\\.blake2b\\s*\\(",
  "\\bhashlib\\.new\\s*\\(\\s*[\"']blake2b[\"']",
]

[[library.algorithms]]
name = "BLAKE2s"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bhashlib\\.blake2s\\s*\\(",
  "\\bhashlib\\.new\\s*\\(\\s*[\"']blake2s[\"']",
]

[[library.algorithms]]
name = "PBKDF2"
primitive = "kdf"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bhashlib\\.pbkdf2_hmac\\s*\\(",
]

[[library.algorithms]]
name = "scrypt"
primitive = "kdf"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bhashlib\\.scrypt\\s*\\(",
]

[[library.algorithms]]
name = "HMAC"
primitive = "mac"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bhmac\\.new\\s*\\(",
  "\\bhmac\\.HMAC\\s*\\(",
]

[[library]]
name = "python-oqs"
languages = ["Python"]
[library.patterns]
include = [
  "^\\s*import\\s+oqs\\b",
  "^\\s*from\\s+oqs\\b",
]
apis = [
  "\\boqs\\.(?:KeyEncapsulation|Signature)\\b",
  "\\boqs\\.(?:get_enabled_kems|get_enabled_sigs)\\b",
]

# Algorithm definitions for python-oqs
[[library.algorithms]]
name = "Kyber-512"
primitive = "keyexchange"
nistQuantumSecurityLevel = 1
symbol_patterns = [
  "\\bKyber512\\b",
  "\\bkyber512\\b",
]

[[library.algorithms]]
name = "Kyber-768"
primitive = "keyexchange"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bKyber768\\b",
  "\\bkyber768\\b",
]

[[library.algorithms]]
name = "Kyber-1024"
primitive = "keyexchange"
nistQuantumSecurityLevel = 5
symbol_patterns = [
  "\\bKyber1024\\b",
  "\\bkyber1024\\b",
]

[[library.algorithms]]
name = "Dilithium2"
primitive = "signature"
nistQuantumSecurityLevel = 2
symbol_patterns = [
  "\\bDilithium2\\b",
  "\\bdilithium2\\b",
]

[[library.algorithms]]
name = "Dilithium3"
primitive = "signature"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bDilithium3\\b",
  "\\bdilithium3\\b",
]

[[library.algorithms]]
name = "Dilithium5"
primitive = "signature"
nistQuantumSecurityLevel = 5
symbol_patterns = [
  "\\bDilithium5\\b",
  "\\bdilithium5\\b",
]

[[library.algorithms]]
name = "Falcon-512"
primitive = "signature"
nistQuantumSecurityLevel = 1
symbol_patterns = [
  "\\bFalcon-512\\b",
  "\\bfalcon-512\\b",
]

[[library.algorithms]]
name = "Falcon-1024"
primitive = "signature"
nistQuantumSecurityLevel = 5
symbol_patterns = [
  "\\bFalcon-1024\\b",
  "\\bfalcon-1024\\b",
]

[[library.algorithms]]
name = "SPHINCS+-128"
primitive = "signature"
nistQuantumSecurityLevel = 1
symbol_patterns = [
  "\\bSPHINCS\\+.*128\\b",
  "\\bsphincs\\+.*128\\b",
]

[[library.algorithms]]
name = "SPHINCS+-192"
primitive = "signature"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bSPHINCS\\+.*192\\b",
  "\\bsphincs\\+.*192\\b",
]

[[library.algorithms]]
name = "SPHINCS+-256"
primitive = "signature"
nistQuantumSecurityLevel = 5
symbol_patterns = [
  "\\bSPHINCS\\+.*256\\b",
  "\\bsphincs\\+.*256\\b",
]

[[library]]
name = "PyCryptodome"
languages = ["Python"]
[library.patterns]
include = [
  "^\\s*from\\s+Crypto\\b",
  "^\\s*import\\s+Crypto\\b",
]
apis = [
  "\\bCrypto\\.Cipher\\.AES\\.new\\(",
  "\\bCrypto\\.Hash\\.HMAC\\.new\\(",
  "\\bCrypto\\.Signature\\.pkcs1_15\\.new\\(.*\\)\\.sign\\(",
  "\\bCrypto\\.Signature\\.pkcs1_15\\.new\\(.*\\)\\.verify\\(",
  "\\bCrypto\\.(?:Cipher|Hash|Signature|Protocol|PublicKey)\\.",
  "\\b(?:AES|DES|DES3|Blowfish|CAST|ARC2|ARC4|ChaCha20|Salsa20|XOR)\\(",
]

# Algorithm definitions for PyCryptodome
[[library.algorithms]]
name = "RSA"
primitive = "signature"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bCrypto\\.PublicKey\\.RSA",
  "\\bRSA\\.generate",
]
[[library.algorithms.parameter_patterns]]
name = "keySize"
pattern = "generate\\s*\\(\\s*(\\d+)"

[[library.algorithms]]
name = "AES"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bCrypto\\.Cipher\\.AES",
  "\\bAES\\.new",
]
[[library.algorithms.parameter_patterns]]
name = "keySize"
pattern = "AES\\.new\\s*\\(\\s*['\"][A-Za-z0-9_-]*aes-(\\d+)[A-Za-z0-9_-]*['\"]"

[[library.algorithms]]
name = "SHA-256"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bCrypto\\.Hash\\.SHA256",
  "\\bSHA256\\.new",
]

[[library]]
name = "PyNaCl"
languages = ["Python"]
[library.patterns]
include = [
  "^\\s*from\\s+nacl\\b",
  "^\\s*import\\s+nacl\\b",
  "^\\s*from\\s+nacl\\.signing\\b",
  "^\\s*from\\s+nacl\\.secret\\b",
  "^\\s*from\\s+nacl\\.encoding\\b",
  "^\\s*from\\s+nacl\\.hash\\b",
  "^\\s*from\\s+nacl\\.pwhash\\b",
]
apis = [
  "\\bnacl\\.secret\\.SecretBox",
  "\\bnacl\\.signing\\.SigningKey",
  "\\bnacl\\.signing\\.VerifyKey",
  "\\bnacl\\.encoding\\.",
  "\\bnacl\\.hash\\.",
  "\\bnacl\\.pwhash\\.",
  "\\bnacl\\.hashlib\\.",
  "\\bSigningKey\\.generate\\(",
  "\\bSigningKey\\.sign\\(",
  "\\bVerifyKey\\.verify\\(",
  "\\bSignedMessage\\.",
  "\\bnacl\\.(?:secret|signing|encoding|hash|pwhash)\\.",
  "\\b(?:SecretBox|SigningKey|VerifyKey|SignedMessage)\\.",
  "\\bHexEncoder",
  "\\bBase64Encoder",
]

