{"id":13584705,"url":"https://github.com/paragonie/halite","last_synced_at":"2025-05-13T17:11:21.509Z","repository":{"id":1550988,"uuid":"42903237","full_name":"paragonie/halite","owner":"paragonie","description":"High-level cryptography interface powered by libsodium","archived":false,"fork":false,"pushed_at":"2025-03-09T18:47:16.000Z","size":1350,"stargazers_count":1134,"open_issues_count":23,"forks_count":88,"subscribers_count":43,"default_branch":"master","last_synced_at":"2025-04-10T20:53:08.063Z","etag":null,"topics":["argon2","authentication","blake2b","composer","cryptography","cryptography-library","curve25519","digital-signature","easy-to-use","ed25519","encryption","libsodium","misuse-resistant","php","php7","poly1305","siphash","x25519","xsalsa20"],"latest_commit_sha":null,"homepage":"https://paragonie.com/project/halite","language":"PHP","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mpl-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/paragonie.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2015-09-22T01:19:08.000Z","updated_at":"2025-04-07T13:43:54.000Z","dependencies_parsed_at":"2024-05-08T13:45:39.837Z","dependency_job_id":"e3fbca17-0b67-4403-a0f6-ac1396d4c336","html_url":"https://github.com/paragonie/halite","commit_stats":{"total_commits":576,"total_committers":25,"mean_commits":23.04,"dds":"0.47916666666666663","last_synced_commit":"aee234711b29cccb4a17aaaf6104fc542862fc1e"},"previous_names":[],"tags_count":62,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/paragonie%2Fhalite","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/paragonie%2Fhalite/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/paragonie%2Fhalite/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/paragonie%2Fhalite/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/paragonie","download_url":"https://codeload.github.com/paragonie/halite/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":250529546,"owners_count":21445638,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["argon2","authentication","blake2b","composer","cryptography","cryptography-library","curve25519","digital-signature","easy-to-use","ed25519","encryption","libsodium","misuse-resistant","php","php7","poly1305","siphash","x25519","xsalsa20"],"created_at":"2024-08-01T15:04:27.741Z","updated_at":"2025-04-23T23:20:15.232Z","avatar_url":"https://github.com/paragonie.png","language":"PHP","funding_links":[],"categories":["PHP","安全( Security )","Table of Contents"],"sub_categories":["Globalization"],"readme":"# Halite\n\n[![Build Status](https://github.com/paragonie/halite/actions/workflows/ci.yml/badge.svg)](https://github.com/paragonie/halite/actions)\n[![Static Analysis](https://github.com/paragonie/halite/actions/workflows/psalm.yml/badge.svg)](https://github.com/paragonie/halite/actions)\n[![Latest Stable Version](https://poser.pugx.org/paragonie/halite/v/stable)](https://packagist.org/packages/paragonie/halite)\n[![Latest Unstable Version](https://poser.pugx.org/paragonie/halite/v/unstable)](https://packagist.org/packages/paragonie/halite)\n[![License](https://poser.pugx.org/paragonie/halite/license)](https://packagist.org/packages/paragonie/halite)\n[![Downloads](https://img.shields.io/packagist/dt/paragonie/halite.svg)](https://packagist.org/packages/paragonie/halite)\n[![Coverage Status](https://coveralls.io/repos/github/paragonie/halite/badge.svg?branch=master)](https://coveralls.io/github/paragonie/halite?branch=master)\n\n**Halite** is a high-level cryptography interface that relies on [libsodium](https://pecl.php.net/package/libsodium)\nfor all of its underlying cryptography operations.\n\nHalite was created by [Paragon Initiative Enterprises](https://paragonie.com) as\na result of our continued efforts to improve the ecosystem and make [cryptography in PHP](https://paragonie.com/blog/2015/09/state-cryptography-in-php)\nsafer and easier to implement.\n\n\u003e You can read the [**Halite Documentation**](https://github.com/paragonie/halite/tree/master/doc) online.\n\nHalite is released under Mozilla Public License 2.0. [Commercial licenses are available](https://paragonie.com/contact)\nfrom Paragon Initiative Enterprises if you wish to extend Halite without making your\nderivative works available under the terms of the MPL.\n\nIf you are satisfied with the terms of MPL software for backend web applications\nbut would like to purchase a support contract for your application that uses Halite,\nthose are also offered by Paragon Initiative Enterprises.