add Argon2ParametersGenerator Class

CryptoLib.Samples/Delphi.Samples/UsageSamples.dpr

@@ -341,6 +341,8 @@ uses
   ClpAgreementUtilities in '..\..\CryptoLib\src\Security\ClpAgreementUtilities.pas',
   ClpKdf1BytesGenerator in '..\..\CryptoLib\src\Crypto\Generators\ClpKdf1BytesGenerator.pas',
   ClpIKdf1BytesGenerator in '..\..\CryptoLib\src\Interfaces\ClpIKdf1BytesGenerator.pas',
+  ClpIArgon2ParametersGenerator in '..\..\CryptoLib\src\Interfaces\ClpIArgon2ParametersGenerator.pas',
+  ClpArgon2ParametersGenerator in '..\..\CryptoLib\src\Crypto\Generators\ClpArgon2ParametersGenerator.pas',
   UsageExamples in '..\src\UsageExamples.pas';
 
 begin

CryptoLib.Tests/Delphi.Tests/CryptoLib.Tests.TestInsight.dpr

@@ -351,6 +351,8 @@ uses
   ClpAgreementUtilities in '..\..\CryptoLib\src\Security\ClpAgreementUtilities.pas',
   ClpKdf1BytesGenerator in '..\..\CryptoLib\src\Crypto\Generators\ClpKdf1BytesGenerator.pas',
   ClpIKdf1BytesGenerator in '..\..\CryptoLib\src\Interfaces\ClpIKdf1BytesGenerator.pas',
+  ClpIArgon2ParametersGenerator in '..\..\CryptoLib\src\Interfaces\ClpIArgon2ParametersGenerator.pas',
+  ClpArgon2ParametersGenerator in '..\..\CryptoLib\src\Crypto\Generators\ClpArgon2ParametersGenerator.pas',
   ClpFixedSecureRandom in '..\src\Utils\ClpFixedSecureRandom.pas',
   ClpIFixedSecureRandom in '..\src\Utils\ClpIFixedSecureRandom.pas',
   ClpIShortenedDigest in '..\src\Utils\ClpIShortenedDigest.pas',
@@ -415,7 +417,8 @@ uses
   Ed25519HigherLevelTests in '..\src\Others\Ed25519HigherLevelTests.pas',
   ShortenedDigestTests in '..\src\Others\ShortenedDigestTests.pas',
   Kdf1GeneratorTests in '..\src\Crypto\Kdf1GeneratorTests.pas',
-  Kdf2GeneratorTests in '..\src\Crypto\Kdf2GeneratorTests.pas';
+  Kdf2GeneratorTests in '..\src\Crypto\Kdf2GeneratorTests.pas',
+  Argon2Tests in '..\src\Crypto\Argon2Tests.pas';
 
 begin
 

CryptoLib.Tests/Delphi.Tests/CryptoLib.Tests.dpr

@@ -354,6 +354,8 @@ uses
   ClpAgreementUtilities in '..\..\CryptoLib\src\Security\ClpAgreementUtilities.pas',
   ClpKdf1BytesGenerator in '..\..\CryptoLib\src\Crypto\Generators\ClpKdf1BytesGenerator.pas',
   ClpIKdf1BytesGenerator in '..\..\CryptoLib\src\Interfaces\ClpIKdf1BytesGenerator.pas',
+  ClpIArgon2ParametersGenerator in '..\..\CryptoLib\src\Interfaces\ClpIArgon2ParametersGenerator.pas',
+  ClpArgon2ParametersGenerator in '..\..\CryptoLib\src\Crypto\Generators\ClpArgon2ParametersGenerator.pas',
   ClpFixedSecureRandom in '..\src\Utils\ClpFixedSecureRandom.pas',
   ClpIFixedSecureRandom in '..\src\Utils\ClpIFixedSecureRandom.pas',
   ClpIShortenedDigest in '..\src\Utils\ClpIShortenedDigest.pas',
@@ -418,7 +420,8 @@ uses
   Ed25519HigherLevelTests in '..\src\Others\Ed25519HigherLevelTests.pas',
   ShortenedDigestTests in '..\src\Others\ShortenedDigestTests.pas',
   Kdf1GeneratorTests in '..\src\Crypto\Kdf1GeneratorTests.pas',
-  Kdf2GeneratorTests in '..\src\Crypto\Kdf2GeneratorTests.pas';
+  Kdf2GeneratorTests in '..\src\Crypto\Kdf2GeneratorTests.pas',
+  Argon2Tests in '..\src\Crypto\Argon2Tests.pas';
 
 begin
 

CryptoLib.Tests/FreePascal.Tests/CryptoLib.Tests.lpi

@@ -77,7 +77,7 @@
         <PackageName Value="FCL"/>
       </Item4>
     </RequiredPackages>
-    <Units Count="66">
+    <Units Count="67">
       <Unit0>
         <Filename Value="CryptoLib.lpr"/>
         <IsPartOfProject Value="True"/>
@@ -343,6 +343,10 @@
         <Filename Value="..\src\Crypto\Kdf1GeneratorTests.pas"/>
         <IsPartOfProject Value="True"/>
       </Unit65>
+      <Unit66>
+        <Filename Value="..\src\Crypto\Argon2Tests.pas"/>
+        <IsPartOfProject Value="True"/>
+      </Unit66>
     </Units>
   </ProjectOptions>
   <CompilerOptions>

