Download the PHP package paragonie/halite-legacy without Composer
On this page you can find all versions of the php package paragonie/halite-legacy. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.
Download paragonie/halite-legacy
More information about paragonie/halite-legacy
Files in paragonie/halite-legacy
Package halite-legacy
Short Description Legacy implementations of Halite (can be loaded alongside Halite to facilitate migrations)
License ISC
FAQ
Example:
In general, it is recommended to use always a project to download your libraries. In an application normally there is more than one library needed.
- Some hosting areas are not accessible by a terminal or SSH. Then it is not possible to use Composer.
- To use Composer is sometimes complicated. Especially for beginners.
- Composer needs much resources. Sometimes they are not available on a simple webspace.
- If you are using private repositories you don't need to share your credentials. You can set up everything on our site and then you provide a simple download link to your team member.
- Simplify your Composer build process. Use our own command line tool to download the vendor folder as binary. This makes your build process faster and you don't need to expose your credentials for private repositories.
Informations about the package halite-legacy
Halite-Legacy
See Halite for documentation, etc.
This library allows you to side-load an unsupported legacy version of Halite into your application in order to migrate data to the newest version.
Important
This library is out of scope for any bug bounty programs!
Please refer to Halite for a library that is in-scope.
Installing
Use Composer.
Migrating Code
Simply use the legacy classes to facilitate decryption, and re-encrypt with the latest version of Halite.
How To Perform A Migration
It is essential when migrating from an old version of Halite to do a two-putt migration. This is the Platonic ideal; the minimal number of steps necessary to prevent a "split brain" scenario in a distributed system.
First, update your code to use HaliteLegacy to read the old ciphertext formats. (See migrating code above). It is imperative that you test and rollout this change first before proceeding to the next step.
Next, update your code to start writing the new ciphertext format using Halite proper.
We provide a class called VersionHelper for inferring the version of a ciphertext from an encrypted message.
You can use it like so:
What If You Attempt A Migration Out Of Order?
Let's say you have 100 servers that handle ciphertext encrypted with Halite v4. (An arbitrary number.)
If you don't follow the two-putt migration strategy we outlined above, rolling out an update to Halite v5 will create the risk of a split-brain scenario where some servers were updated and start emitting v5 ciphertexts before stale servers can decrypt them successfully.
By performing the migration the way we recommend, you guarantee all your servers can read v5 before any begin writing messages using v5.
Support Contracts
If your company uses this library in their products or services, you may be interested in purchasing a support contract from Paragon Initiative Enterprises.
Unpaid support will not be provided for halite-legacy.
All versions of halite-legacy with dependencies
paragonie/constant_time_encoding Version ^1|^2|^3
paragonie/halite Version ^4|^5
paragonie/sodium_compat Version ^1.21