Download the PHP package paragonie/halite-legacy without Composer
On this page you can find all versions of the php package paragonie/halite-legacy. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.
Download paragonie/halite-legacy
More information about paragonie/halite-legacy
Files in paragonie/halite-legacy
Package halite-legacy
Short Description Legacy implementations of Halite (can be loaded alongside Halite to facilitate migrations)
License ISC
Informations about the package halite-legacy
Halite-Legacy
See Halite for documentation, etc.
This library allows you to side-load an unsupported legacy version of Halite into your application in order to migrate data to the newest version.
Important
This library is out of scope for any bug bounty programs!
Please refer to Halite for a library that is in-scope.
Installing
Use Composer.
Migrating Code
Simply use the legacy classes to facilitate decryption, and re-encrypt with the latest version of Halite.
How To Perform A Migration
It is essential when migrating from an old version of Halite to do a two-putt migration. This is the Platonic ideal; the minimal number of steps necessary to prevent a "split brain" scenario in a distributed system.
First, update your code to use HaliteLegacy to read the old ciphertext formats. (See migrating code above). It is imperative that you test and rollout this change first before proceeding to the next step.
Next, update your code to start writing the new ciphertext format using Halite proper.
We provide a class called VersionHelper
for inferring the version of a ciphertext from an encrypted message.
You can use it like so:
What If You Attempt A Migration Out Of Order?
Let's say you have 100 servers that handle ciphertext encrypted with Halite v4. (An arbitrary number.)
If you don't follow the two-putt migration strategy we outlined above, rolling out an update to Halite v5 will create the risk of a split-brain scenario where some servers were updated and start emitting v5 ciphertexts before stale servers can decrypt them successfully.
By performing the migration the way we recommend, you guarantee all your servers can read v5 before any begin writing messages using v5.
Support Contracts
If your company uses this library in their products or services, you may be interested in purchasing a support contract from Paragon Initiative Enterprises.
Unpaid support will not be provided for halite-legacy
.
All versions of halite-legacy with dependencies
paragonie/constant_time_encoding Version ^1|^2|^3
paragonie/halite Version ^4|^5
paragonie/sodium_compat Version ^1.21