CryptoLib.Tests/FreePascal.Tests/CryptoLib.lpr

@@ -67,6 +67,7 @@ uses
   ShortenedDigestTests,
   Kdf1GeneratorTests,
   Kdf2GeneratorTests,
+  Argon2Tests,
   ClpFixedSecureRandom,
   ClpIFixedSecureRandom,
   ClpShortenedDigest,

CryptoLib.Tests/FreePascal.Tests/CryptoLibConsole.Tests.lpi

@@ -37,7 +37,7 @@
         <PackageName Value="FCL"/>
       </Item2>
     </RequiredPackages>
-    <Units Count="66">
+    <Units Count="67">
       <Unit0>
         <Filename Value="CryptoLibConsole.lpr"/>
         <IsPartOfProject Value="True"/>
@@ -302,6 +302,10 @@
         <Filename Value="..\src\Crypto\Kdf2GeneratorTests.pas"/>
         <IsPartOfProject Value="True"/>
       </Unit65>
+      <Unit66>
+        <Filename Value="..\src\Crypto\Argon2Tests.pas"/>
+        <IsPartOfProject Value="True"/>
+      </Unit66>
     </Units>
   </ProjectOptions>
   <CompilerOptions>

CryptoLib.Tests/FreePascal.Tests/CryptoLibConsole.lpr

@@ -65,6 +65,7 @@ uses
   ShortenedDigestTests,
   Kdf1GeneratorTests,
   Kdf2GeneratorTests,
+  Argon2Tests,
   ClpFixedSecureRandom,
   ClpIFixedSecureRandom,
   ClpShortenedDigest,

