Sapient Versions Save

Fixes #17 via #19 (thanks @carnage!)

This supersedes the bad release v1.1.1 which has been deleted because the syntax of cloning created misbehavior.

- $body = (string) clone $response->getBody();
+ $body = (string) (clone $response)->getBody();

• Supports PHP 8
• Migrated to Github Actions

• Merged #15 which fixes the header selection for Symmetric Authentication
• Now unit tested against PHP 7.3, 7.4snapshot, and nightly.
• Boyscouted the test suite.

• Updated some unit tests.
• Sapient now passes Psalm's inspections in totallyTyped mode.
• Added PHP 7.2 to the Travis CI configuration.

Sapient is now stable. The only changes since v0.5.0 have been documentation related, including a specification.

Any crypto details not covered in the specification document should be deferred to "whatever libsodium does".

This may be the final pre-1.0 release. Some changes:

• Added some documentation.
• Reorganized some of the code in a non-BC-breaking way.
• Renamed a few methods that weren't documented, to make our public API more consistent.
• Improved the README.

I'll probably do a little more documentation work then tag v1.0 shortly.

• We've introduced a generic adapter, and separated the convenience methods (create*()) into their own interface.
• You no longer need an adapter if you're only passing PSR-7 compliant objects that implement RequestInterface or ResponseInterface to the appropriate methods; it defaults to the generic adapter.

• (#6) Sapient is no longer a subclass of the Guzzle HTTP client. BC Break
  • Instead, it expects an instance of a new AdapterInterface passed to the constructor, which allows multiple HTTP implementations to be used.
  • Future scope: Make this argument optional, default to a generic adapter (which does not yet exist).
• (#2) Public key encryption is now based on XChaCha20 instead of XSalsa20. BC Break
  • Our key and nonce derivation now use a similar construction to libsodium's crypto_kx
    • Difference: BLAKE2b output size is 56 bytes instead of 32
    • The first 32 are the key, the last 24 are the nonce
    • This maps a 32 byte shared secret and two 32 byte public keys, passed through a secure hash function, to a 56-byte pseudorandom output; this should prove to be secure so long as X25519 is secure

This release mostly addresses some minor oversights in the API design. I also added docblocks and fleshed out the README a little more.

This exists. Hopefully it's not horrendously broken.

Documentation and usability enhancements are very welcome.