(define crypt-sha512-default-rounds (make-parameter 5000))

(define (crypt-sha512-gensalt random #!key rounds)
  ;; There's no minimum salt length, but 4 is probably the smallest sane value
  (let* ((rounds (or rounds (crypt-sha512-default-rounds)))
         (v (get-random-u8vector 'crypt-sha512-gensalt random 4 16))
         ;; 5000 isn't our default number of rounds but the specification's
         ;; (we can leave off the rounds in the string if it matches that)
         (prefix (if (= rounds 5000) "$6$" (sprintf "$6$rounds=~a$" rounds))))
    (string-append prefix (u8vector->saltstring v))))