CryptoLib.Tests/src/Crypto/Argon2Tests.pas

@@ -0,0 +1,292 @@
+{ *********************************************************************************** }
+{ *                              CryptoLib Library                                  * }
+{ *                Copyright (c) 2018 - 20XX Ugochukwu Mmaduekwe                    * }
+{ *                 Github Repository <https://github.com/Xor-el>                   * }
+
+{ *  Distributed under the MIT software license, see the accompanying file LICENSE  * }
+{ *          or visit http://www.opensource.org/licenses/mit-license.php.           * }
+
+{ *                              Acknowledgements:                                  * }
+{ *                                                                                 * }
+{ *      Thanks to Sphere 10 Software (http://www.sphere10.com/) for sponsoring     * }
+{ *                           development of this library                           * }
+
+{ * ******************************************************************************* * }
+
+(* &&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&& *)
+
+unit Argon2Tests;
+
+interface
+
+{$IFDEF FPC}
+{$MODE DELPHI}
+{$ENDIF FPC}
+
+uses
+  SysUtils,
+{$IFDEF FPC}
+  fpcunit,
+  testregistry,
+{$ELSE}
+  TestFramework,
+{$ENDIF FPC}
+  ClpIKeyParameter,
+  ClpArgon2ParametersGenerator,
+  ClpIArgon2ParametersGenerator,
+  ClpConverters,
+  ClpCryptoLibTypes;
+
+type
+
+  TCryptoLibTestCase = class abstract(TTestCase)
+
+  end;
+
+type
+
+  /// <summary>
+  /// A test class for Argon2.
+  /// </summary>
+  TTestArgon2 = class(TCryptoLibTestCase)
+
+  private
+
+    const
+    // multiplied by 8 to get it in bits
+    DEFAULT_OUTPUTLEN_IN_BITS = Int32(32 * 8);
+
+    procedure HashTestFromInternetDraft(AArgon2Type: TArgon2Type;
+      AArgon2Version: TArgon2Version; AIterations, AMemoryAsKB,
+      AParallelism: Int32; const AAdditional, ASecret, ASalt, APassword,
+      APasswordRef: String; AOutputLength: Int32);
+
+    procedure HashTestOthers(AArgon2Type: TArgon2Type;
+      AArgon2Version: TArgon2Version; AIterations, AMemory, AParallelism: Int32;
+      const APassword, ASalt, APasswordRef: String; AOutputLength: Int32);
+
+  protected
+
+    procedure SetUp; override;
+    procedure TearDown; override;
+  published
+
+    procedure TestVectorsFromInternetDraft;
+    procedure TestOthers;
+
+  end;
+
+implementation
+
+{ TTestArgon2 }
+
+procedure TTestArgon2.HashTestFromInternetDraft(AArgon2Type: TArgon2Type;
+  AArgon2Version: TArgon2Version; AIterations, AMemoryAsKB, AParallelism: Int32;
+  const AAdditional, ASecret, ASalt, APassword, APasswordRef: String;
+  AOutputLength: Int32);
+var
+  LArgon2Generator: IArgon2ParametersGenerator;
+  LActual: String;
+  LAdditional, LSecret, LSalt, LPassword: TCryptoLibByteArray;
+begin
+
+  LAdditional := TConverters.ConvertHexStringToBytes(AAdditional);
+  LSecret := TConverters.ConvertHexStringToBytes(ASecret);
+  LSalt := TConverters.ConvertHexStringToBytes(ASalt);
+  LPassword := TConverters.ConvertHexStringToBytes(APassword);
+
+  LArgon2Generator := TArgon2ParametersGenerator.Create();
+
+  //
+  // Set the parameters.
+  //
+
+  LArgon2Generator.Init(AArgon2Type, AArgon2Version, LPassword, LSalt, LSecret,
+    LAdditional, AIterations, AMemoryAsKB, AParallelism, True);
+
+  LActual := TConverters.ConvertBytesToHexString
+    ((LArgon2Generator.GenerateDerivedMacParameters(AOutputLength)
