Validate password with PBKDF2

> Hi Udo and others,
>
> I just integrated PBKDF2 hasher into ApplicationSecurity:
> Usage example:
>
> (ASPasswordVerifier new
>      hasher: ASPBKDF2Hasher new;
>      plainTextPassword: 'testPassword';
>      storedSalt: '590b223fc584ae96edf3d5dc7e363034';
>      storedFinalPassword: '2828efb46d56ca2fb004026398d412ef') verify.
>
> Cheers,
>
> Hernán
>
>
> 2017-07-01 5:03 GMT-03:00 Udo Schneider
> <[hidden email]
> <mailto:[hidden email]>>:
>
>     Francis,
>
>     I can relate to the idea of easily embedding PBKDF2/bcrypt into your
>     code. However the functionality of /managing/ the salt is not
>     specificed in PBKDF2. The spec only covers the actual the hashing
>     part. However wrapping it into a simple to use wrapper is pretty
>     simple. The code below is something I use in my code for example:
>
>     "Create a new password instance"
>     pwd := KNPassword fromPlaintext: 'secret'.
>     "Now store that instance. It encapsulates hash, generated salt and
>     the load parameter. Because all the load parameters are accessed via
>     methods you can also back them with ivars and have different instances
>     with different load parameters. E.g. for adapting to advances in
>     hash cracking."
>
>     pwd verify: 'secret'. "Verify the password"
>
>     CU,
>
>     Udo
>
>
>
>
>
>     'From Pharo5.0 of 16 April 2015 [Latest update: #50772] on 1 July
>     2017 at 10:01:05.207245 am'!
>     Object subclass: #KNPassword
>              instanceVariableNames: 'salt hash'
>              classVariableNames: 'PRNG'
>              poolDictionaries: ''
>              category: 'ThreatNews-Core'!
>
>     !KNPassword methodsFor: 'accessing' stamp: 'UdoSchneider 5/26/2017
>     11:48'!
>     salt
>              ^ salt
>                      ifNil: [ salt := ((1 to: self saltLength) collect:
>     [ :each | self class prng nextInt: 255 ])
>                                      asByteArray ]! !
>
>     !KNPassword methodsFor: 'accessing' stamp: 'UdoSchneider 7/1/2017
>     09:58'!
>     iterations
>              ^ 1000! !
>
>     !KNPassword methodsFor: 'accessing' stamp: 'UdoSchneider 7/1/2017
>     09:58'!
>     length
>              ^ 64! !
>
>     !KNPassword methodsFor: 'accessing' stamp: 'UdoSchneider 7/1/2017
>     09:58'!
>     saltLength
>              ^ 16! !
>
>     !KNPassword methodsFor: 'accessing' stamp: 'UdoSchneider 7/1/2017
>     09:57'!
>     hashClass
>              ^ SHA256! !
>
>
>     !KNPassword methodsFor: 'as yet unclassified' stamp: 'UdoSchneider
>     5/26/2017 11:51'!
>     setPlaintext: aString
>              hash := self hashString: aString! !
>
>     !KNPassword methodsFor: 'as yet unclassified' stamp: 'UdoSchneider
>     5/26/2017 11:52'!
>     verify: aString
>              ^ (self hashString: aString) = hash! !
>
>     !KNPassword methodsFor: 'as yet unclassified' stamp: 'UdoSchneider
>     5/26/2017 11:51'!
>     hashString: aString
>              ^ PBKDF2
>                      derivedKeyHashFunction: self hashClass
>                      password: aString
>                      salt: self salt
>                      iterations: self iterations
>                      length: self length! !
>
>     "-- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- "!
>
>     KNPassword class
>              instanceVariableNames: ''!
>
>     !KNPassword class methodsFor: 'as yet unclassified' stamp:
>     'UdoSchneider 5/26/2017 11:49'!
>     reset
>              PRNG := nil! !
>
>     !KNPassword class methodsFor: 'as yet unclassified' stamp:
>     'UdoSchneider 5/26/2017 11:49'!
>     fromPlaintext: aString
>              ^ self new
>                      setPlaintext: aString;
>                      yourself! !
>
>     !KNPassword class methodsFor: 'as yet unclassified' stamp:
>     'UdoSchneider 5/26/2017 11:49'!
>     prng
>              ^ PRNG ifNil: [ PRNG := Random new ]! !
>
>
>
>