[FEATURE]: Add SPAKE2 (RFC 9382) and SPAKE2+ (RFC 9383) to Cryptography Registry

[Mehrn0ush]

Summary

SPAKE2 (RFC 9382) and SPAKE2+ (RFC 9383) are currently missing from
schema/cryptography-defs.json. This issue proposes adding both algorithms
to the Cryptography Registry.

Specifications

• RFC 9382 — SPAKE2: https://doi.org/10.17487/RFC9382
• RFC 9383 — SPAKE2+: https://doi.org/10.17487/RFC9383

Rationale

• Both SPAKE2 and SPAKE2+ are modern PAKE protocols standardized by the IETF.
• They are widely referenced in contemporary authentication designs.
• Adding them enables accurate SBOM/CBOM representation of PAKE-based systems.

Proposed registry entries

Add the following entries to algorithms[] in schema/cryptography-defs.json,
placed alphabetically near other key-agreement mechanisms:

{
  "family": "SPAKE2",
  "standard": [
    {
      "name": "RFC9382",
      "url": "https://doi.org/10.17487/RFC9382"
    }
  ],
  "variant": [
    {
      "pattern": "SPAKE2",
      "primitive": "key-agree"
    },
    {
      "pattern": "SPAKE2[-{group}][-{hashFunction}][-{kdf}][-{mac}]",
      "primitive": "key-agree"
    }
  ]
},
{
  "family": "SPAKE2PLUS",
  "standard": [
    {
      "name": "RFC9383",
      "url": "https://doi.org/10.17487/RFC9383"
    }
  ],
  "variant": [
    {
      "pattern": "SPAKE2+",
      "primitive": "key-agree"
    },
    {
      "pattern": "SPAKE2+[-{group}][-{hashFunction}][-{kdf}][-{mac}]",
      "primitive": "key-agree"
    }
  ]
}

Notes

SPAKE2 and SPAKE2+ are defined as separate families since they are
distinct protocols (symmetric PAKE vs augmented PAKE).

The family name SPAKE2PLUS avoids special characters, while the pattern
preserves the RFC-defined algorithm name SPAKE2+.

[stevespringett]

cc: @bhess

[bhess]

@stevespringett this could be closed now that #798 landed.