PHP download

Download the PHP package paragonie/sapient without Composer

On this page you can find all versions of the php package paragonie/sapient. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.

Table of contents
Download paragonie/sapient
More information about paragonie/sapient
Files in paragonie/sapient

Vendor paragonie
Package sapient
Short Description Secure API Toolkit
License MIT

FAQ

After the download, you have to make one include require_once('vendor/autoload.php');. After that you have to import the classes with use statements.

Example:

If you use only one package a project is not needed. But if you use more then one package, without a project it is not possible to import the classes with use statements.

In general, it is recommended to use always a project to download your libraries. In an application normally there is more than one library needed.

Some PHP packages are not free to download and because of that hosted in private repositories. In this case some credentials are needed to access such packages. Please use the auth.json textarea to insert credentials, if a package is coming from a private repository. You can look here for more information.

Some hosting areas are not accessible by a terminal or SSH. Then it is not possible to use Composer.
To use Composer is sometimes complicated. Especially for beginners.
Composer needs much resources. Sometimes they are not available on a simple webspace.
If you are using private repositories you don't need to share your credentials. You can set up everything on our site and then you provide a simple download link to your team member.
Simplify your Composer build process. Use our own command line tool to download the vendor folder as binary. This makes your build process faster and you don't need to expose your credentials for private repositories.

Please rate this library. Is it a good library?

Example code of paragonie/sapient

Informations about the package sapient

Sapient: Secure API toolkit

Sapient secures your PHP applications' server-to-server HTTP(S) traffic even in the wake of a TLS security breakdown (compromised certificate authority, etc.).

Sapient allows you to quickly and easily add application-layer cryptography to your API requests and responses. Requires PHP 7 or newer.

Sapient was designed and implemented by the PHP security and cryptography team at Paragon Initiative Enterprises.

See our blog post about using Sapient to harden your PHP-powered APIs for more information about its design rationale and motivation.

The cryptography is provided by sodium_compat (which, in turn, will use the libsodium extension in PECL if it's installed).

Because sodium_compat operates on strings rather than resources (a.k.a. streams), Sapient is not suitable for extremely large messages on systems with very low available memory. Sapient only encrypts or authenticates message bodies; if you need headers to be encrypted or authenticated, that's the job of Transport-Layer Security (TLS).

Features at a Glance

Works with both Request and Response objects (PSR-7)
- Includes a Guzzle adapter for HTTP clients
Secure APIs:
- Shared-key encryption
- XChaCha20-Poly1305
- Shared-key authentication
- HMAC-SHA512-256
- Anonymous public-key encryption
- X25519 + BLAKE2b + XChaCha20-Poly1305
- Public-key digital signatures
- Ed25519
Works with arrays
- i.e. the methods with "Json" in the name
- Sends/receives signed or encrypted JSON
Works with strings
- i.e. the methods without "Json" in the name
Digital signatures and authentication are backwards-compatible with unsigned JSON API clients and servers
- The signaure and authentication tag will go into HTTP headers, rather than the request/response body.

Additionally, Sapient is covered by both unit tests (provided by PHPUnit) and automated static analysis (provided by Psalm).

Sapient Adapters

If you're looking to integrate Sapient into an existing framework:

Guzzle
- Adapter is included, but Guzzle itself is not a dependency.
- Add the suggested package if you want to use Guzzle (e.g. composer require guzzlehttp/guzzle:^6)
Laravel Sapient Adapter
- composer require mcordingley/laravel-sapient
Slim Framework Sapient Adapter
- composer require paragonie/slim-sapient
Zend Framework Diactoros Sapient Adapter
- composer require paragonie/zend-diactoros-sapient
Symfony bundle
- composer require lepiaf/sapient-bundle

If your framework correctly implements PSR-7, you most likely do not need an adapter. However, some adapters provide convenience methods that make rapid development easier.

To learn more about adapters, see the documentation for AdapterInterface.

Sapient in Other Languages

sapient.js (JavaScript, Node.js)

Example 1: Signed PSR-7 Responses

This demonstrats a minimal implementation that adds Ed25519 signatures to your existing PSR-7 HTTP responses.

Server-Side: Signing an HTTP Response

Client-Side: Verifying the Signature

Example 2: Mutually Signed JSON API with the Guzzle Adapter

This example takes advantage of an Adapter the provides the convenience methods described in ConvenienceInterface.

Client-Side: Sending a Signed Request, Verifying the Response

Server-Side: Verifying a Signed Request, Signing a Response

All versions of sapient with dependencies

PHP Build Version

Package Version

Version v1.1.2 Release 26. Jun 2021
create-project require 1 people choosed require and
0 people choosed create-project.

Download

Download latest version of sapient from vendor paragonie

Requires php Version ^7|^8
guzzlehttp/psr7 Version ^1
paragonie/constant_time_encoding Version ^2
paragonie/sodium_compat Version >= 1.15.4
psr/http-message Version ^1

Composer command for our command line client (download client) This client runs in each environment. You don't need a specific PHP version etc. The first 20 API calls are free. Standard composer command

The package paragonie/sapient contains the following files

Loading the files please wait ....