# Algorithm definitions for PyNaCl
[[library.algorithms]]
name = "Ed25519"
primitive = "signature"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bnacl\\.signing\\.SigningKey",
  "\\bSigningKey",
]

[[library.algorithms]]
name = "X25519"
primitive = "asymmetric"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bnacl\\.public\\.PrivateKey",
  "\\bnacl\\.public\\.Box",
]

[[library.algorithms]]
name = "XSalsa20Poly1305"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bnacl\\.secret\\.SecretBox",
  "\\bSecretBox",
  "\\bnacl\\.public\\.Box",
]

[[library.algorithms]]
name = "BLAKE2b"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bnacl\\.hash\\.blake2b",
  "\\bblake2b",
]

[[library.algorithms]]
name = "SHA-256"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bnacl\\.hash\\.sha256",
]

# =========================
# PHP
# =========================

[[library]]
name = "OpenSSL (PHP)"
languages = ["PHP"]
[library.patterns]
include = []
apis = [
  "\\bopenssl_[a-z0-9_]+\\s*\\(",
]

# Algorithm definitions for OpenSSL (PHP)
[[library.algorithms]]
name = "RSA"
primitive = "signature"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bopenssl_pkey_new.*rsa",
  "\\bopenssl_sign",
]

[[library.algorithms]]
name = "AES-CBC"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bopenssl_encrypt.*['\"]aes-(?:128|192|256)-cbc['\"]",
  "\\bopenssl_decrypt.*['\"]aes-(?:128|192|256)-cbc['\"]",
]
[[library.algorithms.parameter_patterns]]
name = "keySize"
pattern = "openssl_(?:encrypt|decrypt)\\s*\\([^,)]*,\\s*['\"]aes-(\\d+)-cbc"

[[library.algorithms]]
name = "AES-CFB"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bopenssl_encrypt.*['\"]aes-(?:128|192|256)-cfb['\"]",
  "\\bopenssl_decrypt.*['\"]aes-(?:128|192|256)-cfb['\"]",
  "\\bopenssl_encrypt.*['\"]aes-(?:128|192|256)-cfb1['\"]",
  "\\bopenssl_decrypt.*['\"]aes-(?:128|192|256)-cfb1['\"]",
  "\\bopenssl_encrypt.*['\"]aes-(?:128|192|256)-cfb8['\"]",
  "\\bopenssl_decrypt.*['\"]aes-(?:128|192|256)-cfb8['\"]",
]
[[library.algorithms.parameter_patterns]]
name = "keySize"
pattern = "openssl_(?:encrypt|decrypt)\\s*\\([^,)]*,\\s*['\"]aes-(\\d+)-cfb"

[[library.algorithms]]
name = "AES-CTR"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bopenssl_encrypt.*['\"]aes-(?:128|192|256)-ctr['\"]",
  "\\bopenssl_decrypt.*['\"]aes-(?:128|192|256)-ctr['\"]",
]
[[library.algorithms.parameter_patterns]]
name = "keySize"
pattern = "openssl_(?:encrypt|decrypt)\\s*\\([^,)]*,\\s*['\"]aes-(\\d+)-ctr"

[[library.algorithms]]
name = "AES-OFB"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bopenssl_encrypt.*['\"]aes-(?:128|192|256)-ofb['\"]",
  "\\bopenssl_decrypt.*['\"]aes-(?:128|192|256)-ofb['\"]",
]
[[library.algorithms.parameter_patterns]]
name = "keySize"
pattern = "openssl_(?:encrypt|decrypt)\\s*\\([^,)]*,\\s*['\"]aes-(\\d+)-ofb"

[[library.algorithms]]
name = "AES-XTS"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bopenssl_encrypt.*['\"]aes-(?:128|256)-xts['\"]",
  "\\bopenssl_decrypt.*['\"]aes-(?:128|256)-xts['\"]",
]
[[library.algorithms.parameter_patterns]]
name = "keySize"
pattern = "openssl_(?:encrypt|decrypt)\\s*\\([^,)]*,\\s*['\"]aes-(\\d+)-xts"

[[library.algorithms]]
name = "AES-CCM"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bopenssl_encrypt.*['\"]aes-(?:128|192|256)-ccm['\"]",
  "\\bopenssl_decrypt.*['\"]aes-(?:128|192|256)-ccm['\"]",
]
[[library.algorithms.parameter_patterns]]
name = "keySize"
pattern = "openssl_(?:encrypt|decrypt)\\s*\\([^,)]*,\\s*['\"]aes-(\\d+)-ccm"

[[library.algorithms]]
name = "AES-OCB"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bopenssl_encrypt.*['\"]aes-(?:128|192|256)-ocb['\"]",
  "\\bopenssl_decrypt.*['\"]aes-(?:128|192|256)-ocb['\"]",
]
[[library.algorithms.parameter_patterns]]
name = "keySize"
pattern = "openssl_(?:encrypt|decrypt)\\s*\\([^,)]*,\\s*['\"]aes-(\\d+)-ocb"

[[library.algorithms]]
name = "SHA-256"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bopenssl_digest.*sha256",
]

[[library.algorithms]]
name = "HMAC-SHA256"
primitive = "mac"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bhash_hmac.*sha256",
]

[[library.algorithms]]
name = "AES-GCM"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bopenssl_encrypt.*['\"]aes-(?:128|192|256)-gcm['\"]",
  "\\bopenssl_decrypt.*['\"]aes-(?:128|192|256)-gcm['\"]",
]
[[library.algorithms.parameter_patterns]]
name = "keySize"
pattern = "openssl_(?:encrypt|decrypt)\\s*\\([^,)]*,\\s*['\"]aes-(\\d+)-gcm"

[[library.algorithms]]
name = "ChaCha20-Poly1305"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bopenssl_encrypt.*['\"]chacha20-poly1305['\"]",
  "\\bopenssl_decrypt.*['\"]chacha20-poly1305['\"]",
]

[[library.algorithms]]
name = "ChaCha20"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bopenssl_encrypt.*['\"]chacha20['\"]",
  "\\bopenssl_decrypt.*['\"]chacha20['\"]",
]

[[library.algorithms]]
name = "Blowfish"
primitive = "symmetric"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bopenssl_encrypt.*['\"]bf-(?:cbc|cfb|ofb)['\"]",
  "\\bopenssl_decrypt.*['\"]bf-(?:cbc|cfb|ofb)['\"]",
]