\n\n**Important:** Earlier versions of Halite were available under the GNU Public License\nversion 3 (GPLv3). Only Halite 4.0.1 and newer are available under the Mozilla Public\nLicense terms.\n\n## Installing Halite\n\nBefore you can use Halite, you must choose a version that fits the requirements \nof your project. The differences between the requirements for the available \nversions of Halite are briefly highlighted below.\n\n| | PHP | libsodium | PECL libsodium | Support |\n|--------------------------------------------------------------|-------|-----------|----------------|---------------------------|\n| Halite 5.1 and newer | 8.1.0 | 1.0.18 | N/A (standard) | :heavy_check_mark: Active |\n| Halite 5.0.x | 8.0.0 | 1.0.18 | N/A (standard) | :heavy_check_mark: Active |\n| [Halite 4.1+](https://github.com/paragonie/halite/tree/v4.x) | 7.2.0 | 1.0.15 | N/A (standard) | :x: Not Supported |\n| [Halite 4.0](https://github.com/paragonie/halite/tree/v4.0) | 7.2.0 | 1.0.13 | N/A (standard) | :x: Not Supported |\n| [Halite 3](https://github.com/paragonie/halite/tree/v3.x) | 7.0.0 | 1.0.9 | 1.0.6 / 2.0.4 | :x: Not Supported |\n| [Halite 2](https://github.com/paragonie/halite/tree/v2.2) | 7.0.0 | 1.0.9 | 1.0.6 | :x: Not Supported |\n| [Halite 1](https://github.com/paragonie/halite/tree/v1.x) | 5.6.0 | 1.0.6 | 1.0.2 | :x: Not Supported |\n\nNote: Halite 5.0.x works on PHP 8.0, but performance is worse than on PHP 8.1.\n\nIf you need a version of Halite before 5.1, see the documentation relevant to that\nparticular branch.\n\n**To install Halite, you first need to [install libsodium](https://paragonie.com/book/pecl-libsodium/read/00-intro.md#installing-libsodium).**\nYou may or may not need the PHP extension. For most people, this means running...\n\n sudo apt-get install php7.2-sodium\n\n...or an equivalent command for your operating system and PHP version.\n\nIf you're stuck, [this step-by-step guide contributed by @aolko](doc/Install-Guides/Ubuntu.md) may be helpful.\n\nOnce you have the prerequisites installed, install Halite through [Composer](https://getcomposer.org/doc/00-intro.md):\n\n composer require paragonie/halite:^5\n\n### Commercial Support for Older Halite Versions\n\nFree (gratis) support for Halite only extends to the most recent major version (currently 5).\n\nIf your company requires support for an older version of Halite,\n[contact Paragon Initiative Enterprises](https://paragonie.com/contact) to inquire about\ncommercial support options.\n\nIf you need an easy way to migrate from older versions of Halite, check out [halite-legacy](https://github.com/paragonie/halite-legacy).\n\n## Using Halite in Your Project\n\nCheck out the [documentation](doc). The basic Halite API is designed for simplicity:\n\n * Encryption\n * Symmetric\n * `Symmetric\\Crypto::encrypt`([`HiddenString`](doc/Classes/HiddenString.md), [`EncryptionKey`](doc/Classes/Symmetric/EncryptionKey.md)): `string`\n * `Symmetric\\Crypto::encryptWithAD`([`HiddenString`](doc/Classes/HiddenString.md), [`EncryptionKey`](doc/Classes/Symmetric/EncryptionKey.md), `string`): `string`\n * `Symmetric\\Crypto::decrypt`(`string`, [`EncryptionKey`](doc/Classes/Symmetric/EncryptionKey.md)): [`HiddenString`](doc/Classes/HiddenString.md)\n * `Symmetric\\Crypto::decryptWithAD`(`string`, [`EncryptionKey`](doc/Classes/Symmetric/EncryptionKey.md), `string`): [`HiddenString`](doc/Classes/HiddenString.md)\n * Asymmetric\n * Anonymous\n * `Asymmetric\\Crypto::seal`([`HiddenString`](doc/Classes/HiddenString.md), [`EncryptionPublicKey`](doc/Classes/Asymmetric/EncryptionPublicKey.md)): `string`\n * `Asymmetric\\Crypto::unseal`(`string`, [`EncryptionSecretKey`](doc/Classes/Asymmetric/EncryptionSecretKey.md)): [`HiddenString`](doc/Classes/HiddenString.md)\n * Authenticated\n * `Asymmetric\\Crypto::encrypt`([`HiddenString`](doc/Classes/HiddenString.md), [`EncryptionSecretKey`](doc/Classes/Asymmetric/EncryptionSecretKey.md), [`EncryptionPublicKey`](doc/Classes/Asymmetric/EncryptionPublicKey.md)): `string`\n * `Asymmetric\\Crypto::encryptWithAD`([`HiddenString`](doc/Classes/HiddenString.md), [`EncryptionSecretKey`](doc/Classes/Asymmetric/EncryptionSecretKey.md), [`EncryptionPublicKey`](doc/Classes/Asymmetric/EncryptionPublicKey.md), `string`): `string`\n * `Asymmetric\\Crypto::decrypt`(`string`, [`EncryptionSecretKey`](doc/Classes/Asymmetric/EncryptionSecretKey.md), [`EncryptionPublicKey`](doc/Classes/Asymmetric/EncryptionPublicKey.md)): [`HiddenString`](doc/Classes/HiddenString.md)\n * `Asymmetric\\Crypto::decryptWithAD`(`string`, [`EncryptionSecretKey`](doc/Classes/Asymmetric/EncryptionSecretKey.md), [`EncryptionPublicKey`](doc/Classes/Asymmetric/EncryptionPublicKey.md), `string`): [`HiddenString`](doc/Classes/HiddenString.md)\n * Authentication\n * Symmetric\n * `Symmetric\\Crypto::authenticate`(`string`, [`AuthenticationKey`](doc/Classes/Symmetric/AuthenticationKey.md)): `string`\n * `Symmetric\\Crypto::verify`(`string`, [`AuthenticationKey`](doc/Classes/Symmetric/AuthenticationKey.md), `string`): `bool`\n * Asymmetric\n * `Asymmetric\\Crypto::sign`(`string`, [`SignatureSecretKey`](doc/Classes/Asymmetric/SignatureSecretKey.md)): `string`\n * `Asymmetric\\Crypto::verify`(`string`, [`SignaturePublicKey`](doc/Classes/Asymmetric/SignaturePublicKey.md), `string`): `bool`\n\n### Example: Encrypting and Decrypting a message\n\nFirst, generate and persist a key exactly once:\n\n```php\n\u003c?php\nuse ParagonIE\\Halite\\KeyFactory;\n\n$encKey = KeyFactory::generateEncryptionKey();\nKeyFactory::save($encKey, '/path/outside/webroot/encryption.key');\n```\n\nAnd then you can encrypt/decrypt messages like so:\n\n```php\n\u003c?php\nuse ParagonIE\\Halite\\KeyFactory;\nuse ParagonIE\\Halite\\Symmetric\\Crypto as Symmetric;\nuse ParagonIE\\HiddenString\\HiddenString;\n\n$encryptionKey = KeyFactory::loadEncryptionKey('/path/outside/webroot/encryption.key');\n\n$message = new HiddenString('This is a confidential message for your eyes only.');\n$ciphertext = Symmetric::encrypt($message, $encryptionKey);\n\n$decrypted = Symmetric::decrypt($ciphertext, $encryptionKey);\n\nvar_dump($decrypted-\u003egetString() === $message-\u003egetString()); // bool(true)\n```\n\nThis should produce something similar to:\n\n MUIDAEpQznohvNlQ-ZRk-ZZ59Mmox75D_FgAIrXY2cUfStoeL-GIeAe0m-uaeURQdPsVmc5XxRw3-2x5ZAsZH_es37qqFuLFjUI-XK9uG0s30YTsorWfpHdbnqzhRuUOI09c-cKrfMQkNBNm0dDDwZazjTC48zWikRHSHXg8NXerVDebzng1aufc_S-osI_zQuLbZDODujEnpbPZhMMcm4-SWuyVXcBPdGZolJyT\n\n#### Cryptographic Keys in Halite\n\n\u003e **Important**: Halite works with `Key` objects, not strings.\n\nIf you attempt to `echo` a key object, you will get an empty string\nrather than its contents. If you attempt to `var_dump()` a key object,\nyou will just get some facts about the type of key it is.\n \nYou must invoke `$obj-\u003egetRawKeyMaterial()` explicitly if you want\nto inspect a key's raw binary contents. This is not recommended for\nmost use cases.\n\n### Example: Generating a key from a password\n\n```php\n\u003c?php\nuse ParagonIE\\Halite\\KeyFactory;\nuse ParagonIE\\HiddenString\\HiddenString;\n\n$passwd = new HiddenString('correct horse battery staple');\n// Use random_bytes(16); to generate the salt:\n$salt = \"\\xdd\\x7b\\x1e\\x38\\x75\\x9f\\x72\\x86\\x0a\\xe9\\xc8\\x58\\xf6\\x16\\x0d\\x3b\";\n\n$encryptionKey = KeyFactory::deriveEncryptionKey($passwd, $salt);\n```\n\nA key derived from a password can be used in place of one randomly generated.\n\n### Example: Encrypting a large file on a system with low memory\n\nHalite includes a file cryptography class that utilizes a streaming API to\nallow large files (e.g. gigabytes) be encrypted on a system with very little\navailable memory (i.e. less than 8 MB).\n\n```php\n\u003c?php\nuse ParagonIE\\Halite\\File;\nuse ParagonIE\\Halite\\KeyFactory;\n\n$encryptionKey = KeyFactory::loadEncryptionKey('/path/outside/webroot/encryption.key');\n\nFile::encrypt('input.txt', 'output.txt', $encryptionKey);\n```\n\n## Common Support Issues\n\n### Uncaught SodiumException: Cannot Wipe Memory\n\n\u003e PHP Fatal error: Uncaught SodiumException: This is not implemented, as it is not possible to securely wipe memory from PHP\n\nThe solution to this is to make sure libsodium is installed/enabled. See above in this\nREADME for more information. \n\n## Support Contracts\n\nIf your company uses this library in their products or services, you may be\ninterested in [purchasing a support contract from Paragon Initiative Enterprises](https://paragonie.com/enterprise).\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fparagonie%2Fhalite","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fparagonie%2Fhalite","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fparagonie%2Fhalite/lists"}