Halite Laravel Package

• Add PHPStan analysis, level 5 by @spaze in https://github.com/paragonie/halite/pull/195
• Replace all http:// links with the https:// URL they redirect to by @GrahamCampbell in https://github.com/paragonie/halite/pull/196
• Use Psalm 6 by @spaze in https://github.com/paragonie/halite/pull/198
• Remove access modifier final from private methods by @junaidbinfarooq in https://github.com/paragonie/halite/pull/204
• Ignore tests, workflows and .MD docs with "export-ignore" on .gitattr… by @erikn69 in https://github.com/paragonie/halite/pull/205
• Expand test coverage by @paragonie-security in https://github.com/paragonie/halite/pull/206
• Fixed the broken test coverage badge (https://github.com/paragonie/halite/pull/207 and https://github.com/paragonie/halite/pull/208)

What's Changed

• Fixes documentation by @faizanakram99 in https://github.com/paragonie/halite/pull/172
• Remove php 8.4 deprecations by @akondas in https://github.com/paragonie/halite/pull/201
• Update CI configuration for v4.x branch by @paragonie-security in https://github.com/paragonie/halite/pull/202
• Fix CI by @paragonie-security in https://github.com/paragonie/halite/pull/203

New Contributors

• @faizanakram99 made their first contribution in https://github.com/paragonie/halite/pull/172
• @akondas made their first contribution in https://github.com/paragonie/halite/pull/201

Full Changelog: https://github.com/paragonie/halite/compare/v4.8.0...v4.9.0

What's Changed

• Fix PHP 8.4 deprecations by @acbramley in https://github.com/paragonie/halite/pull/194

New Contributors

• @acbramley made their first contribution in https://github.com/paragonie/halite/pull/194

Full Changelog: https://github.com/paragonie/halite/compare/v5.1.2...v5.1.3

• Use #[SensitiveParameter] annotation on some inputs
  • This is defense in depth; we already wrapped most in HiddenString
• Updated dependencies

• Support both sodium_compat v1 and v2. Learn more here.

• Dropped PHP 8.0 support, increased minimum PHP version to 8.1.
  • This is due to the significant performance difference between ext/sodium and sodium_compat, and the functions we use in 5.x aren't available until PHP 8.1. See #178.
• The 5.0.x branch will continue to function on PHP 8.0 but performance is not guaranteed.

• Increased minimum PHP version to 8.0.
• Security: Asymmetric encryption now uses HKDF-BLAKE2b to extract a 256-bit uniformly random bit string for the encryption key, rather than using the raw X25519 output directly as an encryption key. This is important because Elliptic Curve Diffie-Hellman results in a random group element, but that isn't necessarily a uniformly random bit string.
  • Because Halite v4 and earlier did not perform this step, it's superficially susceptible to Cheon's attack. This reduces the effective security from 125 bits (Pollard's rho) to 123 bits, but neither is a practical concern today.
• Security: Halite v5 uses the PAE strategy from PASETO to prevent canonicalization attacks.
• Security: Halite v5 appends the random salt to HKDF's info parameter instead of the salt parameter. This allows us to meet the KDF Security Definition (which is stronger than a mere Pseudo-Random Function).
• Encryption now uses XChaCha20 instead of XSalsa20.
• The File class no longer supports the resource type. To migrate code, wrap your resource arguments in a ReadOnlyFile or MutableFile object.
• Added File::asymmetricEncrypt() and File::asymmetricDecrypt().

These security improvements were identified through an internal code review after years of studying new cryptographic attacks. Halite v4 ciphertexts are still decryptable with v5, so upgrading should be largely drop-in.

• Merged #158, which removes the final access modifier from private methods and guarantees PHP 8 support.
• Migrated tests off of Travis CI, onto Github Actions instead.

• Allows hidden-string v1 or v2 to be installed.

• Merged #154, which supports the SameSite cookie arguments on PHP 7.3+.
• Create a wrapper for sodium_memzero() to support sodium_compat.
• Added support for PHP 8.
• #146, #155, #156 -- Various documentation improvements.

• Merged #138, which adds remote stream support to ReadOnlyFile.
• Merged #140, which saves some overhead on hash recalculation.
• Merged #136 and #137, which updated the sodium stub files. These aren't strictly necessary anymore; with the adoption of libsodium in PHP 7.2 and sodium_compat, most IDEs autocomplete correctly. But fixing nits is always appreciated.
• Update minimum sodium_compat to v1.11.0.

• Merged #132, which ensures all Halite exceptions implement Throwable.
• Merged #133, which updates the documentation for the File API. Thanks [@elliot-sawyer](https://github.com/elliot-sawyer).
• Merged #134, which allows MutableFile to be used on resources opened in wb mode. Thanks [@christiaanbaartse](christiaanbaartse).
• Other minor documentation improvements.