[[library.algorithms]]
name = "CAST5"
primitive = "symmetric"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bopenssl_encrypt.*['\"]cast5-(?:cbc|cfb|ofb)['\"]",
  "\\bopenssl_decrypt.*['\"]cast5-(?:cbc|cfb|ofb)['\"]",
]

[[library.algorithms]]
name = "Camellia"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bopenssl_encrypt.*['\"]camellia-(?:128|192|256)-(?:cbc|cfb|cfb1|cfb8|ctr|ofb)['\"]",
  "\\bopenssl_decrypt.*['\"]camellia-(?:128|192|256)-(?:cbc|cfb|cfb1|cfb8|ctr|ofb)['\"]",
]
[[library.algorithms.parameter_patterns]]
name = "keySize"
pattern = "openssl_(?:encrypt|decrypt)\\s*\\([^,)]*,\\s*['\"]camellia-(\\d+)"

[[library.algorithms]]
name = "ARIA"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bopenssl_encrypt.*['\"]aria-(?:128|192|256)-(?:cbc|ccm|cfb|cfb1|cfb8|ctr|gcm|ofb)['\"]",
  "\\bopenssl_decrypt.*['\"]aria-(?:128|192|256)-(?:cbc|ccm|cfb|cfb1|cfb8|ctr|gcm|ofb)['\"]",
]
[[library.algorithms.parameter_patterns]]
name = "keySize"
pattern = "openssl_(?:encrypt|decrypt)\\s*\\([^,)]*,\\s*['\"]aria-(\\d+)"

[[library.algorithms]]
name = "SEED"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bopenssl_encrypt.*['\"]seed-(?:cbc|cfb|ofb)['\"]",
  "\\bopenssl_decrypt.*['\"]seed-(?:cbc|cfb|ofb)['\"]",
]

[[library.algorithms]]
name = "SM4"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bopenssl_encrypt.*['\"]sm4-(?:cbc|cfb|ctr|ofb)['\"]",
  "\\bopenssl_decrypt.*['\"]sm4-(?:cbc|cfb|ctr|ofb)['\"]",
]

[[library.algorithms]]
name = "IDEA"
primitive = "symmetric"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bopenssl_encrypt.*['\"]idea-(?:cbc|cfb|ofb)['\"]",
  "\\bopenssl_decrypt.*['\"]idea-(?:cbc|cfb|ofb)['\"]",
]

[[library.algorithms]]
name = "DES"
primitive = "symmetric"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bopenssl_encrypt.*des-(?:cbc|ecb|cfb|ofb)",
  "\\bopenssl_decrypt.*des-(?:cbc|ecb|cfb|ofb)",
]

[[library.algorithms]]
name = "3DES"
primitive = "symmetric"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bopenssl_encrypt.*des-ede3",
  "\\bopenssl_decrypt.*des-ede3",
]

[[library.algorithms]]
name = "Blowfish"
primitive = "symmetric"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bopenssl_encrypt.*bf-(?:cbc|ecb|cfb|ofb)",
  "\\bopenssl_decrypt.*bf-(?:cbc|ecb|cfb|ofb)",
]

[[library.algorithms]]
name = "CAST5"
primitive = "symmetric"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bopenssl_encrypt.*cast5-(?:cbc|ecb|cfb|ofb)",
  "\\bopenssl_decrypt.*cast5-(?:cbc|ecb|cfb|ofb)",
]

[[library.algorithms]]
name = "RC4"
primitive = "symmetric"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bopenssl_encrypt.*rc4",
  "\\bopenssl_decrypt.*rc4",
]

[[library.algorithms]]
name = "ChaCha20"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bopenssl_encrypt.*chacha20",
  "\\bopenssl_decrypt.*chacha20",
]

[[library.algorithms]]
name = "ChaCha20-Poly1305"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bopenssl_encrypt.*chacha20-poly1305",
  "\\bopenssl_decrypt.*chacha20-poly1305",
]

[[library.algorithms]]
name = "SHA-1"
primitive = "hash"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bopenssl_digest.*sha1",
  "\\bhash\\s*\\(\\s*['\"]sha1['\"]",
]

[[library.algorithms]]
name = "SHA-224"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bopenssl_digest.*sha224",
  "\\bhash\\s*\\(\\s*['\"]sha224['\"]",
]

[[library.algorithms]]
name = "SHA-384"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bopenssl_digest.*sha384",
  "\\bhash\\s*\\(\\s*['\"]sha384['\"]",
]

[[library.algorithms]]
name = "SHA-512"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bopenssl_digest.*sha512",
  "\\bhash\\s*\\(\\s*['\"]sha512['\"]",
]

[[library.algorithms]]
name = "SHA3-224"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bopenssl_digest.*sha3-224",
  "\\bhash\\s*\\(\\s*['\"]sha3-224['\"]",
]

[[library.algorithms]]
name = "SHA3-256"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bopenssl_digest.*sha3-256",
]

[[library.algorithms]]
name = "SHA3-384"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bopenssl_digest.*sha3-384",
]

[[library.algorithms]]
name = "SHA3-512"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bopenssl_digest.*sha3-512",
  "\\bhash\\s*\\(\\s*['\"]sha3-512['\"]",
]

[[library.algorithms]]
name = "SHAKE128"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bopenssl_digest.*shake128",
  "\\bhash\\s*\\(\\s*['\"]shake128['\"]",
]

[[library.algorithms]]
name = "SHAKE256"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bopenssl_digest.*shake256",
  "\\bhash\\s*\\(\\s*['\"]shake256['\"]",
]

[[library.algorithms]]
name = "MD5"
primitive = "hash"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bopenssl_digest.*md5",
  "\\bhash\\s*\\(\\s*['\"]md5['\"]",
  "\\bmd5\\s*\\(",
]

[[library.algorithms]]
name = "BLAKE2b"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bopenssl_digest.*blake2b512",
  "\\bhash\\s*\\(\\s*['\"]blake2b512['\"]",
]

[[library.algorithms]]
name = "BLAKE2s"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bopenssl_digest.*blake2s256",
  "\\bhash\\s*\\(\\s*['\"]blake2s256['\"]",
]

[[library.algorithms]]
name = "RIPEMD-160"
primitive = "hash"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bopenssl_digest.*ripemd160",
  "\\bhash\\s*\\(\\s*['\"]ripemd160['\"]",
]

[[library.algorithms]]
name = "HMAC-SHA1"
primitive = "mac"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bhash_hmac.*sha1",
]

