class Argon2::Engine

def self.argon2i_verify(pwd, hash, secret)
  secretlen = secret.nil? ? 0 : secret.length
  ret = Ext.wrap_argon2_verify(hash, pwd, pwd.length, secret, secretlen)
  return false if ERRORS[ret] == 'ARGON2_DECODING_FAIL'
  raise ArgonHashFail, ERRORS[ret] unless ret == 0
  true
end

def self.hash_argon2i(password, salt, t_cost, m_cost)
  result = ''
  FFI::MemoryPointer.new(:char, Constants::OUT_LEN) do |buffer|
    ret = Ext.argon2i_hash_raw(t_cost, 1 << m_cost, 1, password,
       password.length, salt, salt.length,
        buffer, Constants::OUT_LEN)
    raise ArgonHashFail, ERRORS[ret] unless ret == 0
    result = buffer.read_string(Constants::OUT_LEN)
  end
  result.unpack('H*').join
end

def self.hash_argon2i_encode(password, salt, t_cost, m_cost, secret)
  result = ''
  secretlen = secret.nil? ? 0 : secret.length
  if salt.length != Constants::SALT_LEN
    raise ArgonHashFail, "Invalid salt size"
  end
  FFI::MemoryPointer.new(:char, Constants::ENCODE_LEN) do |buffer|
    ret = Ext.argon2_wrap(buffer, password, salt, t_cost, (1 << m_cost),
        1, secret, secretlen)
    raise ArgonHashFail, ERRORS[ret] unless ret == 0
    result = buffer.read_string(Constants::ENCODE_LEN)
  end
  result.delete "\0"
end

def self.saltgen
  SecureRandom.random_bytes(Argon2::Constants::SALT_LEN)
end