+    as IKeyParameter).GetKey(), False);
+
+  CheckEquals(APasswordRef, LActual, Format('Expected %s but got %s.',
+    [APasswordRef, LActual]));
+
+end;
+
+procedure TTestArgon2.HashTestOthers(AArgon2Type: TArgon2Type;
+  AArgon2Version: TArgon2Version; AIterations, AMemory, AParallelism: Int32;
+  const APassword, ASalt, APasswordRef: String; AOutputLength: Int32);
+var
+  LArgon2Generator: IArgon2ParametersGenerator;
+  LSalt, LPassword: TCryptoLibByteArray;
+  LActual: String;
+begin
+
+  LSalt := TConverters.ConvertStringToBytes(ASalt, TEncoding.ASCII);
+  LPassword := TConverters.ConvertStringToBytes(APassword, TEncoding.ASCII);
+
+  LArgon2Generator := TArgon2ParametersGenerator.Create();
+
+  //
+  // Set the parameters.
+  //
+
+  LArgon2Generator.Init(AArgon2Type, AArgon2Version, LPassword, LSalt, Nil, Nil,
+    AIterations, AMemory, AParallelism, False);
+
+  LActual := TConverters.ConvertBytesToHexString
+    ((LArgon2Generator.GenerateDerivedMacParameters(AOutputLength)
+    as IKeyParameter).GetKey(), False);
+
+  CheckEquals(APasswordRef, LActual, Format('Expected %s but got %s.',
+    [APasswordRef, LActual]));
+
+end;
+
+procedure TTestArgon2.SetUp;
+begin
+  inherited;
+
+end;
+
+procedure TTestArgon2.TearDown;
+begin
+  inherited;
+
+end;
+
+procedure TTestArgon2.TestVectorsFromInternetDraft;
+var
+  LAdditional, LSecret, LSalt, LPassword: String;
+  Argon2Version: TArgon2Version;
+  Argon2Type: TArgon2Type;
+begin
+
+  LAdditional := '040404040404040404040404';
+  LSecret := '0303030303030303';
+  LSalt := '02020202020202020202020202020202';
+  LPassword :=
+    '0101010101010101010101010101010101010101010101010101010101010101';
+
+  Argon2Version := TArgon2Version.a2vARGON2_VERSION_13;
+
+  Argon2Type := TArgon2Type.a2tARGON2_d;
+
+  HashTestFromInternetDraft(Argon2Type, Argon2Version, 3, 32, 4, LAdditional,
+    LSecret, LSalt, LPassword,
+    '512B391B6F1162975371D30919734294F868E3BE3984F3C1A13A4DB9FABE4ACB',
+    DEFAULT_OUTPUTLEN_IN_BITS);
+
+  Argon2Type := TArgon2Type.a2tARGON2_i;
+
+  HashTestFromInternetDraft(Argon2Type, Argon2Version, 3, 32, 4, LAdditional,
+    LSecret, LSalt, LPassword,
+    'C814D9D1DC7F37AA13F0D77F2494BDA1C8DE6B016DD388D29952A4C4672B6CE8',
+    DEFAULT_OUTPUTLEN_IN_BITS);
+
+  Argon2Type := TArgon2Type.a2tARGON2_id;
+
+  HashTestFromInternetDraft(Argon2Type, Argon2Version, 3, 32, 4, LAdditional,
+    LSecret, LSalt, LPassword,
+    '0D640DF58D78766C08C037A34A8B53C9D01EF0452D75B65EB52520E96B01E659',
+    DEFAULT_OUTPUTLEN_IN_BITS);
+
+end;
+
+procedure TTestArgon2.TestOthers;
+var
+  Argon2Version: TArgon2Version;
+  Argon2Type: TArgon2Type;
+begin
+
+  Argon2Version := TArgon2Version.a2vARGON2_VERSION_10;
+  Argon2Type := TArgon2Type.a2tARGON2_i;
+
+  // Multiple test cases for various input values
+  HashTestOthers(Argon2Type, Argon2Version, 2, 16, 1, 'password', 'somesalt',
+    'F6C4DB4A54E2A370627AFF3DB6176B94A2A209A62C8E36152711802F7B30C694',
+    DEFAULT_OUTPUTLEN_IN_BITS);
+
+  HashTestOthers(Argon2Type, Argon2Version, 2, 20, 1, 'password', 'somesalt',
+    '9690EC55D28D3ED32562F2E73EA62B02B018757643A2AE6E79528459DE8106E9',
+    DEFAULT_OUTPUTLEN_IN_BITS);
+
+  HashTestOthers(Argon2Type, Argon2Version, 2, 18, 1, 'password', 'somesalt',
+    '3E689AAA3D28A77CF2BC72A51AC53166761751182F1EE292E3F677A7DA4C2467',
+    DEFAULT_OUTPUTLEN_IN_BITS);
+
+  HashTestOthers(Argon2Type, Argon2Version, 2, 8, 1, 'password', 'somesalt',