[[library.algorithms]]
name = "HMAC-SHA384"
primitive = "mac"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bhash_hmac.*sha384",
]

[[library.algorithms]]
name = "HMAC-SHA512"
primitive = "mac"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bhash_hmac.*sha512",
]

[[library]]
name = "Sodium (PHP)"
languages = ["PHP"]
[library.patterns]
include = []
apis = [
  "\\bsodium_[a-z0-9_]+\\s*\\(",
]

# Algorithm definitions for Sodium (PHP)
[[library.algorithms]]
name = "ChaCha20Poly1305"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bsodium_crypto_aead_chacha20poly1305",
]

[[library.algorithms]]
name = "XSalsa20-Poly1305"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bsodium_crypto_secretbox",
  "\\bsodium_crypto_box",
]

[[library.algorithms]]
name = "Ed25519"
primitive = "signature"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bsodium_crypto_sign",
  "\\bsodium_crypto_sign_keypair",
]

[[library.algorithms]]
name = "BLAKE2b"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bsodium_crypto_generichash",
]

[[library.algorithms]]
name = "HMAC-SHA512-256"
primitive = "mac"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bsodium_crypto_auth",
]

[[library.algorithms]]
name = "AES-GCM"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bsodium_crypto_aead_aes256gcm",
]

[[library.algorithms]]
name = "XChaCha20-Poly1305"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bsodium_crypto_aead_xchacha20poly1305",
]

[[library.algorithms]]
name = "ChaCha20"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bsodium_crypto_stream_chacha20",
]

[[library.algorithms]]
name = "X25519"
primitive = "asymmetric"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bsodium_crypto_box",
  "\\bsodium_crypto_box_keypair",
  "\\bsodium_crypto_scalarmult",
]

[[library.algorithms]]
name = "Argon2"
primitive = "kdf"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bsodium_crypto_pwhash",
  "\\bsodium_crypto_pwhash_str",
]

[[library.algorithms]]
name = "SHA-256"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bsodium_crypto_hash_sha256",
]

[[library.algorithms]]
name = "SHA-512"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bsodium_crypto_hash_sha512",
]

[[library]]
name = "phpseclib"
languages = ["PHP"]
[library.patterns]
include = [
  "^\\s*use\\s+phpseclib\\d*\\\\Crypt\\\\",
]
apis = [
  "\\bnew\\s+\\\\?phpseclib\\d*\\\\Crypt\\\\[A-Za-z0-9_]+\\s*\\(",
  "\\bnew\\s+Crypt_[A-Z][A-Za-z0-9_]*\\s*\\(", # legacy v2
]

# Algorithm definitions for phpseclib
[[library.algorithms]]
name = "RSA"
primitive = "signature"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bnew\\s+(?:\\\\?phpseclib\\d*\\\\Crypt\\\\)?RSA",
  "\\bnew\\s+Crypt_RSA",
]

[[library.algorithms]]
name = "AES"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bnew\\s+(?:\\\\?phpseclib\\d*\\\\Crypt\\\\)?AES",
  "\\bnew\\s+Crypt_AES",
  "\\bnew\\s+(?:\\\\?phpseclib\\d*\\\\Crypt\\\\)?Rijndael",
  "\\bnew\\s+Crypt_Rijndael",
]

[[library.algorithms]]
name = "DES"
primitive = "symmetric"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bnew\\s+(?:\\\\?phpseclib\\d*\\\\Crypt\\\\)?DES",
  "\\bnew\\s+Crypt_DES",
]

[[library.algorithms]]
name = "3DES"
primitive = "symmetric"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bnew\\s+(?:\\\\?phpseclib\\d*\\\\Crypt\\\\)?TripleDES",
  "\\bnew\\s+Crypt_TripleDES",
]

[[library.algorithms]]
name = "Blowfish"
primitive = "symmetric"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bnew\\s+(?:\\\\?phpseclib\\d*\\\\Crypt\\\\)?Blowfish",
  "\\bnew\\s+Crypt_Blowfish",
]

[[library.algorithms]]
name = "RC4"
primitive = "symmetric"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bnew\\s+(?:\\\\?phpseclib\\d*\\\\Crypt\\\\)?RC4",
  "\\bnew\\s+Crypt_RC4",
]

[[library.algorithms]]
name = "Twofish"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bnew\\s+(?:\\\\?phpseclib\\d*\\\\Crypt\\\\)?Twofish",
  "\\bnew\\s+Crypt_Twofish",
]

[[library.algorithms]]
name = "SHA-256"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bnew\\s+(?:\\\\?phpseclib\\d*\\\\Crypt\\\\)?Hash.*sha256",
  "\\bnew\\s+Crypt_Hash.*sha256",
]

[[library.algorithms]]
name = "SHA-1"
primitive = "hash"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bnew\\s+(?:\\\\?phpseclib\\d*\\\\Crypt\\\\)?Hash.*sha1",
  "\\bnew\\s+Crypt_Hash.*sha1",
]

[[library.algorithms]]
name = "SHA-512"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bnew\\s+(?:\\\\?phpseclib\\d*\\\\Crypt\\\\)?Hash.*sha512",
  "\\bnew\\s+Crypt_Hash.*sha512",
]

[[library.algorithms]]
name = "MD5"
primitive = "hash"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bnew\\s+(?:\\\\?phpseclib\\d*\\\\Crypt\\\\)?Hash.*md5",
  "\\bnew\\s+Crypt_Hash.*md5",
]

[[library.algorithms]]
name = "ECDSA"
primitive = "signature"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bnew\\s+(?:\\\\?phpseclib\\d*\\\\Crypt\\\\)?EC",
  "\\bEC::createKey",
]

[[library.algorithms]]
name = "DSA"
primitive = "signature"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bnew\\s+(?:\\\\?phpseclib\\d*\\\\Crypt\\\\)?DSA",
  "\\bnew\\s+Crypt_DSA",
]

[[library]]
name = "Halite (ParagonIE)"
languages = ["PHP"]
[library.patterns]
include = [
  "^\\s*use\\s+ParagonIE\\\\Halite\\\\",
]
apis = [
  "\\bParagonIE\\\\Halite\\\\[A-Za-z0-9_\\\\]+::[A-Za-z0-9_]+\\s*\\(",
]

# Algorithm definitions for Halite (ParagonIE)
# Halite is a high-level wrapper around libsodium
[[library.algorithms]]
name = "XChaCha20-Poly1305"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bHalite\\\\Symmetric\\\\Crypto::encrypt",
  "\\bHalite\\\\Symmetric\\\\Crypto::decrypt",
  "\\bSymmetric\\\\Crypto::encrypt",
  "\\bSymmetric\\\\Crypto::decrypt",
]

