Extend cryptography-related behaviors

schema/2.0/model/cyclonedx-behavior-2.0.schema.json

@@ -802,23 +802,49 @@
         "security:authorization:revokesAccess",
         "security:authorization:revokesImpersonation",
         "security:cryptography",
+        "security:cryptography:authenticates",
         "security:cryptography:checksRevocation",
         "security:cryptography:decryptsData",
+        "security:cryptography:decryptsDataAtRest",
+        "security:cryptography:decryptsDataInTransit",
+        "security:cryptography:decryptsDisk",
+        "security:cryptography:decryptsSecret",
         "security:cryptography:destroysKey",
         "security:cryptography:encryptsData",
+        "security:cryptography:encryptsDataAtRest",
+        "security:cryptography:encryptsDataInTransit",
+        "security:cryptography:encryptsDisk",
+        "security:cryptography:encryptsSecret",
+        "security:cryptography:ensuresAccountability",
+        "security:cryptography:ensuresConfidentiality",
+        "security:cryptography:ensuresIntegrity",
+        "security:cryptography:ensuresNonRepudiation",
         "security:cryptography:exchangesKey",
         "security:cryptography:generatesKey",
         "security:cryptography:generatesRandomValue",
         "security:cryptography:hashesData",
+        "security:cryptography:hashesPassword",
+        "security:cryptography:identifies",
         "security:cryptography:issuesCertificate",
+        "security:cryptography:preservesPrivacy",
+        "security:cryptography:presentsClientCertificate",
+        "security:cryptography:presentsServerCertificate",
         "security:cryptography:retrievesKey",
         "security:cryptography:revokesCertificate",
         "security:cryptography:rotatesKey",
+        "security:cryptography:signsCode",
         "security:cryptography:signsData",
+        "security:cryptography:signsDocument",
         "security:cryptography:storesKey",
+        "security:cryptography:usesIdentity",
         "security:cryptography:validatesCertificate",
+        "security:cryptography:validatesToken",
+        "security:cryptography:verifiesCodeSignature",
+        "security:cryptography:verifiesDataSignature",
+        "security:cryptography:verifiesDocumentSignature",
         "security:cryptography:verifiesHash",
         "security:cryptography:verifiesSignature",
+        "security:cryptography:wrapsKey",
         "security:errorHandling",
         "security:errorHandling:catchesException",
         "security:errorHandling:disclosesErrorDetails",
@@ -1518,23 +1544,49 @@
         "security:authorization:revokesAccess": "The entity withdraws previously granted permissions.",
         "security:authorization:revokesImpersonation": "The entity terminates another's permission to act on its behalf.",
         "security:cryptography": "Behaviours that employ cryptographic operations to protect data confidentiality and integrity.",
+        "security:cryptography:authenticates": "The entity verifies the identity of a user, process, or device.",
         "security:cryptography:checksRevocation": "The entity queries certificate revocation status.",
         "security:cryptography:decryptsData": "The entity restores encrypted data to readable form.",
+        "security:cryptography:decryptsDataAtRest": "The entity restores stored encrypted data to readable form.",
+        "security:cryptography:decryptsDataInTransit": "The entity restores data received over a network to readable form.",
+        "security:cryptography:decryptsDisk": "The entity unlocks and decrypts contents of an encrypted disk.",
+        "security:cryptography:decryptsSecret": "The entity retrieves and decrypts a secured credential or metadata.",
         "security:cryptography:destroysKey": "The entity securely erases a key.",
         "security:cryptography:encryptsData": "The entity transforms data to prevent unauthorised reading.",
+        "security:cryptography:encryptsDataAtRest": "The entity protects stored data by converting it to unreadable form.",
+        "security:cryptography:encryptsDataInTransit": "The entity protects data moving across a network.",
+        "security:cryptography:encryptsDisk": "The entity applies full-disk encryption to protect all data on a drive.",
+        "security:cryptography:encryptsSecret": "The entity secures sensitive credentials or metadata.",
+        "security:cryptography:ensuresAccountability": "The entity ensures actions can be traced to a specific individual or process.",
+        "security:cryptography:ensuresConfidentiality": "The entity protects sensitive information from unauthorised access.",
+        "security:cryptography:ensuresIntegrity": "The entity guarantees that data has not been altered or tampered with.",
+        "security:cryptography:ensuresNonRepudiation": "The entity provides proof of origin and integrity to prevent denial.",
         "security:cryptography:exchangesKey": "The entity shares a key with another party.",
         "security:cryptography:generatesKey": "The entity creates a cryptographic key.",
         "security:cryptography:generatesRandomValue": "The entity produces a cryptographically secure random value.",
         "security:cryptography:hashesData": "The entity generates a cryptographic hash.",
+        "security:cryptography:hashesPassword": "The entity applies a cryptographic hash function to a password.",
+        "security:cryptography:identifies": "The entity establishes a unique identity for an actor within the system.",
         "security:cryptography:issuesCertificate": "The entity creates and signs a digital certificate.",
+        "security:cryptography:preservesPrivacy": "The entity protects personally identifiable information and user data.",
+        "security:cryptography:presentsClientCertificate": "The entity provides a client certificate for authentication.",
+        "security:cryptography:presentsServerCertificate": "The entity provides a server certificate for authentication.",
         "security:cryptography:retrievesKey": "The entity obtains a stored key.",
         "security:cryptography:revokesCertificate": "The entity invalidates a certificate.",
         "security:cryptography:rotatesKey": "The entity replaces a key with a new one.",
+        "security:cryptography:signsCode": "The entity applies a digital signature to executable code.",
         "security:cryptography:signsData": "The entity creates a digital signature.",
+        "security:cryptography:signsDocument": "The entity applies a digital signature to a document.",
         "security:cryptography:storesKey": "The entity saves a key securely.",
+        "security:cryptography:usesIdentity": "The entity utilises established identity credentials for operations.",
         "security:cryptography:validatesCertificate": "The entity verifies certificate authenticity.",
+        "security:cryptography:validatesToken": "The entity verifies the authenticity and expiration of a security token.",
+        "security:cryptography:verifiesCodeSignature": "The entity validates a digital signature on executable code.",
+        "security:cryptography:verifiesDataSignature": "The entity validates a digital signature on data.",
+        "security:cryptography:verifiesDocumentSignature": "The entity validates a digital signature on a document.",
         "security:cryptography:verifiesHash": "The entity validates data against a hash.",
         "security:cryptography:verifiesSignature": "The entity validates a digital signature.",
+        "security:cryptography:wrapsKey": "The entity encrypts a key for secure storage or transport.",
         "security:errorHandling": "Behaviours that manage error conditions to prevent information disclosure.",
         "security:errorHandling:catchesException": "The entity intercepts an error condition.",
         "security:errorHandling:disclosesErrorDetails": "The entity reveals internal information in error messages.",