marcuskammer/dev.metalisp.survey
1
0
Fork 0
Code Issues 9 Pull requests Projects Releases Packages Wiki Activity Actions

Start with security package

Browse source
This commit is contained in:
Marcus Kammer 2025-02-17 16:15:43 +01:00
parent 3a4eef4ef0
commit 965e1be803
Signed by: marcuskammer
GPG key ID: C374817BE285268F
2 changed files with 35 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
dev.metalisp.survey.asd
View file

@ -2,14 +2,15 @@
(defsystem "dev.metalisp.survey" (defsystem "dev.metalisp.survey"
:description "Create questionnaires and analyze the results." :description "Create questionnaires and analyze the results."
:version "0.5.24" :version "0.5.25"
:author "Marcus Kammer <marcus.kammer@mailbox.org>" :author "Marcus Kammer <marcus.kammer@mailbox.org>"
:source-control (:git "https://code.metalisp.dev/marcuskammer/dev.metalisp.survey.git") :source-control (:git "https://code.metalisp.dev/marcuskammer/dev.metalisp.survey.git")
:licence "MIT" :licence "MIT"
:depends-on ("local-time" "hunchentoot" "dev.metalisp.sbt" "dev.metalisp.qmetrics") :depends-on ("ironclad" "local-time" "hunchentoot" "dev.metalisp.sbt" "dev.metalisp.qmetrics")
:components ((:module "src/" :components ((:module "src/"
:components ((:file "fileops") :components ((:file "fileops")
(:file "app") (:file "app")
(:file "password-hasher")
(:module "models/" (:module "models/"
:serial t :serial t
:components ((:file "package") :components ((:file "package")

32
src/password-hasher.lisp Normal file
View file

@ -0,0 +1,32 @@
;;; -*- mode: lisp; coding: utf-8; -*-
(defpackage :ml-survey/security
(:use #:cl)
(:export #:password-hasher
#:hash-password))
(in-package :ml-survey/security)
(defclass user ()
((name :initarg :name :reader user-name)
(password-hash :initarg :password-hash :reader user-password-hash)))
(defclass password-hasher ()
((salt-length :initarg :salt-length :initform 8 :reader salt-length)
(iterations :initarg :iterations :initform 100000 :reader iterations)
(digest :initarg :digest :initform :sha256 :reader digest)))
(defgeneric hash-password (hasher password)
(:documentation "Hash PASSWORD using the given HASHER."))
(defmethod hash-password ((hasher password-hasher) password)
(let* ((salt (ironclad:make-random-salt (salt-length hasher)))
(password-bytes (ironclad:ascii-string-to-byte-array password))
(derived-key (ironclad:pbkdf2-hash-password password-bytes
:salt salt
:iterations (iterations hasher)
:digest (digest hasher))))
(concatenate 'string
(ironclad:byte-array-to-hex-string salt)
":"
(ironclad:byte-array-to-hex-string derived-key))))