[[library.algorithms]]
name = "Ed25519"
primitive = "signature"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bHalite\\\\Asymmetric\\\\SignatureSecretKey",
  "\\bHalite\\\\Asymmetric\\\\Crypto::sign",
  "\\bAsymmetric\\\\Crypto::sign",
]

[[library.algorithms]]
name = "X25519"
primitive = "asymmetric"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bHalite\\\\Asymmetric\\\\Crypto::seal",
  "\\bHalite\\\\Asymmetric\\\\Crypto::unseal",
  "\\bAsymmetric\\\\Crypto::seal",
  "\\bAsymmetric\\\\Crypto::unseal",
  "\\bHalite\\\\KeyExchange",
]

[[library.algorithms]]
name = "BLAKE2b"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bHalite\\\\File::checksum",
  "\\bHalite\\\\Util::hash",
  "\\bFile::checksum",
]

[[library.algorithms]]
name = "Argon2id"
primitive = "kdf"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bHalite\\\\Password::hash",
  "\\bHalite\\\\Password::verify",
  "\\bPassword::hash",
  "\\bPassword::verify",
]

[[library.algorithms]]
name = "HMAC-BLAKE2b"
primitive = "mac"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bHalite\\\\Symmetric\\\\Crypto::authenticate",
  "\\bSymmetric\\\\Crypto::authenticate",
]

[[library.algorithms]]
name = "AES-256-CTR"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bHalite\\\\Stream\\\\MutableFile",
  "\\bHalite\\\\Stream\\\\ReadOnlyFile",
  "\\bStream\\\\MutableFile",
  "\\bStream\\\\ReadOnlyFile",
]

# =========================
# Objective-C: Apple/Common
# =========================

[[library]]
name = "Security.framework (Objective-C)"
languages = ["ObjC"]
[library.patterns]
include = [
  "^\\s*#\\s*import\\s*<Security/Security\\.h>",
]
apis = [
  "\\bSec(?:Key|Certificate|Trust|Identity)[A-Za-z0-9_]*\\b",
  "\\bkSec[A-Za-z0-9_]+\\b",
]

# Algorithm definitions for Security.framework
[[library.algorithms]]
name = "RSA"
primitive = "signature"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bkSecAttrKeyTypeRSA",
  "\\bkSecKeyAlgorithmRSA",
]

[[library]]
name = "CommonCrypto (Objective-C)"
languages = ["ObjC"]
[library.patterns]
include = [
  "^\\s*#\\s*(?:import|include)\\s*<CommonCrypto\\/[A-Za-z0-9_]+\\.h>",
  "^\\s*@import\\s+CommonCrypto\\b",
]
apis = [
  "\\bCCCrypt\\s*\\(",
  "\\bCCCryptor(?:Create|Update|Final|Release)\\s*\\(",
  "\\bCCHmac\\s*\\(",
  "\\bCC_SHA(?:1|224|256|384|512)\\s*\\(",
  "\\bCC_MD5\\s*\\(",
  "\\bCCKeyDerivationPBKDF\\s*\\(",
  "\\bCCRandomGenerateBytes\\s*\\(",
]

# Algorithm definitions for CommonCrypto (Objective-C)
[[library.algorithms]]
name = "AES"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bCCCrypt.*kCCAlgorithmAES",
  "\\bkCCAlgorithmAES",
]
[[library.algorithms.parameter_patterns]]
name = "mode"
pattern = "kCCOption[A-Za-z0-9_]*"
[[library.algorithms.parameter_patterns]]
name = "keySize"
pattern = "kCCKeySizeAES(128|192|256)"

[[library.algorithms]]
name = "SHA-256"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bCC_SHA256",
]

[[library.algorithms]]
name = "SHA-512"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bCC_SHA512",
]

[[library.algorithms]]
name = "MD5"
primitive = "hash"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bCC_MD5",
]

[[library.algorithms]]
name = "PBKDF2"
primitive = "kdf"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bCCKeyDerivationPBKDF",
]

[[library.algorithms]]
name = "DES"
primitive = "symmetric"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bCCCrypt.*kCCAlgorithmDES",
  "\\bkCCAlgorithmDES",
]

[[library.algorithms]]
name = "3DES"
primitive = "symmetric"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bCCCrypt.*kCCAlgorithm3DES",
  "\\bkCCAlgorithm3DES",
]

[[library.algorithms]]
name = "Blowfish"
primitive = "symmetric"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bCCCrypt.*kCCAlgorithmBlowfish",
  "\\bkCCAlgorithmBlowfish",
]

[[library.algorithms]]
name = "CAST5"
primitive = "symmetric"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bCCCrypt.*kCCAlgorithmCAST",
  "\\bkCCAlgorithmCAST",
]

[[library.algorithms]]
name = "RC4"
primitive = "symmetric"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bCCCrypt.*kCCAlgorithmRC4",
  "\\bkCCAlgorithmRC4",
]

[[library.algorithms]]
name = "SHA-1"
primitive = "hash"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bCC_SHA1",
]

[[library.algorithms]]
name = "SHA-224"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bCC_SHA224",
]

[[library.algorithms]]
name = "SHA-384"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bCC_SHA384",
]

[[library.algorithms]]
name = "HMAC-SHA256"
primitive = "mac"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bCCHmac.*kCCHmacAlgSHA256",
]

[[library.algorithms]]
name = "HMAC-SHA1"
primitive = "mac"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bCCHmac.*kCCHmacAlgSHA1",
]

[[library.algorithms]]
name = "HMAC-SHA512"
primitive = "mac"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bCCHmac.*kCCHmacAlgSHA512",
]

[[library.algorithms]]
name = "AES-128"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bkCCAlgorithmAES128",
]
[[library.algorithms.parameter_patterns]]
name = "keySize"
pattern = "kCCKeySizeAES(128|192|256)"

[[library.algorithms]]
name = "RC2"
primitive = "symmetric"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bkCCAlgorithmRC2",
]

[[library.algorithms]]
name = "MD2"
primitive = "hash"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bCC_MD2",
]

[[library.algorithms]]
name = "MD4"
primitive = "hash"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bCC_MD4",
]

[[library.algorithms]]
name = "HMAC-MD5"
primitive = "mac"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bCCHmac.*kCCHmacAlgMD5",
  "\\bkCCHmacAlgMD5",
]

