[FEATURE]: Add Argon2 to Cryptography Registry

[beatquantum]

Problem Statement

Argon2 (RFC 9106 standard, winner of 2015 Password Hashing Competition)
is not currently in the CycloneDX Cryptography Registry despite widespread
adoption and OWASP recommendation.

Proposed Pattern

Argon2(id|i|d)[-{memoryMiB}][-{iterations}][-{parallelism}]

Valid examples:

• Argon2id (variant only)
• Argon2id-15-1-4 (RFC 9106 interactive defaults)
• Argon2id-64-2-1 (medium security)
• Argon2id-256-4-2 (high security)

Illustration of Compatibility (json)

{
"type": "cryptographic-asset",
"name": "Argon2id-64-2-1",
"cryptoProperties": {
"assetType": "algorithm",
"algorithmProperties": {
"primitive": "password-hashing",
"algorithmFamily": "Argon2",
"parameterSetIdentifier": "id-64-2-1"
}
}
}

Justification

1. Parametric algorithms are already in registry
2. Parameter variation critically impacts security
3. Enables policy enforcement and CBOM risk assessment
4. RFC 9106 is authoritative standard

Standards Reference

RFC 9106: Argon2 Memory-Hard Function for Password Hashing

[stevespringett]

cc: @bhess

[meghsaha-ibm]

The primitive for the variant Argon2(id|i|d)[-{memoryKiB}][-{passes}][-{parallelism}] should be kdf. Also, the variable {dkLen} may be considered.

[bhess]

@stevespringett this could be closed since #793 landed.