simbo1905
commented
9 years ago Hi Ruslan,
I have created a branch on my fork with some changes to enact this which is over at
https://github.com/simbo1905/srp-6a-demo/commit/0afb7bf8c265a98bac25bc75e859cc16855d081b
If you would like to make any comments over there if/when my current pull request has been merged/rejected I could setup a new pull request from these feature.
Happy New Year!
simbo1905
RuslanZavacky
Thinking about issue #5 it occurs to me that its not immediately clear how to protect a page using the library code. It would be helpful if the successful authentication path left a variable
$_SESSION['SRP_AUTHENTICATED'] = true;. At the same time it could unset the hashes and set the SRP session key which could be useful for further cryptography now that the WebCryptoAPI is getting some traction in major browsers.