[[library.algorithms]]
name = "HMAC-SHA224"
primitive = "mac"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bCCHmac.*kCCHmacAlgSHA224",
  "\\bkCCHmacAlgSHA224",
]

[[library.algorithms]]
name = "HMAC-SHA384"
primitive = "mac"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bCCHmac.*kCCHmacAlgSHA384",
  "\\bkCCHmacAlgSHA384",
]

[[library.algorithms]]
name = "AES-ECB"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bkCCOptionECBMode",
]
[[library.algorithms.parameter_patterns]]
name = "keySize"
pattern = "kCCKeySizeAES(128|192|256)"

[[library.algorithms]]
name = "AES-CBC"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bkCCModeCBC",
]
[[library.algorithms.parameter_patterns]]
name = "keySize"
pattern = "kCCKeySizeAES(128|192|256)"

[[library.algorithms]]
name = "AES-CFB"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bkCCModeCFB",
]
[[library.algorithms.parameter_patterns]]
name = "keySize"
pattern = "kCCKeySizeAES(128|192|256)"

[[library.algorithms]]
name = "AES-CTR"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bkCCModeCTR",
]
[[library.algorithms.parameter_patterns]]
name = "keySize"
pattern = "kCCKeySizeAES(128|192|256)"

[[library.algorithms]]
name = "AES-OFB"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bkCCModeOFB",
]
[[library.algorithms.parameter_patterns]]
name = "keySize"
pattern = "kCCKeySizeAES(128|192|256)"

[[library.algorithms]]
name = "AES-GCM"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bkCCModeGCM",
  "\\bCCCryptorGCM",
]
[[library.algorithms.parameter_patterns]]
name = "keySize"
pattern = "kCCKeySizeAES(128|192|256)"

[[library.algorithms]]
name = "HMAC"
primitive = "mac"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bCCHmac\\b",
  "\\bCCHmacInit",
  "\\bCCHmacUpdate",
  "\\bCCHmacFinal",
]

# =========================
# Objective-C: Third-party C libs used from Obj-C
# =========================

[[library]]
name = "OpenSSL (Objective-C)"
languages = ["ObjC"]
[library.patterns]
include = [
  "^\\s*#\\s*(?:import|include)\\s*<openssl/[A-Za-z0-9_./-]+>",
]
apis = [
  "\\bEVP_[A-Za-z0-9_]+\\s*\\(",
  "\\bRSA_[A-Za-z0-9_]+\\s*\\(",
  "\\bECDSA_[A-Za-z0-9_]+\\s*\\(",
  "\\bEC_KEY_[A-Za-z0-9_]+\\s*\\(",
  "\\bX509_[A-Za-z0-9_]+\\s*\\(",
  "\\bPKCS\\d_[A-Za-z0-9_]+\\s*\\(",
]

# Algorithm definitions for OpenSSL (Objective-C)
[[library.algorithms]]
name = "SHA-256"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bEVP_sha256\\s*\\(",
  "\\bEVP_Digest(?:Init|Update|Final)_ex\\s*\\(",
]

[[library.algorithms]]
name = "AES-GCM"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bEVP_aes_\\d+_gcm\\s*\\(",
]
[[library.algorithms.parameter_patterns]]
name = "keySize"
pattern = "EVP_aes_(\\d+)_gcm"

[[library.algorithms]]
name = "AES"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bEVP_aes_\\d+_(?:cbc|ctr|ofb|cfb)",
  "\\bEVP_CIPHER_CTX_",
]
[[library.algorithms.parameter_patterns]]
name = "keySize"
pattern = "EVP_aes_(\\d+)"

[[library.algorithms]]
name = "RSA"
primitive = "signature"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bRSA_sign",
  "\\bRSA_verify",
  "\\bRSA_generate_key_ex",
  "\\bRSA_new",
]

[[library.algorithms]]
name = "HMAC-SHA256"
primitive = "mac"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bHMAC\\s*\\(",
]

[[library]]
name = "libsodium (Objective-C)"
languages = ["ObjC"]
[library.patterns]
include = [
  "^\\s*#\\s*(?:import|include)\\s*<sodium(?:/[^>]+)?>",
]
apis = [
  "\\bcrypto_secretbox_(?:easy|open_easy)\\s*\\(",
  "\\bcrypto_aead_(?:x?chacha20poly1305_ietf|aes256gcm)_(?:encrypt|decrypt)\\s*\\(",
  "\\bcrypto_sign_(?:detached|verify_detached)\\s*\\(",
  "\\bcrypto_generichash\\s*\\(",
  "\\bcrypto_scalarmult\\s*\\(",
]

# =========================
# Objective-C: High-level but still primitive APIs
# =========================

[[library]]
name = "Google Tink (Objective-C)"
languages = ["ObjC"]
[library.patterns]
include = [
  "^\\s*@import\\s+Tink\\b",
  "^\\s*#\\s*import\\s*<Tink\\/[A-Za-z0-9_]+\\.h>",
  "^\\s*#\\s*import\\s*\"objc\\/TINK[A-Za-z0-9_]+\\.h\"",
]
apis = [
  "\\bTINK(?:Aead|Mac|Hybrid(?:Encrypt|Decrypt)|PublicKey(?:Sign|Verify)|KeysetHandle|Config)\\b",
  "\\b\\[TINK[A-Za-z0-9_]+Factory\\s+[A-Za-z0-9_]+WithKeysetHandle:.*\\]",
]

# Algorithm definitions for Google Tink (Objective-C)
[[library.algorithms]]
name = "AES-GCM"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bTINKAes128Gcm\\b",
  "\\bTINKAes256Gcm\\b",
  "\\bTINKAes128GcmNoPrefix\\b",
  "\\bTINKAes256GcmNoPrefix\\b",
]

[[library.algorithms]]
name = "AES-EAX"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bTINKAes128Eax\\b",
  "\\bTINKAes256Eax\\b",
]

[[library.algorithms]]
name = "AES-CTR-HMAC"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bTINKAes128CtrHmacSha256\\b",
  "\\bTINKAes256CtrHmacSha256\\b",
]

[[library.algorithms]]
name = "ChaCha20-Poly1305"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bTINKChaCha20Poly1305\\b",
]

[[library.algorithms]]
name = "XChaCha20-Poly1305"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bTINKXChaCha20Poly1305\\b",
]

[[library.algorithms]]
name = "AES-GCM-SIV"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bTINKAes128GcmSiv\\b",
  "\\bTINKAes256GcmSiv\\b",
]

