flashadvocate/srp6crypto

为 TrinityCore 实现的 SRP6

维护者

详细信息

github.com/flashadvocate/srp6crypto

源代码

问题

安装: 0

依赖项: 0

建议者: 0

安全性: 0

星标: 0

关注者: 2

分支: 0

开放问题: 0

dev-main 2024-05-08 18:05 UTC

Requires

  • php: ^8.0|^8.1
  • ext-gmp: *

AGPL-3.0-or-later 658509fb5ad5060001cfb49888dba94fe43ea64c

This package is auto-updated.

Last update: 2024-09-08 18:53:01 UTC

README

替换 sha_password_hash 用于账户凭证验证。阅读https://gtker.com/implementation-guide-for-the-world-of-warcraft-flavor-of-srp6/ 获取更多详细信息。

感谢 Treeston 在 TrinityCore Minimanager 上的工作。

用法

composer require flashadvocate/srp6crypto

示例实现

<?php

require __DIR__ . '/vendor/autoload.php';

$username = 'olstumpy';
$password = 'elephant frank disco ceremony apple josh herringbone';


/**
 * Generate a salt and verifier
 */
list($salt, $verifier) = (new \SRP6Crypto\Verifier(
    username: $username,
    password: $password
))->generate();


/**
 * create a new user account
 */
$connection = new PDO("mysql:host=127.0.0.1;dbname=auth", username: 'trinity', password: 'trinity');
$sth = $connection->prepare('INSERT INTO account (username, salt, verifier) VALUES (:username, UNHEX(:salt), UNHEX(:verifier));');

if ($sth instanceof \PDOStatement) {
    $rowsAffected = $sth->execute([
        ':username' => $username,
        ':salt' => bin2hex($salt),
        ':verifier' => bin2hex($verifier)
    ]);
}

if ($rowsAffected)
    echo "Account created successfully!";


/**
 * later, check that salt and verifier match login credentials
 */
$isVerified = (new \SRP6Crypto\Verifier(
    username: $username,
    password: $password,
    salt: $salt,
    verifier: $verifier
))->verify(); 

var_dump($isVerified); // returns true if credentials match