tink-crypto/tink-java (com.google.crypto.tink:tink-android)
### [`v1.12.0`](https://togithub.com/tink-crypto/tink-java/releases/tag/v1.12.0): Tink Java 1.12.0
Tink is a multi-language, cross-platform library that provides simple and misuse-proof APIs for common cryptographic tasks.
**This is Tink Java 1.12.0**
To get started using Tink, see [the setup guide](https://developers.google.com/tink/tink-setup#java).
### What's new?
Bugs fixed:
- On Android, API version 29 and older, AES-GCM-SIV: Due to a bug in Android,
Tink previously uses an AES-GCM cipher for AES-GCM-SIV keys. Now, Tink will
throw an exception on encrypt/decrypt calls ([issue](https://togithub.com/tink-crypto/tink-java/issues/18)).
API changes:
- Disabled registration of custom key managers for primitives other than
`Aead, DeterministicAead, StreamingAead, HybridEncrypt, HybridDecrypt, Mac,
PublicKeySign, PublicKeyVerify`. To the best of our knowledge there is no
user using this mechanism for any other class (which would be fairly
exotic).
- The parser used in JwkSetConverter.toPublicKeysetHandle has been changed and
now rejects duplicate map keys.
- Removed `PrivilegedRegistry`. This was never intended to be public, and to
the best of our knowledge there is no user of this class outside of Tink.
- Removed `Registry` methods which triggered a TypeParameterUnusedInFormals
error prone warnings. Using these is a bug, and the methods were deprecated
in October 2018. See
https://errorprone.info/bugpattern/TypeParameterUnusedInFormals for
information about this warning.
- Removed `AesCtrKeyManager`. This was never intended to be public, and to the
best of our knowledge there are no users of this class outside Tink.
- Remove KMS related constants from the `TestUtil` class.
- Added Primitive creation functions to subtle API:
- `AesGcmHkdfStreaming::create`.
- `AesCtrHmacStreaming::create`.
- `EncryptThenAuthenticate::create` for AesCtrHmacAeadKey.
- `ChaCha20Poly1305::create`.
- `XChaCha20Poly1305::create`.
- `AesGcmSiv::create`.
- `AesEaxJce::create`.
- `EcdsaSignJce::create`, `EcdsaVerifyJce::create`.
- `RsaSsaPkcsSignJce::create`, `RsaSsaPkcsVerifyJce::create`.
- `RsaSsaPssSignJce::create`, `RsaSsaPssVerifyJce::create`.
- `Ed25519Sign::create`, `Ed25519Verify::create`.
Dependencies changes:
- Upgraded:
- `com.google.protobuf:protobuf` => 3.24.3.
- `com.google.errorprone:error-prone-annotations` => 2.22.0
- `com.google.http-client:google-http-client` => 2.22.0
- `rules_jvm_external` => 5.3
- Removed:
- `com.google.auto:auto-common:1.2.1`
- `com.google.auto.service:auto-service:1.0.1`
- `com.google.auto.service:auto-service-annotations:1.0.1`
### Future work
To see what we're working towards, check our [project roadmap](https://developers.google.com/tink/roadmap).
### Getting started
##### Maven:
com.google.crypto.tinktink1.12.0
##### Gradle:
dependencies {
implementation 'com.google.crypto.tink:tink-android:1.12.0'
}
#### Bazel:
```python
load("@bazel_tools//tools/build_defs/repo:http.bzl", "http_archive")
RULES_JVM_EXTERNAL_TAG = "5.3"
RULES_JVM_EXTERNAL_SHA ="d31e369b854322ca5098ea12c69d7175ded971435e55c18dd9dd5f29cc5249ac"
http_archive(
name = "rules_jvm_external",
strip_prefix = "rules_jvm_external-%s" % RULES_JVM_EXTERNAL_TAG,
sha256 = RULES_JVM_EXTERNAL_SHA,
url = "https://github.com/bazelbuild/rules_jvm_external/releases/download/%s/rules_jvm_external-%s.tar.gz" % (RULES_JVM_EXTERNAL_TAG, RULES_JVM_EXTERNAL_TAG)
)
load("@rules_jvm_external//:repositories.bzl", "rules_jvm_external_deps")
rules_jvm_external_deps()
load("@rules_jvm_external//:setup.bzl", "rules_jvm_external_setup")
rules_jvm_external_setup()