[[library.algorithms]]
name = "HMAC-SHA256"
primitive = "mac"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bTINKHmacSha256\\b",
  "\\bTINKHmacSha256Tag128\\b",
  "\\bTINKHmacSha256Tag256\\b",
  "\\bTINKAesCmac\\b",
]

[[library.algorithms]]
name = "HMAC-SHA512"
primitive = "mac"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bTINKHmacSha512\\b",
  "\\bTINKHmacSha512Tag256\\b",
  "\\bTINKHmacSha512Tag512\\b",
]

[[library.algorithms]]
name = "ECDSA-P256"
primitive = "signature"
nistQuantumSecurityLevel = 1
symbol_patterns = [
  "\\bTINKEcdsaP256\\b",
  "\\bTINKEcdsaP256Ieee\\b",
  "\\bTINKEcdsaP256NoPrefixCompressedIeee\\b",
]

[[library.algorithms]]
name = "ECDSA-P384"
primitive = "signature"
nistQuantumSecurityLevel = 2
symbol_patterns = [
  "\\bTINKEcdsaP384\\b",
  "\\bTINKEcdsaP384Sha384\\b",
  "\\bTINKEcdsaP384Sha512\\b",
]

[[library.algorithms]]
name = "ECDSA-P521"
primitive = "signature"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bTINKEcdsaP521\\b",
  "\\bTINKEcdsaP521Ieee\\b",
]

[[library.algorithms]]
name = "Ed25519"
primitive = "signature"
nistQuantumSecurityLevel = 1
symbol_patterns = [
  "\\bTINKEd25519\\b",
  "\\bTINKEd25519NoPrefixCompressed\\b",
]

[[library.algorithms]]
name = "RSA-SSA-PSS"
primitive = "signature"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bTINKRsaSsaPss3072Sha256F4\\b",
  "\\bTINKRsaSsaPss4096Sha512F4\\b",
]

[[library.algorithms]]
name = "RSA-SSA-PKCS1"
primitive = "signature"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bTINKRsaSsaPkcs13072Sha256F4\\b",
  "\\bTINKRsaSsaPkcs14096Sha512F4\\b",
]

[[library.algorithms]]
name = "ECIES-P256-HKDF"
primitive = "hybrid"
nistQuantumSecurityLevel = 1
symbol_patterns = [
  "\\bTINKEciesP256HkdfHmacSha256Aes128Gcm\\b",
  "\\bTINKEciesP256HkdfHmacSha256Aes128CtrHmacSha256\\b",
  "\\bTINKEciesP256HkdfHmacSha1Aes128Cbc\\b",
  "\\bTINKEciesP256CompressedHkdf\\b",
]

[[library.algorithms]]
name = "HPKE"
primitive = "hybrid"
nistQuantumSecurityLevel = 1
symbol_patterns = [
  "\\bTINKHpkeX25519HkdfSha256Aes128Gcm\\b",
  "\\bTINKHpkeX25519HkdfSha256Aes256Gcm\\b",
  "\\bTINKHpkeX25519HkdfSha256ChaCha20Poly1305\\b",
]
# =========================
# Google Tink (Python)
[[library]]
name = "Google Tink (Python)"
languages = ["Python"]
[library.patterns]
include = [
  "^\\s*from\\s+tink\\b",
  "^\\s*import\\s+tink\\b",
]
apis = [
  "\\btink\\.(?:aead|mac|hybrid|signature|prf|streaming_aead)\\b",
  "\\btink\\.(?:JsonKeysetReader|JsonKeysetWriter|cleartext_keyset_handle|KeysetHandle)\\b",
  "\\btink\\.aead\\.Aead\\b",
  "\\btink\\.mac\\.Mac\\b",
  "\\btink\\.hybrid\\.(?:HybridEncrypt|HybridDecrypt)\\b",
  "\\btink\\.signature\\.(?:PublicKeySign|PublicKeyVerify)\\b",
  "\\btink\\.core\\.PrimitiveSet\\b",
  "\\bmac_key_templates\\.HMAC_SHA256",
  "\\btink\\.new_keyset_handle\\b",
]

# Algorithm definitions for Google Tink (Python)
[[library.algorithms]]
name = "AES-GCM"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\baead\\.aead_key_templates\\.AES\\d+_GCM",
  "\\btink\\.aead\\.aead_key_templates\\.AES\\d+_GCM",
  "\\btink\\.aead\\.AesGcmKeyManager",
]

[[library.algorithms]]
name = "AES-CTR-HMAC"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\baead\\.aead_key_templates\\.AES\\d+_CTR_HMAC_SHA256",
]

[[library.algorithms]]
name = "AES-EAX"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\baead\\.aead_key_templates\\.AES\\d+_EAX",
]

[[library.algorithms]]
name = "AES-GCM-SIV"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\baead\\.aead_key_templates\\.AES\\d+_GCM_SIV",
]

[[library.algorithms]]
name = "ChaCha20-Poly1305"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\baead\\.aead_key_templates\\.CHACHA20_POLY1305",
]

[[library.algorithms]]
name = "XChaCha20-Poly1305"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\baead\\.aead_key_templates\\.XCHACHA20_POLY1305",
]

[[library.algorithms]]
name = "HMAC-SHA256"
primitive = "mac"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bmac_key_templates\\.HMAC_SHA256",
  "\\btink\\.mac\\.mac_key_templates\\.HMAC_SHA256",
  "\\btink\\.mac\\.HmacKeyManager",
]

# =========================
# Erlang / OTP primitives
# =========================

[[library]]
name = "Erlang/OTP crypto"
languages = ["Erlang"]
[library.patterns]
# Detect explicit imports of the module (rare but possible) or empty to allow API detection
include = []
# Detect canonical crypto primitives with module-qualified calls
apis = [
  "\\bcrypto:(?:hash|hash_init|hash_update|hash_final)\\s*\\(",
  "\\bcrypto:(?:mac|mac_init|mac_update|mac_final)\\s*\\(",
  "\\bcrypto:crypto_(?:init|update|final|one_time(?:_aead)?(?:_init)?)\\s*\\(",
  "\\bcrypto:(?:compute_key|generate_key)\\s*\\(",
  "\\bcrypto:pbkdf2_hmac\\s*\\(",
  "\\bcrypto:rand_seed(?:_alg)?\\s*\\(",
  "\\bcrypto:hash_xof\\s*\\(",
  "\\bcrypto:block_encrypt\\s*\\(",
  "\\bcrypto:block_decrypt\\s*\\(",
  "\\bcrypto:stream_encrypt\\s*\\(",
  "\\bcrypto:stream_decrypt\\s*\\(",
]

