PHPackages paragonie/sodium\_compat - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Authentication & Authorization](/categories/authentication) 4. / 5. paragonie/sodium\_compat ActiveLibrary[Authentication & Authorization](/categories/authentication) paragonie/sodium\_compat ======================== Pure PHP implementation of libsodium; uses the PHP extension if it exists v2.5.0(4mo ago)930131.6M—0.5%6720ISCPHPPHP ^8.1CI failing Since Jan 12Pushed 4mo ago22 watchersCompare [ Source](https://github.com/paragonie/sodium_compat)[ Packagist](https://packagist.org/packages/paragonie/sodium_compat)[ RSS](/packages/paragonie-sodium-compat/feed)WikiDiscussions master Synced 1mo ago READMEChangelog (10)Dependencies (5)Versions (85)Used By (20)Security (2) Sodium Compat ============= [](#sodium-compat) [![Build Status](https://github.com/paragonie/sodium_compat/actions/workflows/ci.yml/badge.svg)](https://github.com/paragonie/sodium_compat/actions)[![Psalm Status](https://github.com/paragonie/sodium_compat/actions/workflows/psalm.yml/badge.svg)](https://github.com/paragonie/sodium_compat/actions)[![Latest Stable Version](https://camo.githubusercontent.com/e99a371067a493fb304d9337e8ac4bbc8bd736ecc6bdf906f9938a74cbb12b93/68747470733a2f2f706f7365722e707567782e6f72672f70617261676f6e69652f736f6469756d5f636f6d7061742f762f737461626c65)](https://packagist.org/packages/paragonie/sodium_compat)[![Latest Unstable Version](https://camo.githubusercontent.com/83edfe4ac5b7cecb46dbdc650c385bebc8fa98aae3d3af1aaf2fc845e8700c6f/68747470733a2f2f706f7365722e707567782e6f72672f70617261676f6e69652f736f6469756d5f636f6d7061742f762f756e737461626c65)](https://packagist.org/packages/paragonie/sodium_compat)[![License](https://camo.githubusercontent.com/820c62c44a3c7bbb5ca2237a30bcec1e15caa73fcdc105507a788197e80725c2/68747470733a2f2f706f7365722e707567782e6f72672f70617261676f6e69652f736f6469756d5f636f6d7061742f6c6963656e7365)](https://packagist.org/packages/paragonie/sodium_compat)[![Downloads](https://camo.githubusercontent.com/a68c667d92b741bd37899991fe813eac2b8ccc4b67ab6a7eed87e35661e0b054/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f64742f70617261676f6e69652f736f6469756d5f636f6d7061742e737667)](https://packagist.org/packages/paragonie/sodium_compat) Sodium Compat is a pure PHP polyfill for the Sodium cryptography library (libsodium), a core extension in PHP 7.2.0+ and otherwise [available in PECL](https://pecl.php.net/package/libsodium). If you have the PHP extension installed, Sodium Compat will opportunistically and transparently use the PHP extension instead of our implementation. Major Versions and Branches --------------------------- [](#major-versions-and-branches) sodium\_compat v1.21.0 was the last v1.x release from the master branch. From now on, all future releases that support PHP 5.2 - 8.0 and 32-bit integers will be [in the `v1.x` branch](https://github.com/paragonie/sodium_compat/tree/v1.x). Newer versions of sodium\_compat (i.e., v2.0.0) will continue to live in the master branch, unless a new major version is needed. The goal of this work is to improve code readability and performance, while reducing boilerplate code. When in doubt, refer to the README file in [the master branch](https://github.com/paragonie/sodium_compat/blob/master/README.md)for the latest in version information. ### Which version should I use? [](#which-version-should-i-use) sodium\_compat versionPHP versions supported32-bit support?Branch`v1.x.y`5.2.4 - LATESTYES[v1.x](https://github.com/paragonie/sodium_compat/tree/v1.x)`v2.x.y`8.1 - LATESTNO**master**If you need 32-bit PHP support (`PHP_INT_SIZE == 4`), continue using sodium\_compat v1.x. If you want improved performance and smaller dependencies, use v2.x. We recommend libraries and frameworks set a Composer version constraint as follows: ``` { "require": { /* ... */ "paragonie/sodium_compat": ">= 1" /* ... */ } } ``` Applications should, conversely, specify the actual version that matters to them and their deployments. IMPORTANT! ---------- [](#important) This cryptography library has not been formally audited by an independent third party that specializes in cryptography or cryptanalysis. If you require such an audit before you can use sodium\_compat in your projects and have the funds for such an audit, please open an issue or contact `security at paragonie dot com` so we can help get the ball rolling. However, sodium\_compat has been adopted by high profile open source projects, such as [Joomla!](https://github.com/joomla/joomla-cms/blob/459d74686d2a638ec51149d7c44ddab8075852be/composer.json#L40)and [Magento](https://github.com/magento/magento2/blob/8fd89cfdf52c561ac0ca7bc20fd38ef688e201b0/composer.json#L44). Furthermore, sodium\_compat was developed by Paragon Initiative Enterprises, a company that *specializes* in secure PHP development and PHP cryptography, and has been informally reviewed by many other security experts who also specialize in PHP. If you'd like to learn more about the defensive security measures we've taken to prevent sodium\_compat from being a source of vulnerability in your systems, please read [*Cryptographically Secure PHP Development*](https://paragonie.com/blog/2017/02/cryptographically-secure-php-development). Installing Sodium Compat ======================== [](#installing-sodium-compat) If you're using Composer: ``` composer require paragonie/sodium_compat ``` ### Install From Source [](#install-from-source) If you're not using Composer, download a [release tarball](https://github.com/paragonie/sodium_compat/releases)(which should be signed with [our GnuPG public key](https://paragonie.com/static/gpg-public-key.txt)), extract its contents, then include our `autoload.php` script in your project. ```