Merge pull request #172 from paragonie/v2-init

Begin New Major Version (2.0.0)

Author: paragonie-security

.gitattributes

@@ -3,13 +3,11 @@
 /.github export-ignore
 /phpunit.xml.dist export-ignore
 /phpstan.neon.dist export-ignore
-/psalm-above-3.xml export-ignore
-/psalm-below-3.xml export-ignore
+/psalm.xml export-ignore
 /tests export-ignore
 /build-phar.sh export-ignore
 /appveyor.yml export-ignore
 /dist export-ignore
 /autoload-phpunit.php export-ignore
 /autoload-pedantic.php export-ignore
 /autoload-fast.php export-ignore
-

.github/workflows/ci.yml

@@ -3,46 +3,17 @@ name: CI
 on: [push]
 
 jobs:
-  old:
-    name: PHP ${{ matrix.php-versions }} Test on ${{ matrix.operating-system }}
-    runs-on: ${{ matrix.operating-system }}
-    strategy:
-      fail-fast: false
-      matrix:
-        operating-system: ['ubuntu-latest']
-        php-versions: ['5.3', '5.4', '5.5', '5.6', '7.0']
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v4
-
-      - name: Setup PHP
-        uses: shivammathur/setup-php@v2
-        with:
-          php-version: ${{ matrix.php-versions }}
-          extensions: mbstring, intl
-          ini-values: max_execution_time=600, memory_limit=256M, error_reporting=-1, display_errors=On
-          coverage: none
-
-      - name: Use Composer 1.x
-        run: composer self-update --1
-
-      - name: Install Composer dependencies
-        uses: "ramsey/composer-install@v2"
-
-      - name: PHPUnit tests
-        run: vendor/bin/phpunit
-
   moderate-modern:
     name: PHP ${{ matrix.php-versions }} Test on ${{ matrix.operating-system }}
     runs-on: ${{ matrix.operating-system }}
     strategy:
       matrix:
         operating-system: ['ubuntu-latest']
-        php-versions: ['7.1', '7.2', '7.3', '7.4', '8.0', '8.1', '8.2', '8.3', '8.4']
+        php-versions: ['8.1', '8.2', '8.3', '8.4']
 
     steps:
       - name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
 
       - name: Setup PHP
         uses: shivammathur/setup-php@v2

.github/workflows/psalm.yml

@@ -9,7 +9,7 @@ jobs:
     strategy:
       matrix:
         operating-system: ['ubuntu-latest']
-        php-versions: ['7.4']
+        php-versions: ['8.3']
     steps:
       - name: Checkout
         uses: actions/checkout@v4
@@ -26,8 +26,5 @@ jobs:
         with:
           composer-options: --no-dev
 
-      - name: Put Psalm config in place
-        run: cp psalm-above-3.xml psalm.xml
-
       - name: Static Analysis
         run: psalm

.gitignore

@@ -7,4 +7,3 @@
 /composer.lock
 /composer.phar
 /vendor/
-/psalm.xml

LICENSE

@@ -1,6 +1,6 @@
 ISC License
 
-Copyright (c) 2016-2023, Paragon Initiative Enterprises <security at paragonie dot com>
+Copyright (c) 2016-2024, Paragon Initiative Enterprises <security at paragonie dot com>
 Copyright (c) 2013-2019, Frank Denis <j at pureftpd dot org>
 
 Permission to use, copy, modify, and/or distribute this software for any

README.md

@@ -2,7 +2,6 @@
 
 [![Build Status](https://github.com/paragonie/sodium_compat/actions/workflows/ci.yml/badge.svg)](https://github.com/paragonie/sodium_compat/actions)
 [![Psalm Status](https://github.com/paragonie/sodium_compat/actions/workflows/psalm.yml/badge.svg)](https://github.com/paragonie/sodium_compat/actions)
-[![Windows Build Status](https://ci.appveyor.com/api/projects/status/itcx1vgmfqiawgbe?svg=true)](https://ci.appveyor.com/project/paragonie-scott/sodium-compat)
 [![Latest Stable Version](https://poser.pugx.org/paragonie/sodium_compat/v/stable)](https://packagist.org/packages/paragonie/sodium_compat)
 [![Latest Unstable Version](https://poser.pugx.org/paragonie/sodium_compat/v/unstable)](https://packagist.org/packages/paragonie/sodium_compat)
 [![License](https://poser.pugx.org/paragonie/sodium_compat/license)](https://packagist.org/packages/paragonie/sodium_compat)
@@ -17,8 +16,8 @@ and transparently use the PHP extension instead of our implementation.
 ## Major Versions and Branches
 
 sodium_compat v1.21.0 was the last v1.x release from the master branch. From now
-on, all future releases that support PHP 5.2 - 5.6 and 32-bit integers will be
-[in the `v1.x` branch](v1.x).
+on, all future releases that support PHP 5.2 - 8.0 and 32-bit integers will be
+[in the `v1.x` branch](https://github.com/paragonie/sodium_compat/tree/v1.x).
 