• Fixed some minor nuisances with Psalm and PHPUnit.
• Added reference to Halite-Legacy to the README.
• Updated docblocks.

• Fixed #116. If the output file doesn't exist, it will be created. If it cannot be created, an exception will still be thrown.

• Use class_alias() for ParagonIE\Halite\HiddenString to the outsourced library. This is deprecated and will be removed in version 5.

• Updated Psalm version from ^0|^1 to ^1|^2.
• Moved HiddenString to a standalone library: https://travis-ci.org/paragonie/hidden-string

• Updated Psalm version from ^0|^1 to ^1.
• Type-safety and documentation fixes.
• Miscellaneous boyscouting. No bugs were found since 4.4.1.

Fixes #105.

Please upgrade to Halite 4 as soon as possible. We are not providing support for older versions of Halite any more. See https://github.com/paragonie/halite/releases/tag/v3.4.0

• Fixed #97, set the minimum chunk size to 1.

• Fixed #90:
  • Introduced WeakReadOnlyFile, an alternative to ReadOnlyFile that allows file modes other than rb. The TOCTOU security guarantees are therefore slightly weaker with this class (hence the "Weak" part of the name).
  • Updated File to allow stream objects (ReadOnlyFile and MutableFile) to be passed direclty instead of strings (for filenames) and resources (for open file handles).

#72: Fixed forward-compatibility with libsodium 1.0.15.

• Updated the Halite::VERSION constant which was previously still 4.2.0.
• Documentation and unit testing improvements.

• Fixes #89. Please upgrade to v4.3.0 or higher as soon as possible. We will no longer be supporting Halite version 3.x or older for free. If you need ongoing support for a legacy version of Halite, please get in contact with Paragon Initiative Enterprises about purchasing a long-term support contract.

• You can now quickly turn a SignatureKeyPair object into a birationally equivalent EncryptionKeyPair object by invoking the getEncryptionKeyPair() method.
• We now have 100% unit test coverage, in addition to our static analysis.

• Implemented Asymmetric::signAndEncrypt() and Asymmetric::verifyAndDecrypt(), which facilitates the GPG use-case of signed-then-encrypted messages between two parties' Ed25519 keypairs. Encryption is facilitated using birationally equivalent X25519 keys.
• Removed our in-house implementations of binary-safe substr and strlen in favor of using the ones in the constant-time encoding library.

Added support for libsodium 1.0.15, which was previously broken in 4.0.x.

Passwords should be autoamtically migrated, but if keys were being generated via KeyFactory::derive______Key() (fill in the blank), you'll need to change your usage of this API to get the same key as previously. Namely, you'll need to pass the SODIUM_CRYPTO_PWHASH_ALG_ARGON2I13 constant to the fourth argument after the password, salt, and security level.

        $key = KeyFactory::deriveEncryptionKey(
            new HiddenString('correct horse barry staple'),
-             "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f"
+             "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f",
+             KeyFactory::INTERACTIVE,
+             SODIUM_CRYPTO_PWHASH_ALG_ARGON2I13
        );

If you previously specified a security level, your diff might look like this:

        $key = KeyFactory::deriveEncryptionKey(
            new HiddenString('correct horse barry staple'),
            "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f",
-             KeyFactory::SENSITIVE
+             KeyFactory::SENSITIVE,
+             SODIUM_CRYPTO_PWHASH_ALG_ARGON2I13
        );

This is mostly a boyscouting/documentation release. However, we now pass Psalm under the strictest setting (totallyTyped = true). This means that not only is our public interface totally type-safe, but Halite's internals are as well.

• Prompted by #67, Halite is now available under the terms of the Mozilla Public License 2.0 (MPL-2.0). Using Halite to build products that restrict user freedom (such as DRM) is highly discouraged, but not forbidden.

Halite will attempt to use sodium_compat where ever it can. However, for best results, install version 1.0.6 of the libsodium extension from PECL.

The 1.x branch of Halite is the only version that still supports PHP 5. All future versions require PHP 7 or higher. Version 4 requires PHP 7.2.

• Bump minimum PHP version to 7.2.0, which will be available before the end of 2017
• New methods: encryptWithAd() and decryptWithAd(), for satisfying true AEAD needs
• Encrypted password hashing through our Password class can also accept an optional, additional data parameter
• HiddenString objects can now be directly compared
  • $hiddenString->equals($otherHiddenString)
• Added Psalm to our Continuous Integration to assure Halite is fully type-safe
• Updated unit tests to be compatible with PHPUnit 6