jramb/hash-password.clj

## hash-password.clj
(defn hash-password [password salt]
  (assert (> (count salt) 10))          ;would like to have >64 bit of salt
  (assert (> (count password) 6))       ;come on, how low can we go?
  (let [md (java.security.MessageDigest/getInstance "SHA-512")
        encoder (sun.misc.BASE64Encoder.)]
    (.update md (.getBytes salt "UTF-8")) ;assume text salt
    (.encode encoder
             (loop [mangle (.getBytes password "UTF-8")
                    passes 1e5]         ; paranoid, but are we paranoid enough?
               (if (= 0 passes)
                 mangle
                 (recur (.digest md mangle) (dec passes)))))))
	(defn hash-password [password salt]
	(assert (> (count salt) 10)) ;would like to have >64 bit of salt
	(assert (> (count password) 6)) ;come on, how low can we go?
	(let [md (java.security.MessageDigest/getInstance "SHA-512")
	encoder (sun.misc.BASE64Encoder.)]
	(.update md (.getBytes salt "UTF-8")) ;assume text salt
	(.encode encoder
	(loop [mangle (.getBytes password "UTF-8")
	passes 1e5] ; paranoid, but are we paranoid enough?
	(if (= 0 passes)
	mangle
	(recur (.digest md mangle) (dec passes)))))))