+    'FD4DD83D762C49BDEAF57C47BDCD0C2F1BABF863FDEB490DF63EDE9975FCCF06',
+    DEFAULT_OUTPUTLEN_IN_BITS);
+  HashTestOthers(Argon2Type, Argon2Version, 2, 8, 2, 'password', 'somesalt',
+    'B6C11560A6A9D61EAC706B79A2F97D68B4463AA3AD87E00C07E2B01E90C564FB',
+    DEFAULT_OUTPUTLEN_IN_BITS);
+  HashTestOthers(Argon2Type, Argon2Version, 1, 16, 1, 'password', 'somesalt',
+    '81630552B8F3B1F48CDB1992C4C678643D490B2B5EB4FF6C4B3438B5621724B2',
+    DEFAULT_OUTPUTLEN_IN_BITS);
+  HashTestOthers(Argon2Type, Argon2Version, 4, 16, 1, 'password', 'somesalt',
+    'F212F01615E6EB5D74734DC3EF40ADE2D51D052468D8C69440A3A1F2C1C2847B',
+    DEFAULT_OUTPUTLEN_IN_BITS);
+  HashTestOthers(Argon2Type, Argon2Version, 2, 16, 1, 'differentpassword',
+    'somesalt',
+    'E9C902074B6754531A3A0BE519E5BAF404B30CE69B3F01AC3BF21229960109A3',
+    DEFAULT_OUTPUTLEN_IN_BITS);
+  HashTestOthers(Argon2Type, Argon2Version, 2, 16, 1, 'password', 'diffsalt',
+    '79A103B90FE8AEF8570CB31FC8B22259778916F8336B7BDAC3892569D4F1C497',
+    DEFAULT_OUTPUTLEN_IN_BITS);
+
+  HashTestOthers(Argon2Type, Argon2Version, 2, 16, 1, 'password', 'diffsalt',
+    '1A097A5D1C80E579583F6E19C7E4763CCB7C522CA85B7D58143738E12CA39F8E6E42734C950FF2463675B97C37BA'
+    + '39FEBA4A9CD9CC5B4C798F2AAF70EB4BD044C8D148DECB569870DBD923430B82A083F284BEAE777812CCE18CDAC68EE8CCEF'
+    + 'C6EC9789F30A6B5A034591F51AF830F4', 112 * 8);
+
+  Argon2Version := TArgon2Version.a2vARGON2_VERSION_13;
+  Argon2Type := TArgon2Type.a2tARGON2_i;
+  // Multiple test cases for various input values
+
+  HashTestOthers(Argon2Type, Argon2Version, 2, 16, 1, 'password', 'somesalt',
+    'C1628832147D9720C5BD1CFD61367078729F6DFB6F8FEA9FF98158E0D7816ED0',
+    DEFAULT_OUTPUTLEN_IN_BITS);
+
+  HashTestOthers(Argon2Type, Argon2Version, 2, 20, 1, 'password', 'somesalt',
+    'D1587ACA0922C3B5D6A83EDAB31BEE3C4EBAEF342ED6127A55D19B2351AD1F41',
+    DEFAULT_OUTPUTLEN_IN_BITS);
+
+  HashTestOthers(Argon2Type, Argon2Version, 2, 18, 1, 'password', 'somesalt',
+    '296DBAE80B807CDCEAAD44AE741B506F14DB0959267B183B118F9B24229BC7CB',
+    DEFAULT_OUTPUTLEN_IN_BITS);
+
+  HashTestOthers(Argon2Type, Argon2Version, 2, 8, 1, 'password', 'somesalt',
+    '89E9029F4637B295BEB027056A7336C414FADD43F6B208645281CB214A56452F',
+    DEFAULT_OUTPUTLEN_IN_BITS);
+
+  HashTestOthers(Argon2Type, Argon2Version, 2, 8, 2, 'password', 'somesalt',
+    '4FF5CE2769A1D7F4C8A491DF09D41A9FBE90E5EB02155A13E4C01E20CD4EAB61',
+    DEFAULT_OUTPUTLEN_IN_BITS);
+  HashTestOthers(Argon2Type, Argon2Version, 1, 16, 1, 'password', 'somesalt',
+    'D168075C4D985E13EBEAE560CF8B94C3B5D8A16C51916B6F4AC2DA3AC11BBECF',
+    DEFAULT_OUTPUTLEN_IN_BITS);
+  HashTestOthers(Argon2Type, Argon2Version, 4, 16, 1, 'password', 'somesalt',
+    'AAA953D58AF3706CE3DF1AEFD4A64A84E31D7F54175231F1285259F88174CE5B',
+    DEFAULT_OUTPUTLEN_IN_BITS);
+  HashTestOthers(Argon2Type, Argon2Version, 2, 16, 1, 'differentpassword',
+    'somesalt',
+    '14AE8DA01AFEA8700C2358DCEF7C5358D9021282BD88663A4562F59FB74D22EE',
+    DEFAULT_OUTPUTLEN_IN_BITS);
+  HashTestOthers(Argon2Type, Argon2Version, 2, 16, 1, 'password', 'diffsalt',
+    'B0357CCCFBEF91F3860B0DBA447B2348CBEFECADAF990ABFE9CC40726C521271',
+    DEFAULT_OUTPUTLEN_IN_BITS);
+
+end;
+
+initialization
+
+// Register any test cases with the test runner
+
+{$IFDEF FPC}
+  RegisterTest(TTestArgon2);
+{$ELSE}
+  RegisterTest(TTestArgon2.Suite);
+{$ENDIF FPC}
+
+end.

