Back
encrypt (clj)
(source)function
(encrypt raw)
(encrypt raw iterations)
(encrypt raw iterations algorithm)
(encrypt raw iterations algorithm salt)
Encrypt a password string using the PBKDF2 algorithm. The default number of
iterations is 100,000. If a salt is not specified, 8 random bytes are
generated from a cryptographically secure source. The default algorithm is
"HMAC-SHA1". When running on JDK 1.8 "HMAC-SHA256" is also supported.
The number of iterations and salt are encoded in the output in the following
formats for HMAC-SHA1:
<iterations>$<salt>$<encrypted password>
And for all other algoritms:
<iterations>$<algorithm>$<salt>$<encrypted password>
The iterations, salt, and encrypted password are all Base64 encoded.
Examples
weavejester/crypto-password
(ns crypto.password.pbkdf2-test
(:require [clojure.test :refer :all]
[crypto.password.pbkdf2 :as password]))
(deftest test-passwords
(are [s] (password/check s (password/encrypt s))
"a"
"foo"
"password"
"Testing"
"Test123"
"ÁäñßOÔ"
"großpösna"
"Some rather long pass phrase perhaps out of a book or poem")
(are [s r] (not (password/check r (password/encrypt s)))
"a" "b"
"a" "a "
"aaaaa" "aaaaa\n"
"großpösna" "grossposna")
(are [s a] (password/check s (password/encrypt s 100000 a))
"foo" "HMAC-SHA1"
"foo" "HMAC-SHA256")
(are [s r a] (not (password/check r (password/encrypt s 100000 a)))
"foo" "bar" "HMAC-SHA1"
"foo" "bar" "HMAC-SHA256"))