maven_install(
artifacts = [
"com.google.crypto.tink:tink:1.12.0",
### ... other dependencies ...
],
repositories = [
"https://repo1.maven.org/maven2",
],
)
```
Alternatively, one can build Tink from source, and include it with `http_archive`:
```python
http_archive(
name = "com_github_tink_crypto_tink_java",
urls = ["https://github.com/tink-crypto/tink-java/archive/refs/tags/v1.12.0.zip"],
strip_prefix = "tink-java-1.12.0",
sha256 = "c5f79c4f51e55d5c7bbd52c0b17fc8eeedf36d74a231e134882f9c4a74c3fbb1",
)
load("@tink_java//:tink_java_deps.bzl", "TINK_MAVEN_ARTIFACTS", "tink_java_deps")
tink_java_deps()
load("@tink_java//:tink_java_deps_init.bzl", "tink_java_deps_init")
tink_java_deps_init()
### ...
maven_install(
artifacts = TINK_MAVEN_ARTIFACTS + # ... other dependencies ...
repositories = [
"https://repo1.maven.org/maven2",
],
)
```
Configuration
📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
🚦 Automerge: Enabled.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
[ ] If you want to rebase/retry this PR, check this box
This PR has been generated by Mend Renovate. View repository job log here.
This PR contains the following updates:
1.11.0->1.12.0Release Notes
tink-crypto/tink-java (com.google.crypto.tink:tink-android)
### [`v1.12.0`](https://togithub.com/tink-crypto/tink-java/releases/tag/v1.12.0): Tink Java 1.12.0 Tink is a multi-language, cross-platform library that provides simple and misuse-proof APIs for common cryptographic tasks. **This is Tink Java 1.12.0** To get started using Tink, see [the setup guide](https://developers.google.com/tink/tink-setup#java). ### What's new? Bugs fixed: - On Android, API version 29 and older, AES-GCM-SIV: Due to a bug in Android, Tink previously uses an AES-GCM cipher for AES-GCM-SIV keys. Now, Tink will throw an exception on encrypt/decrypt calls ([issue](https://togithub.com/tink-crypto/tink-java/issues/18)). API changes: - Disabled registration of custom key managers for primitives other than `Aead, DeterministicAead, StreamingAead, HybridEncrypt, HybridDecrypt, Mac, PublicKeySign, PublicKeyVerify`. To the best of our knowledge there is no user using this mechanism for any other class (which would be fairly exotic). - The parser used in JwkSetConverter.toPublicKeysetHandle has been changed and now rejects duplicate map keys. - Removed `PrivilegedRegistry`. This was never intended to be public, and to the best of our knowledge there is no user of this class outside of Tink. - Removed `Registry` methods which triggered a TypeParameterUnusedInFormals error prone warnings. Using these is a bug, and the methods were deprecated in October 2018. See https://errorprone.info/bugpattern/TypeParameterUnusedInFormals for information about this warning. - Removed `AesCtrKeyManager`. This was never intended to be public, and to the best of our knowledge there are no users of this class outside Tink. - Remove KMS related constants from the `TestUtil` class. - Added Primitive creation functions to subtle API: - `AesGcmHkdfStreaming::create`. - `AesCtrHmacStreaming::create`. - `EncryptThenAuthenticate::create` for AesCtrHmacAeadKey. - `ChaCha20Poly1305::create`. - `XChaCha20Poly1305::create`. - `AesGcmSiv::create`. - `AesEaxJce::create`. - `EcdsaSignJce::create`, `EcdsaVerifyJce::create`. - `RsaSsaPkcsSignJce::create`, `RsaSsaPkcsVerifyJce::create`. - `RsaSsaPssSignJce::create`, `RsaSsaPssVerifyJce::create`. - `Ed25519Sign::create`, `Ed25519Verify::create`. Dependencies changes: - Upgraded: - `com.google.protobuf:protobuf` => 3.24.3. - `com.google.errorprone:error-prone-annotations` => 2.22.0 - `com.google.http-client:google-http-client` => 2.22.0 - `rules_jvm_external` => 5.3 - Removed: - `com.google.auto:auto-common:1.2.1` - `com.google.auto.service:auto-service:1.0.1` - `com.google.auto.service:auto-service-annotations:1.0.1` ### Future work To see what we're working towards, check our [project roadmap](https://developers.google.com/tink/roadmap). ### Getting started ##### Maven:Configuration
📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
🚦 Automerge: Enabled.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR has been generated by Mend Renovate. View repository job log here.