CryptoLib/src/Crypto/Generators/ClpArgon2ParametersGenerator.pas

@@ -0,0 +1,257 @@
+{ *********************************************************************************** }
+{ *                              CryptoLib Library                                  * }
+{ *                Copyright (c) 2018 - 20XX Ugochukwu Mmaduekwe                    * }
+{ *                 Github Repository <https://github.com/Xor-el>                   * }
+
+{ *  Distributed under the MIT software license, see the accompanying file LICENSE  * }
+{ *          or visit http://www.opensource.org/licenses/mit-license.php.           * }
+
+{ *                              Acknowledgements:                                  * }
+{ *                                                                                 * }
+{ *      Thanks to Sphere 10 Software (http://www.sphere10.com/) for sponsoring     * }
+{ *                           development of this library                           * }
+
+{ * ******************************************************************************* * }
+
+(* &&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&& *)
+
+unit ClpArgon2ParametersGenerator;
+
+{$I ..\..\Include\CryptoLib.inc}
+
+interface
+
+uses
+
+  HlpIHashInfo,
+  HlpHashFactory,
+  HlpPBKDF_Argon2NotBuildInAdapter,
+  ClpICipherParameters,
+  ClpIArgon2ParametersGenerator,
+  ClpKeyParameter,
+  ClpIKeyParameter,
+  ClpParametersWithIV,
+  ClpParameterUtilities,
+  ClpCryptoLibTypes;
+
+resourcestring
+  SArgon2TypeInvalid = 'Selected Argon2Type is Invalid';
+
+type
+
+  /// <summary>
+  /// <see href="https://github.com/P-H-C/phc-winner-argon2/blob/master/argon2-specs.pdf">
+  /// Argon2 Specification</see>, <see href="https://tools.ietf.org/html/draft-irtf-cfrg-argon2-04">
+  /// ietf specs</see>
+  /// </summary>
+  TArgon2ParametersGenerator = class sealed(TInterfacedObject,
+    IArgon2ParametersGenerator)
+
+  strict private
+  var
+    FPassword: TCryptoLibByteArray;
+    FPBKDF_Argon2: IPBKDF_Argon2;
+    FArgon2ParametersBuilder: HlpIHashInfo.IArgon2ParametersBuilder;
+
+    /// <returns>
+    /// the password byte array.
+    /// </returns>
+    function GetPassword: TCryptoLibByteArray; inline;
+
+    /// <returns>
+    /// the Argon2 Parameter Builder Instance
+    /// </returns>
+    function GetArgon2ParametersBuilder
+      : HlpIHashInfo.IArgon2ParametersBuilder; inline;
+
+    function GenerateDerivedKey(dkLen: Int32): TCryptoLibByteArray; inline;
+
+  public
+
+    /// <summary>
+    /// construct an Argon2 Parameters generator.
+    /// </summary>
+    /// <param name="digest">
+    /// digest to use for constructing hmac
+    /// </param>
+    constructor Create();
+
+    procedure Init(argon2Type: TArgon2Type; argon2Version: TArgon2Version;
+      const password, salt, secret, additional: TCryptoLibByteArray;
+      iterations, memory, parallelism: Int32; memoryAsKB: Boolean);
+
+    /// <summary>
+    /// Generate a key parameter derived from the password, salt, and
+    /// iteration count we are currently initialised with.
+    /// </summary>
+    /// <param name="algorithm">
+    /// a parameters object representing a key.
+    /// </param>
+    /// <param name="keySize">
+    /// the length, in bits, of the key required.
+    /// </param>
+    /// <returns>
+    /// a parameters object representing a key.
+    /// </returns>
+    function GenerateDerivedParameters(const algorithm: String; keySize: Int32)
+      : ICipherParameters; overload;
+
+    /// <summary>
+    /// Generate a key with initialisation vector parameter derived from <br />
+    /// the password, salt, and iteration count we are currently initialised
+    /// with.
+    /// </summary>
+    /// <param name="algorithm">
+    /// a parameters object representing a key.
+    /// </param>
+    /// <param name="keySize">
+    /// the length, in bits, of the key required.
+    /// </param>
+    /// <param name="ivSize">
+    /// the length, in bits, of the iv required.
+    /// </param>
+    /// <returns>
+    /// a parameters object representing a key and an iv.
+    /// </returns>
+    function GenerateDerivedParameters(const algorithm: String;
+      keySize, ivSize: Int32): ICipherParameters; overload;
+
+    /// <summary>
+    /// Generate a key parameter for use with a MAC derived from the
+    /// password, salt, and iteration count we are currently initialised
+    /// with.
+    /// </summary>
+    /// <param name="keySize">
+    /// the length, in bits, of the key required.
+    /// </param>
+    /// <returns>
+    /// a parameters object representing a key.
+    /// </returns>
+    function GenerateDerivedMacParameters(keySize: Int32)
+      : ICipherParameters; overload;
+
+    /// <value>
+    /// the password byte array.
+    /// </value>
+    property password: TCryptoLibByteArray read GetPassword;
+
+    /// <returns>
+    /// the Argon2 Parameter Builder Instance
+    /// </returns>
+    property Argon2ParametersBuilder: HlpIHashInfo.IArgon2ParametersBuilder
+      read GetArgon2ParametersBuilder;
+
+  end;
+
+implementation
+
+{ TArgon2ParametersGenerator }
+
+function TArgon2ParametersGenerator.GetPassword: TCryptoLibByteArray;
+begin
+  result := System.Copy(FPassword);
+end;
+
+function TArgon2ParametersGenerator.GetArgon2ParametersBuilder
+  : HlpIHashInfo.IArgon2ParametersBuilder;
+begin
+  result := FArgon2ParametersBuilder;
+end;
+
+constructor TArgon2ParametersGenerator.Create();
+begin
+  Inherited Create();
+end;
+
+function TArgon2ParametersGenerator.GenerateDerivedKey(dkLen: Int32)
+  : TCryptoLibByteArray;
+begin
+  result := FPBKDF_Argon2.GetBytes(dkLen);
+end;
+
+function TArgon2ParametersGenerator.GenerateDerivedMacParameters(keySize: Int32)
+  : ICipherParameters;
+var
+  dKey: TCryptoLibByteArray;
+begin
+  keySize := keySize div 8;
+
+  dKey := GenerateDerivedKey(keySize);
+
+  result := TKeyParameter.Create(dKey, 0, keySize);
+end;
+
+function TArgon2ParametersGenerator.GenerateDerivedParameters(const algorithm
+  : String; keySize: Int32): ICipherParameters;
+var
+  dKey: TCryptoLibByteArray;
+begin
+  keySize := keySize div 8;
+
+  dKey := GenerateDerivedKey(keySize);
+
+  result := TParameterUtilities.CreateKeyParameter(algorithm, dKey, 0, keySize);
+end;
+
+function TArgon2ParametersGenerator.GenerateDerivedParameters(const algorithm
+  : String; keySize, ivSize: Int32): ICipherParameters;
+var
+  dKey: TCryptoLibByteArray;
+  key: IKeyParameter;
+begin
+  keySize := keySize div 8;
+  ivSize := ivSize div 8;
+
+  dKey := GenerateDerivedKey(keySize + ivSize);
+  key := TParameterUtilities.CreateKeyParameter(algorithm, dKey, 0, keySize);
+
+  result := TParametersWithIV.Create(key, dKey, keySize, ivSize);
+end;
+
+procedure TArgon2ParametersGenerator.Init(argon2Type: TArgon2Type;
+  argon2Version: TArgon2Version; const password, salt, secret,
+  additional: TCryptoLibByteArray; iterations, memory, parallelism: Int32;
+  memoryAsKB: Boolean);
+var
+  LArgon2ParametersBuilder: IArgon2ParametersBuilder;
+begin
+  FPassword := password;
+
+  case argon2Type of
+    TArgon2Type.a2tARGON2_d:
+      begin
+        LArgon2ParametersBuilder := TArgon2dParametersBuilder.Builder();
+      end;
+
+    TArgon2Type.a2tARGON2_i:
+      begin
+        LArgon2ParametersBuilder := TArgon2iParametersBuilder.Builder();
+      end;
+    TArgon2Type.a2tARGON2_id:
+      begin
+        LArgon2ParametersBuilder := TArgon2idParametersBuilder.Builder();
+      end
+  else
+    begin
+      raise EArgumentCryptoLibException.CreateRes(@SArgon2TypeInvalid);
+    end;
+  end;
+
+  if memoryAsKB then
+  begin
+    LArgon2ParametersBuilder.WithVersion(argon2Version).WithSalt(salt)
+      .WithSecret(secret).WithAdditional(additional).WithIterations(iterations)
+      .WithMemoryAsKB(memory).WithParallelism(parallelism);
+  end
+  else
+  begin
+    LArgon2ParametersBuilder.WithVersion(argon2Version).WithSalt(salt)
+      .WithSecret(secret).WithAdditional(additional).WithIterations(iterations)
+      .WithMemoryPowOfTwo(memory).WithParallelism(parallelism);
+  end;
+
+  FPBKDF_Argon2 := TKDF.TPBKDF_Argon2.CreatePBKDF_Argon2(FPassword,
+    LArgon2ParametersBuilder.Build());
+end;
+
+end.

