2 files changed, 25 insertions, 3 deletions

diff --git a/packages/anastasis-core/src/crypto.test.ts b/packages/anastasis-core/src/crypto.test.ts
index 346806fac..78ff2a65a 100644
--- a/packages/anastasis-core/src/crypto.test.ts
+++ b/packages/anastasis-core/src/crypto.test.ts
@@ -1,4 +1,5 @@
 import test from "ava";
+import { userIdentifierDerive } from "./crypto.js";
 
 // Vector generated with taler-anastasis-tvg
 const userIdVector = {
@@ -12,5 +13,9 @@ const userIdVector = {
 };
 
 test("user ID derivation", async (t) => {
-  t.fail();
+  const res = await userIdentifierDerive(
+    userIdVector.input_id_data,
+    userIdVector.input_server_salt,
+  );
+  t.is(res, userIdVector.output_id);
 });
diff --git a/packages/anastasis-core/src/crypto.ts b/packages/anastasis-core/src/crypto.ts
index 54f27b646..c20d323a7 100644
--- a/packages/anastasis-core/src/crypto.ts
+++ b/packages/anastasis-core/src/crypto.ts
@@ -1,10 +1,27 @@
+import {
+  canonicalJson,
+  decodeCrock,
+  encodeCrock,
+  stringToBytes,
+} from "@gnu-taler/taler-util";
 import { argon2id } from "hash-wasm";
 
-async function userIdentifierDerive(
+export async function userIdentifierDerive(
   idData: any,
   serverSalt: string,
 ): Promise<string> {
-  throw Error("not implemented");
+  const canonIdData = canonicalJson(idData);
+  const hashInput = stringToBytes(canonIdData);
+  const result = await argon2id({
+    hashLength: 64,
+    iterations: 3,
+    memorySize: 1024 /* kibibytes */,
+    parallelism: 1,
+    password: hashInput,
+    salt: decodeCrock(serverSalt),
+    outputType: "binary",
+  });
+  return encodeCrock(result);
 }
 
 // interface Keypair {