SRP PHP Client

PHP Client for Login over Secure Remote Password Protocol

1. registrate

generate s (salt) and v (verifier). generated by client, stored by server


            $username = "falk";

            $password = "test123";

            $s = $srp->getRandomSeed();

            $x = $srp->generateX($s, $username, $password);

            $v = $srp->generateV($x);

            $send = array("phase" => 0, "I" => $username, "v" => $v, "s" => $s);

Send

Array ( [phase] => 0 [I] => falk [v] => cbaa1f8e33e519da3df2f9a22b70563c582185fcd630899e8969e5fbeea30ee9219fd2cb612a0b225f00399bf735f3ab0838d8760b8f95d4eefdfe283b3aa03a [s] => 32151edd239acae7268752fc424f770db4b34a6295de29540b1335d36063c3670e6cf160b92033e6ed5e74c28f147279b35811c594c73169421a4f70206a5834 )

Recive

Array ( [success] => 1 )

2. Login - Phase 1

client generate a (private random key), A (public generated key) and send A, I (username) to server.


            $a = $srp->getRandomSeed();

            $A = $srp->generateA($a);

            $send = array("phase" => 1, "I" => $username, "A" => $A);

Send

Array ( [phase] => 1 [I] => falk [A] => 4280dac598e9ddf98a7d0f583d8a6f4b6cc985a973e125f67b5e9bd02dd9277445f48bdeb69738ee702fd10c9ece81bb9510fd534b4ec00f485b7e1b7c6cdac1 )

Recive

Array ( [success] => 1 [B] => 97b5166200f38d77e80adf54864cba0a56b9d54f13631de44f35af85ae058e4ef00548198218d96fb2058f151889e485a0881c596d41bc858ce4cff8c643e76131880ec3fb0a4a9784001d7a685198b9a0a979add39d89d4bbce61e088fee1f6 [s] => 32151edd239acae7268752fc424f770db4b34a6295de29540b1335d36063c3670e6cf160b92033e6ed5e74c28f147279b35811c594c73169421a4f70206a5834 )

3. Login - Phase 2

Client receive s (salt) und B (public key of Server) in Phase 1. Client build M1 and send it sto Server.


            $B = $res1["B"];

            $s = $res1["s"];

            $x = $srp->generateX($s, $username, $password);

            $S = $srp->generateS_Client($A, $B, $a, $x);

            $M1 = $srp->generateM1($A, $B, $S);

            $send = array("phase" => 2, "M1" => $M1);

Send

Array ( [phase] => 2 [M1] => cda0bb10eda9b992c8cf83066780ff8d63214dd8c1fd550230a8e593b7f719b9 )

Recive

Array ( [success] => 1 [M2] => 467d44ccf3afb833c5d2a28e4df1ae7f986f8da0724623241e94ea19e1db397f )

4. Server verification

Client receive M2 from Server, rebiuld and compare them and build session key


            $res2 = json_decode($res["body"], true);

            $M2 = $res2["M2"];

            $M2_check = $srp->generateM2($A, $M1, $S);

            

            if($M2 == $M2_check){

                echo "SUCCESS;";

                $K = $srp->generateK($S);

                echo "SESSION KEY: ".$K;

            }

Output

SUCCESS;SESSION KEY: 03588249daf241edb9283010e9f361accfac456953507850143481c7d61b0aea