 Newer versions of sodium_compat (i.e., v2.0.0) will continue to live in the master
 branch, unless a new major version is needed. The goal of this work is to improve
@@ -32,7 +31,7 @@ for the latest in version information.
 | sodium_compat version | PHP versions supported | 32-bit support? | Branch                                                        |
 |-----------------------|------------------------|-----------------|---------------------------------------------------------------|
 | `v1.x.y`              | 5.2.4 - LATEST         | YES             | [v1.x](https://github.com/paragonie/sodium_compat/tree/v1.x)  |
-| `v2.x.y`              | 7.2 - LATEST           | NO              | **master**                                                    |
+| `v2.x.y`              | 8.1 - LATEST           | NO              | **master**                                                    |
 
 If you need 32-bit PHP support (`PHP_INT_SIZE == 4`), continue using sodium_compat v1.x.
 If you want improved performance and smaller dependencies, use v2.x.
@@ -161,32 +160,6 @@ if (sodium_crypto_sign_verify_detached($signature, $message, $alice_pk)) {
 }
 ```
 
-## Polyfill For the Old PECL Extension API
-
-If you're using PHP 5.3.0 or newer and do not have the PECL extension installed,
-you can just use the [standard ext/sodium API features as-is](https://paragonie.com/book/pecl-libsodium)
-and the polyfill will work its magic.
-
-```php
-<?php
-require_once "/path/to/sodium_compat/autoload.php";
-
-$alice_kp = \Sodium\crypto_sign_keypair();
-$alice_sk = \Sodium\crypto_sign_secretkey($alice_kp);
-$alice_pk = \Sodium\crypto_sign_publickey($alice_kp);
-
-$message = 'This is a test message.';
-$signature = \Sodium\crypto_sign_detached($message, $alice_sk);
-if (\Sodium\crypto_sign_verify_detached($signature, $message, $alice_pk)) {
-    echo 'OK', PHP_EOL;
-} else {
-    throw new Exception('Invalid signature');
-}
-```
-
-The polyfill does not expose this API on PHP < 5.3, or if you have the PHP
-extension installed already.
-
 ## General-Use Polyfill
 
 If your users are on PHP < 5.3, or you want to write code that will work
@@ -212,7 +185,7 @@ if (ParagonIE_Sodium_Compat::crypto_sign_verify_detached($signature, $message, $
 }
 ```
 
-Generally: If you replace `\Sodium\ ` with `ParagonIE_Sodium_Compat::`, any
+Generally: If you replace `sodium_` with `ParagonIE_Sodium_Compat::`, any
 code already written for the libsodium PHP extension should work with our
 polyfill without additional code changes.
 