CryptoLib/src/Interfaces/ClpIArgon2ParametersGenerator.pas

@@ -0,0 +1,116 @@
+{ *********************************************************************************** }
+{ *                              CryptoLib Library                                  * }
+{ *                Copyright (c) 2018 - 20XX Ugochukwu Mmaduekwe                    * }
+{ *                 Github Repository <https://github.com/Xor-el>                   * }
+
+{ *  Distributed under the MIT software license, see the accompanying file LICENSE  * }
+{ *          or visit http://www.opensource.org/licenses/mit-license.php.           * }
+
+{ *                              Acknowledgements:                                  * }
+{ *                                                                                 * }
+{ *      Thanks to Sphere 10 Software (http://www.sphere10.com/) for sponsoring     * }
+{ *                           development of this library                           * }
+
+{ * ******************************************************************************* * }
+
+(* &&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&& *)
+
+unit ClpIArgon2ParametersGenerator;
+
+{$I ..\Include\CryptoLib.inc}
+
+interface
+
+uses
+  HlpIHashInfo,
+  HlpArgon2TypeAndVersion,
+  ClpICipherParameters,
+  ClpCryptoLibTypes;
+
+type
+{$SCOPEDENUMS ON}
+  TArgon2Type = HlpArgon2TypeAndVersion.TArgon2Type;
+  TArgon2Version = HlpArgon2TypeAndVersion.TArgon2Version;
+{$SCOPEDENUMS OFF}
+
+type
+  IArgon2ParametersGenerator = interface(IInterface)
+
+    ['{0AC3D3A8-9422-405F-B0EE-6B7AE0F64F74}']
+
+    procedure Init(argon2Type: TArgon2Type; argon2Version: TArgon2Version;
+      const password, salt, secret, additional: TCryptoLibByteArray;
+      iterations, memory, parallelism: Int32; memoryAsKB: Boolean);
+
+    /// <returns>
+    /// the password byte array.
+    /// </returns>
+    function GetPassword: TCryptoLibByteArray;
+
+    /// <value>
+    /// the password byte array.
+    /// </value>
+    property password: TCryptoLibByteArray read GetPassword;
+
+    /// <returns>
+    /// the Argon2 Parameter Builder Instance
+    /// </returns>
+    function GetArgon2ParametersBuilder: HlpIHashInfo.IArgon2ParametersBuilder;
+
+    /// <returns>
+    /// the Argon2 Parameter Builder Instance
+    /// </returns>
+    property Argon2ParametersBuilder: HlpIHashInfo.IArgon2ParametersBuilder
+      read GetArgon2ParametersBuilder;
+
+    /// <summary>
+    /// Generate derived parameters for a key of length keySize.
+    /// </summary>
+    /// <param name="algorithm">
+    /// a parameters object representing a key.
+    /// </param>
+    /// <param name="keySize">
+    /// the length, in bits, of the key required.
+    /// </param>
+    /// <returns>
+    /// a parameters object representing a key.
+    /// </returns>
+    function GenerateDerivedParameters(const algorithm: String; keySize: Int32)
+      : ICipherParameters; overload;
+
+    /// <summary>
+    /// Generate derived parameters for a key of length keySize and iv
+    /// of length ivSize.
+    /// </summary>
+    /// <param name="algorithm">
+    /// a parameters object representing a key.
+    /// </param>
+    /// <param name="keySize">
+    /// the length, in bits, of the key required.
+    /// </param>
+    /// <param name="ivSize">
+    /// the length, in bits, of the iv required.
+    /// </param>
+    /// <returns>
+    /// a parameters object representing a key and an iv.
+    /// </returns>
+    function GenerateDerivedParameters(const algorithm: String;
+      keySize, ivSize: Int32): ICipherParameters; overload;
+
+    /// <summary>
+    /// Generate derived parameters for a key of length keySize,
+    /// specifically <br />for use with a MAC.
+    /// </summary>
+    /// <param name="keySize">
+    /// the length, in bits, of the key required.
+    /// </param>
+    /// <returns>
+    /// a parameters object representing a key.
+    /// </returns>
+    function GenerateDerivedMacParameters(keySize: Int32): ICipherParameters;
+
+  end;
+
+implementation
+
+end.

