kdf: add shorthand method for Argon2id

rhenium · rhenium · commit 7ef5fbfbd64a · 2025-07-04T19:08:12.000+09:00
diff --git a/lib/openssl.rb b/lib/openssl.rb
@@ -22,6 +22,7 @@
 require_relative 'openssl/ssl'
 require_relative 'openssl/pkcs5'
 require_relative 'openssl/version'
+require_relative 'openssl/kdf'
 
 module OpenSSL
   # call-seq:
diff --git a/lib/openssl/kdf.rb b/lib/openssl/kdf.rb
@@ -0,0 +1,30 @@
+# frozen_string_literal: true
+
+module OpenSSL
+  module KDF
+    if respond_to?(:derive)
+      # Argon2id, a variant of Argon2, is a password hashing function
+      # described in {RFC 9106}[https://www.rfc-editor.org/rfc/rfc9106].
+      #
+      # Available when compiled with \OpenSSL 3.2 or later.
+      #
+      # === Parameters
+      # pass::    Passowrd to be hashed. Message string +P+ in RFC 9106.
+      # salt::    Salt. Nonce +S+ in RFC 9106.
+      # lanes::   Degree of parallelism. +p+ in RFC 9106.
+      # length::  Desired output length in bytes. Tag length +T+ in RFC 9106.
+      # memcost:: Memory size in the number of kibibytes. +m+ in RFC 9106.
+      # iter::    Number of passes. +t+ in RFC 9106.
+      # secret::  Secret value. +K+ in RFC 9106.
+      # ad::      Associated data. +X+ in RFC 9106.
+      def self.argon2id(pass, salt:, lanes:, length:, memcost:, iter:,
+                        secret: "", ad: "")
+        params = {
+          pass: pass, salt: salt, lanes: lanes, memcost: memcost, iter: iter,
+          secret: secret, ad: ad,
+        }
+        derive("ARGON2ID", length, params)
+      end
+    end
+  end
+end
diff --git a/test/openssl/test_kdf.rb b/test/openssl/test_kdf.rb
@@ -201,6 +201,18 @@ def test_derive
     }
   end if openssl?(3, 0, 0) || OpenSSL::KDF.respond_to?(:derive)
 
+  def test_argon2id_rfc9106
+    password = B("01" * 32)
+    salt = B("02" * 16)
+    secret = B("03" * 8)
+    ad = B("04" * 12)
+    tag = B("0d640df58d78766c08c037a34a8b53c9d0" \
+            "1ef0452d75b65eb52520e96b01e659")
+    ret = OpenSSL::KDF.argon2id(password, salt: salt, lanes: 4, length: 32,
+                                memcost: 32, iter: 3, secret: secret, ad: ad)
+    assert_equal(tag, ret)
+  end if openssl?(3, 2, 0)
+
   private
 
   def B(ary)
