Halite Versions Save

• Support both sodium_compat v1 and v2. Learn more here.

• Dropped PHP 8.0 support, increased minimum PHP version to 8.1.
  • This is due to the significant performance difference between ext/sodium and sodium_compat, and the functions we use in 5.x aren't available until PHP 8.1. See #178.
• The 5.0.x branch will continue to function on PHP 8.0 but performance is not guaranteed.

• Increased minimum PHP version to 8.0.
• Security: Asymmetric encryption now uses HKDF-BLAKE2b to extract a 256-bit uniformly random bit string for the encryption key, rather than using the raw X25519 output directly as an encryption key. This is important because Elliptic Curve Diffie-Hellman results in a random group element, but that isn't necessarily a uniformly random bit string.
  • Because Halite v4 and earlier did not perform this step, it's superficially susceptible to Cheon's attack. This reduces the effective security from 125 bits (Pollard's rho) to 123 bits, but neither is a practical concern today.
• Security: Halite v5 uses the PAE strategy from PASETO to prevent canonicalization attacks.
• Security: Halite v5 appends the random salt to HKDF's info parameter instead of the salt parameter. This allows us to meet the KDF Security Definition (which is stronger than a mere Pseudo-Random Function).
• Encryption now uses XChaCha20 instead of XSalsa20.
• The File class no longer supports the resource type. To migrate code, wrap your resource arguments in a ReadOnlyFile or MutableFile object.
• Added File::asymmetricEncrypt() and File::asymmetricDecrypt().

These security improvements were identified through an internal code review after years of studying new cryptographic attacks. Halite v4 ciphertexts are still decryptable with v5, so upgrading should be largely drop-in.

• Merged #158, which removes the final access modifier from private methods and guarantees PHP 8 support.
• Migrated tests off of Travis CI, onto Github Actions instead.

• Allows hidden-string v1 or v2 to be installed.

• Merged #154, which supports the SameSite cookie arguments on PHP 7.3+.
• Create a wrapper for sodium_memzero() to support sodium_compat.
• Added support for PHP 8.
• #146, #155, #156 -- Various documentation improvements.

• Merged #138, which adds remote stream support to ReadOnlyFile.
• Merged #140, which saves some overhead on hash recalculation.
• Merged #136 and #137, which updated the sodium stub files. These aren't strictly necessary anymore; with the adoption of libsodium in PHP 7.2 and sodium_compat, most IDEs autocomplete correctly. But fixing nits is always appreciated.
• Update minimum sodium_compat to v1.11.0.

• Merged #132, which ensures all Halite exceptions implement Throwable.
• Merged #133, which updates the documentation for the File API. Thanks @elliot-sawyer.
• Merged #134, which allows MutableFile to be used on resources opened in wb mode. Thanks @christiaanbaartse.
• Other minor documentation improvements.

• Fixed some minor nuisances with Psalm and PHPUnit.
• Added reference to Halite-Legacy to the README.
• Updated docblocks.

• Fixed #116. If the output file doesn't exist, it will be created. If it cannot be created, an exception will still be thrown.