CryptoLib/src/Packages/Delphi/CryptoLib4PascalPackage.dpk

@@ -369,6 +369,8 @@ contains
   ClpTeleTrusTNamedCurves in '..\..\Asn1\TeleTrust\ClpTeleTrusTNamedCurves.pas',
   ClpAgreementUtilities in '..\..\Security\ClpAgreementUtilities.pas',
   ClpIKdf1BytesGenerator in '..\..\Interfaces\ClpIKdf1BytesGenerator.pas',
-  ClpKdf1BytesGenerator in '..\..\Crypto\Generators\ClpKdf1BytesGenerator.pas';
+  ClpKdf1BytesGenerator in '..\..\Crypto\Generators\ClpKdf1BytesGenerator.pas',
+  ClpIArgon2ParametersGenerator in '..\..\Interfaces\ClpIArgon2ParametersGenerator.pas',
+  ClpArgon2ParametersGenerator in '..\..\Crypto\Generators\ClpArgon2ParametersGenerator.pas';
 
 end.

CryptoLib/src/Packages/FPC/CryptoLib4PascalPackage.lpk

@@ -25,7 +25,7 @@
  Acknowledgements: 
 Thanks to Sphere 10 Software (http://www.sphere10.com/) for sponsoring the development of this library "/>
     <Version Major="3" Minor="1"/>
-    <Files Count="337">
+    <Files Count="339">
       <Item1>
         <Filename Value="..\..\Asn1\ClpOidTokenizer.pas"/>
         <UnitName Value="ClpOidTokenizer"/>
@@ -1376,6 +1376,14 @@ Thanks to Sphere 10 Software (http://www.sphere10.com/) for sponsoring the devel
         <Filename Value="..\..\Crypto\Generators\ClpKdf1BytesGenerator.pas"/>
         <UnitName Value="ClpKdf1BytesGenerator"/>
       </Item337>
+      <Item338>
+        <Filename Value="..\..\Interfaces\ClpIArgon2ParametersGenerator.pas"/>
+        <UnitName Value="ClpIArgon2ParametersGenerator"/>
+      </Item338>
+      <Item339>
+        <Filename Value="..\..\Crypto\Generators\ClpArgon2ParametersGenerator.pas"/>
+        <UnitName Value="ClpArgon2ParametersGenerator"/>
+      </Item339>
     </Files>
     <RequiredPkgs Count="3">
       <Item1>

CryptoLib/src/Packages/FPC/CryptoLib4PascalPackage.pas

@@ -120,7 +120,8 @@ uses
   ClpX25519KeyPairGenerator, ClpEd25519PhBlake2BSigner, ClpEd25519PhSigner, 
   ClpEd25519Signer, ClpEd25519CtxBlake2BSigner, ClpEd25519CtxSigner, 
   ClpEd25519Blake2BSigner, ClpTeleTrusTNamedCurves, ClpAgreementUtilities, 
-  ClpIKdf1BytesGenerator, ClpKdf1BytesGenerator;
+  ClpIKdf1BytesGenerator, ClpKdf1BytesGenerator, 
+  ClpIArgon2ParametersGenerator, ClpArgon2ParametersGenerator;
 
 implementation