Sapient – Security Toolkit for HTTP-Based APIs

3

Sapient – Security Toolkit for HTTP-Based APIs ☶ api crypto php security web github.com
authored by sarciszewski 1 year ago | cached | no comments

0

Sapient uses libsodium to encrypt or sign HTTP message bodies. It works either client-side or server-side, on requests or responses.

Features:

Symmetric-key
- Encryption (XChaCha20-Poly1305)
- Authentication (HMAC-SHA512-256)
Public-key
- Sealing (X25519 + BLAKE2b + XChaCha20-Poly1305)
- Signing (Ed25519)

If libsodium is not available (it currently has to be installed via PECL), sodium_compat will polyfill these features.

It works on PSR-7 interfaces, but for framework-specific adoption, we’ve created a few Sapient adapters and creating your own is relatively straightforward.

Specification: https://github.com/paragonie/sapient/blob/master/docs/Specification.md
Encryption specifics: https://github.com/paragonie/sapient/blob/master/docs/Internals/Simple.md
Class documentation: https://github.com/paragonie/sapient/blob/master/docs/Internals/Sapient.md