ActiveModel::SecurePassword can handle other algoritms than bcrypt?


I need to be FIPS (NIST) and ANSSI (French Security Agency) compliant for a rails application.

Currently we use has_secure_password with bcrypt to hash and store password. But bcrypt is not FIPS or ANSSI compliant because the result hash is to small (184 bits).

I would like to implement an option in the ActiveModel::SecurePassword to use pbkdf2 with a FIPS-180 hash like SHA256 or SHA512.

Does that make sense for PR ?