andrew-dixon/password-hashing-proof

## password-hashing-proof
<cfscript>
    random = createObject("java", "java.security.SecureRandom");
    salt_bytes = javaCast("byte[]", [].set(1,50,0));
    iterations = 10000;
    key_length = 2048;
    password = javaCast("char[]", ['p','a','s','s','w','o','r','d']);
    random.nextBytes(salt_bytes);
    cryptoSpec = createObject("java", "javax.crypto.spec.PBEKeySpec").init(password, salt_bytes, iterations, key_length);
    skf = createObject("java", "javax.crypto.SecretKeyFactory");
    keyFactory = skf.getInstance('PBKDF2WithHmacSHA1');
    secret = keyFactory.generateSecret(cryptoSpec).getEncoded();
    dump(secret);
</cfscript>
	<cfscript>
	random = createObject("java", "java.security.SecureRandom");
	salt_bytes = javaCast("byte[]", [].set(1,50,0));
	iterations = 10000;
	key_length = 2048;
	password = javaCast("char[]", ['p','a','s','s','w','o','r','d']);
	random.nextBytes(salt_bytes);
	cryptoSpec = createObject("java", "javax.crypto.spec.PBEKeySpec").init(password, salt_bytes, iterations, key_length);
	skf = createObject("java", "javax.crypto.SecretKeyFactory");
	keyFactory = skf.getInstance('PBKDF2WithHmacSHA1');
	secret = keyFactory.generateSecret(cryptoSpec).getEncoded();
	dump(secret);
	</cfscript>