Update paragonie/halite requirement from ^4.4 to ^5.0

[dependabot]

Updates the requirements on paragonie/halite to permit the latest version.

Release notes

Sourced from paragonie/halite's releases.

Version 5.0.0

• Increased minimum PHP version to 8.0.
• Security: Asymmetric encryption now uses HKDF-BLAKE2b to extract a 256-bit uniformly random bit string for the encryption key, rather than using the raw X25519 output directly as an encryption key. This is important because Elliptic Curve Diffie-Hellman results in a random group element, but that isn't necessarily a uniformly random bit string.
  • Because Halite v4 and earlier did not perform this step, it's superficially susceptible to Cheon's attack. This reduces the effective security from 125 bits (Pollard's rho) to 123 bits, but neither is a practical concern today.
• Security: Halite v5 uses the PAE strategy from PASETO to prevent canonicalization attacks.
• Security: Halite v5 appends the random salt to HKDF's info parameter instead of the salt parameter. This allows us to meet the KDF Security Definition (which is stronger than a mere Pseudo-Random Function).
• Encryption now uses XChaCha20 instead of XSalsa20.
• The File class no longer supports the resource type. To migrate code, wrap your resource arguments in a ReadOnlyFile or MutableFile object.
• Added File::asymmetricEncrypt() and File::asymmetricDecrypt().

These security improvements were identified through an internal code review after years of studying new cryptographic attacks. Halite v4 ciphertexts are still decryptable with v5, so upgrading should be largely drop-in.

Changelog

Sourced from paragonie/halite's changelog.

Version 5.0.0 (2022-01-19)

• Increased minimum PHP version to 8.0.
• Security: Asymmetric encryption now uses HKDF-BLAKE2b to extract a 256-bit uniformly random bit string for the encryption key, rather than using the raw X25519 output directly as an encryption key. This is important because Elliptic Curve Diffie-Hellman results in a random group element, but that isn't necessarily a uniformly random bit string.
  • Because Halite v4 and earlier did not perform this step, it's superficially susceptible to Cheon's attack. This reduces the effective security from 125 bits (Pollard's rho) to 123 bits, but neither is a practical concern today.
• Security: Halite v5 uses the PAE strategy from PASETO to prevent canonicalization attacks.
• Security: Halite v5 appends the random salt to HKDF's info parameter instead of the salt parameter. This allows us to meet the KDF Security Definition (which is stronger than a mere Pseudo-Random Function).
• Encryption now uses XChaCha20 instead of XSalsa20.
• The File class no longer supports the resource type. To migrate code, wrap your resource arguments in a ReadOnlyFile or MutableFile object.
• Added File::asymmetricEncrypt() and File::asymmetricDecrypt().

Version 4.8.0 (2021-04-18)

• Merged #158, which removes the final access modifier from private methods and guarantees PHP 8 support.
• Migrated tests off of Travis CI, onto Github Actions instead.

Version 4.7.1 (2020-12-06)

• Allow v2 of paragonie/hidden-string to be installed.

Version 4.7.0 (2020-12-03)

• Merged #154, which supports the SameSite cookie arguments on PHP 7.3+.
• Create a wrapper for sodium_memzero() to support sodium_compat.
• Added support for PHP 8.
• #146, #155, #156 -- Various documentation improvements.

Version 4.6.0 (2019-09-12)

• Merged #138, which adds remote stream support to ReadOnlyFile.
• Merged #140, which saves some overhead on hash recalculation.
• Merged #136 and #137, which updated the sodium stub files. These aren't strictly necessary anymore; with the

... (truncated)

Commits

• 5145360 Prioritize security entries in CHANGELOG
• 906280e Merge pull request #177 from paragonie/v5-docs
• 0580191 Update Primitives doc
• e808619 Document splitKeys
• f84ca26 Fix nit
• 8103822 Cover AEAD better
• 40fd1ce Cover new File methods
• 21cb61d Begin Halite v5 documentation changes
• 1bbf8ac Use HKDF info parameter instead of salt for randomness
• 7d6cdc8 README: Bump major version, document WithAD
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)