cagonza6/SCRAM-SHA-1 Validator for XMPP Prosody

## SCRAM-SHA-1 Validator for XMPP Prosody
<?php
// SCRAM-SHA-1 Validator PHP
//
// PHP 5.5.0 or greater required
//
// Lorenzo J. Gonzalez
// A.k.a: SpaHost
// Xmpp: djyxa@spahost.es
//
// Thanks to prosody@conference.prosody.im for helping me and repeat everytime this and this:
//  - http://tools.ietf.org/html/rfc5802
//  - https://www.zash.se/scram.dia.png

// HMAC-SHA-1 Implementation from http://es1.php.net/hash_hmac (josefkoh at hotmail dot com)
function hmac_sha1($key, $data) {
    // Adjust key to exactly 64 bytes
    if (strlen($key) > 64) {
        $key = str_pad(sha1($key, true), 64, chr(0));
    }
    if (strlen($key) < 64) {
        $key = str_pad($key, 64, chr(0));
    }

    // Outter and Inner pad
    $opad = str_repeat(chr(0x5C), 64);
    $ipad = str_repeat(chr(0x36), 64);

    // Xor key with opad & ipad
    for ($i = 0; $i < strlen($key); $i++) {
        $opad[$i] = $opad[$i] ^ $key[$i];
        $ipad[$i] = $ipad[$i] ^ $key[$i];
    }

    return sha1($opad.sha1($ipad.$data, true));
}

$plain_password = 'example_password';
$internal_salt = 'xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx'; // SQL->accounts->salt->string
$internal_iteration = '4096'; // SQL->accounts-iteration_count->number
$internal_server_key = 'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx'; // SQL->accounts->server_key->string
$internal_stored_key = 'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx'; // SQL->accounts->stored_key->string

// Lets do the magic
$new_salted_password = hash_pbkdf2('sha1', $plain_password , $internal_salt, $internal_iteration, 0, true);
$new_server_key = hmac_sha1($new_salted_password, 'Server Key');
$new_client_key = hmac_sha1($new_salted_password, 'Client Key');
$new_stored_key = sha1(hex2bin($new_client_key));

// Check it
if ($new_server_key == $internal_server_key){
    echo 'Valid Server Key';
} else {
    echo 'Try Again';
}

if ($new_stored_key == $internal_stored_key){
    echo 'Valid Stored Key';
} else {
    echo 'Try Again';
}

?>
	<?php
	// SCRAM-SHA-1 Validator PHP
	//
	// PHP 5.5.0 or greater required
	//
	// Lorenzo J. Gonzalez
	// A.k.a: SpaHost
	// Xmpp: djyxa@spahost.es
	//
	// Thanks to prosody@conference.prosody.im for helping me and repeat everytime this and this:
	// - http://tools.ietf.org/html/rfc5802
	// - https://www.zash.se/scram.dia.png

	// HMAC-SHA-1 Implementation from http://es1.php.net/hash_hmac (josefkoh at hotmail dot com)
	function hmac_sha1($key, $data) {
	// Adjust key to exactly 64 bytes
	if (strlen($key) > 64) {
	$key = str_pad(sha1($key, true), 64, chr(0));
	}
	if (strlen($key) < 64) {
	$key = str_pad($key, 64, chr(0));
	}

	// Outter and Inner pad
	$opad = str_repeat(chr(0x5C), 64);
	$ipad = str_repeat(chr(0x36), 64);

	// Xor key with opad & ipad
	for ($i = 0; $i < strlen($key); $i++) {
	$opad[$i] = $opad[$i] ^ $key[$i];
	$ipad[$i] = $ipad[$i] ^ $key[$i];
	}

	return sha1($opad.sha1($ipad.$data, true));
	}

	$plain_password = 'example_password';
	$internal_salt = 'xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx'; // SQL->accounts->salt->string
	$internal_iteration = '4096'; // SQL->accounts-iteration_count->number
	$internal_server_key = 'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx'; // SQL->accounts->server_key->string
	$internal_stored_key = 'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx'; // SQL->accounts->stored_key->string

	// Lets do the magic
	$new_salted_password = hash_pbkdf2('sha1', $plain_password , $internal_salt, $internal_iteration, 0, true);
	$new_server_key = hmac_sha1($new_salted_password, 'Server Key');
	$new_client_key = hmac_sha1($new_salted_password, 'Client Key');
	$new_stored_key = sha1(hex2bin($new_client_key));

	// Check it
	if ($new_server_key == $internal_server_key){
	echo 'Valid Server Key';
	} else {
	echo 'Try Again';
	}

	if ($new_stored_key == $internal_stored_key){
	echo 'Valid Stored Key';
	} else {
	echo 'Try Again';
	}

	?>