@@ -254,26 +227,6 @@ if (ParagonIE_Sodium_Compat::polyfill_is_fast()) {
 }
 ```
 
-### Help, my PHP only has 32-Bit Integers! It's super slow!
-
-If the `PHP_INT_SIZE` constant equals `4` instead of `8` (PHP 5 on Windows,
-Linux on i386, etc.), you will run into **significant performance issues**.
-
-In particular: public-key cryptography (encryption and signatures)
-is affected. There is nothing we can do about that.
-
-The root cause of these performance issues has to do with implementing cryptography
-algorithms in constant-time using 16-bit limbs (to avoid overflow) in pure PHP.
-
-To mitigate these performance issues, simply install PHP 7.2 or newer and enable
-the `sodium` extension.
-
-Affected users are encouraged to install the sodium extension (or libsodium from
-older version of PHP).
-
-Windows users on PHP 5 may be able to simply upgrade to PHP 7 and the slowdown
-will be greatly reduced.
-
 ## Documentation
 
 First, you'll want to read the [Libsodium Quick Reference](https://paragonie.com/blog/2017/06/libsodium-quick-reference-quick-comparison-similar-functions-and-which-one-use).

appveyor.yml

@@ -1,45 +1,28 @@
 <?php
 
-if (PHP_VERSION_ID < 70000) {
-    if (!is_callable('sodiumCompatAutoloader')) {
-        /**
-         * Sodium_Compat autoloader.
-         *
-         * @param string $class Class name to be autoloaded.
-         *
-         * @return bool         Stop autoloading?
-         */
-        function sodiumCompatAutoloader($class)
-        {
-            $namespace = 'ParagonIE_Sodium_';
-            // Does the class use the namespace prefix?
-            $len = strlen($namespace);
-            if (strncmp($namespace, $class, $len) !== 0) {
-                // no, move to the next registered autoloader
-                return false;
-            }
-
-            // Get the relative class name
-            $relative_class = substr($class, $len);
+spl_autoload_register(function ($class) {
+    $namespace = 'ParagonIE_Sodium_';
+    // Does the class use the namespace prefix?
+    $len = strlen($namespace);
+    if (strncmp($namespace, $class, $len) !== 0) {
+        // no, move to the next registered autoloader
+        return false;
+    }
 
-            // Replace the namespace prefix with the base directory, replace namespace
-            // separators with directory separators in the relative class name, append
-            // with .php
-            $file = dirname(__FILE__) . '/src/' . str_replace('_', '/', $relative_class) . '.php';
-            // if the file exists, require it
-            if (file_exists($file)) {
-                require_once $file;
-                return true;
-            }
-            return false;
-        }
+    // Get the relative class name
+    $relative_class = substr($class, $len);
 
-        // Now that we have an autoloader, let's register it!
-        spl_autoload_register('sodiumCompatAutoloader');
+    // Replace the namespace prefix with the base directory, replace namespace
+    // separators with directory separators in the relative class name, append
+    // with .php
+    $file = dirname(__FILE__) . '/src/' . str_replace('_', '/', $relative_class) . '.php';
+    // if the file exists, require it
+    if (file_exists($file)) {
+        require_once $file;
+        return true;
     }
-} else {
-    require_once dirname(__FILE__) . '/autoload-php7.php';
-}
+    return false;
+});
 
 /* Explicitly, always load the Compat class: */
 if (!class_exists('ParagonIE_Sodium_Compat', false)) {
@@ -49,26 +32,17 @@ function sodiumCompatAutoloader($class)
 if (!class_exists('SodiumException', false)) {
     require_once dirname(__FILE__) . '/src/SodiumException.php';
 }
-if (PHP_VERSION_ID >= 50300) {
-    // Namespaces didn't exist before 5.3.0, so don't even try to use this
-    // unless PHP >= 5.3.0
-    require_once dirname(__FILE__) . '/lib/namespaced.php';
-    require_once dirname(__FILE__) . '/lib/sodium_compat.php';
-    if (!defined('SODIUM_CRYPTO_AEAD_AEGIS128L_KEYBYTES')) {
-        require_once dirname(__FILE__) . '/lib/php84compat_const.php';
-    }
-} else {
-    require_once dirname(__FILE__) . '/src/PHP52/SplFixedArray.php';
+
+require_once dirname(__FILE__) . '/lib/namespaced.php';
+if (!defined('SODIUM_CRYPTO_AEAD_AEGIS128L_KEYBYTES')) {
+    require_once dirname(__FILE__) . '/lib/php84compat_const.php';
 }
-if (PHP_VERSION_ID < 70200 || !extension_loaded('sodium')) {
-    if (PHP_VERSION_ID >= 50300 && !defined('SODIUM_CRYPTO_SCALARMULT_BYTES')) {
+
+if (!extension_loaded('sodium')) {
+    if (!defined('SODIUM_CRYPTO_SCALARMULT_BYTES')) {
         require_once dirname(__FILE__) . '/lib/php72compat_const.php';
     }
-    if (PHP_VERSION_ID >= 70000) {
-        assert(class_exists('ParagonIE_Sodium_Compat'), 'Possible filesystem/autoloader bug?');
-    } else {
-        assert(class_exists('ParagonIE_Sodium_Compat'));
-    }
+    assert(class_exists('ParagonIE_Sodium_Compat'), 'Possible filesystem/autoloader bug?');
     require_once(dirname(__FILE__) . '/lib/php72compat.php');
 } elseif (!function_exists('sodium_crypto_stream_xchacha20_xor')) {
     // Older versions of {PHP, ext/sodium} will not define these