# Algorithm definitions for Erlang/OTP crypto
[[library.algorithms]]
name = "AES"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bcrypto:crypto_.*aes",
  "\\baes_gcm",
  "\\baes_256_cbc",
  "\\bcrypto:block_encrypt.*aes",
]

[[library.algorithms]]
name = "SHA-256"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bcrypto:hash.*sha256",
  "\\bsha256",
  "\\bcrypto:hash\\s*\\(\\s*sha256",
]

[[library.algorithms]]
name = "PBKDF2"
primitive = "kdf"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bcrypto:pbkdf2_hmac",
]

[[library.algorithms]]
name = "AES-GCM"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\baes_gcm",
  "\\baes_\\d+_gcm",
  "\\bcrypto:crypto_one_time_aead.*aes_\\d+_gcm",
]

[[library.algorithms]]
name = "ChaCha20-Poly1305"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bchacha20_poly1305",
  "\\bcrypto:crypto_one_time_aead.*chacha20_poly1305",
]

[[library.algorithms]]
name = "SHA-1"
primitive = "hash"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bcrypto:hash.*sha1",
  "\\bsha1",
  "\\bcrypto:hash\\s*\\(\\s*sha\\s*,",
  "\\bcrypto:hash\\s*\\(\\s*sha\\)",
]

[[library.algorithms]]
name = "SHA-224"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bcrypto:hash.*sha224",
  "\\bsha224",
]

[[library.algorithms]]
name = "SHA-384"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bcrypto:hash.*sha384",
  "\\bsha384",
]

[[library.algorithms]]
name = "SHA-512"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bcrypto:hash.*sha512",
  "\\bsha512",
]

[[library.algorithms]]
name = "SHA3-224"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bcrypto:hash.*sha3_224",
  "\\bsha3_224",
]

[[library.algorithms]]
name = "SHA3-256"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bcrypto:hash.*sha3_256",
  "\\bsha3_256",
]

[[library.algorithms]]
name = "SHA3-384"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bcrypto:hash.*sha3_384",
  "\\bsha3_384",
]

[[library.algorithms]]
name = "SHA3-512"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bcrypto:hash.*sha3_512",
  "\\bsha3_512",
]

[[library.algorithms]]
name = "SHAKE128"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bcrypto:hash_xof.*shake128",
  "\\bshake128",
]

[[library.algorithms]]
name = "SHAKE256"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bcrypto:hash_xof.*shake256",
  "\\bshake256",
]

[[library.algorithms]]
name = "MD5"
primitive = "hash"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bcrypto:hash.*md5",
  "\\bmd5",
]

[[library.algorithms]]
name = "BLAKE2b"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bcrypto:hash.*blake2b",
  "\\bblake2b",
]

[[library.algorithms]]
name = "BLAKE2s"
primitive = "hash"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bcrypto:hash.*blake2s",
  "\\bblake2s",
]

[[library.algorithms]]
name = "RIPEMD-160"
primitive = "hash"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bcrypto:hash.*ripemd160",
  "\\bripemd160",
]

[[library.algorithms]]
name = "HMAC-SHA256"
primitive = "mac"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\bcrypto:mac.*hmac.*sha256",
]

[[library.algorithms]]
name = "DES"
primitive = "symmetric"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bdes_cbc",
  "\\bdes_ecb",
  "\\bcrypto:block_encrypt.*des_cbc",
]

[[library.algorithms]]
name = "3DES"
primitive = "symmetric"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bdes3_cbc",
  "\\bdes_ede3_cbc",
  "\\bcrypto:block_encrypt.*des3_cbc",
]

[[library.algorithms]]
name = "Blowfish"
primitive = "symmetric"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\bblowfish_cbc",
  "\\bblowfish_ecb",
  "\\bcrypto:block_encrypt.*blowfish",
]

[[library.algorithms]]
name = "RC4"
primitive = "symmetric"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\brc4",
  "\\bcrypto:stream_encrypt.*rc4",
]

[[library]]
name = "Erlang/OTP public_key"
languages = ["Erlang"]
[library.patterns]
# Record/include line commonly present when using PKI/ASN.1 records
include = [
  "^\\s*-include_lib\\s*\\(\\s*\"public_key/include/public_key\\.hrl\"\\s*\\)",
]
apis = [
  "\\bpublic_key:(?:sign|verify)\\s*\\(",
  "\\bpublic_key:(?:encrypt_public|decrypt_private|encrypt_private|decrypt_public)\\s*\\(",
  "\\bpublic_key:(?:pem_decode|pem_entry_decode|der_decode|der_encode)\\s*\\(",
  "\\bpublic_key:(?:compute_key|generate_key)\\s*\\(",
]

# =========================
# Third-party primitive libs
# =========================

[[library]]
name = "enacl (libsodium/NaCl)"
languages = ["Erlang"]
[library.patterns]
include = []
apis = [
  "\\benacl:(?:secretbox|box(?:_open)?|box_(?:beforenm|afternm|keypair)|box_seal(?:_open)?)\\s*\\(",
  "\\benacl:aead_(?:x?chacha20poly1305_ietf)_(?:encrypt|decrypt)\\s*\\(",
  "\\benacl:(?:generichash(?:_init|_update|_final)?|hash)\\s*\\(",
  "\\benacl:(?:crypto_sign_ed25519_(?:keypair|sk_to_pk|public_to_curve25519|secret_to_curve25519))\\s*\\(",
  "\\benacl:(?:curve25519_scalarmult(?:_base)?)\\s*\\(",
  "\\benacl:(?:pwhash|pwhash_str_verify)\\s*\\(",
  "\\benacl:randombytes(?:_uniform|_uint32)?\\s*\\(",
]

# Algorithm definitions for enacl
[[library.algorithms]]
name = "X25519"
primitive = "asymmetric"
nistQuantumSecurityLevel = 0
symbol_patterns = [
  "\\benacl:box_keypair",
  "\\benacl:box\\s*\\(",
]

[[library.algorithms]]
name = "XSalsa20-Poly1305"
primitive = "symmetric"
nistQuantumSecurityLevel = 3
symbol_patterns = [
  "\\benacl:secretbox\\s*\\(",
  "\\benacl:box(?:_open)?\\s*\\(",
]

[[library]]
name = "bcrypt (Erlang)"
languages = ["Erlang"]
[library.patterns]
include = []
apis = [
  "\\bbcrypt:(?:gen_salt|hashpw|checkpw)\\s*\\(",
]