tink-crypto / tink-go

Go implementation of Tink
https://developers.google.com/tink
Apache License 2.0
129 stars 6 forks source link

Support passing context with AEAD interface #6

Open david-bain opened 1 year ago

david-bain commented 1 year ago

Help us help you

We are using Tink extensively to provide encryption for calls through out GRPC proxy as part of our platform offering.

Is your feature request related to a problem?

The problem we are seeing is that we are unable to link our encrypt and decryption lower level functionality, such as calling out to our KMS to our app workflow traces. This is because the tink.AEAD interface functions to not accept a context so the linking context back to the original GRPC request is lost.

What sort of feature would you like to see?

It would be very useful for the encrypt and decrypt functions under the tink.AEAD interface to support passing the context in. This would support:

Passing the context is part of GCP/AWS cloud api calls and is generally a standard method for any remote API call.

Have you considered any alternative solutions?

I can't think of an alternative solution

Would you like to add additional context?

You can see this issue in the gpc-kms encrypt/decrypt functions that have lost context and therefore can

tholenst commented 1 year ago

Note: https://github.com/google/tink/issues/255 asked for the same thing and is much older.

scorpionknifes commented 11 months ago

Hey I'm interested in working on this, does this proposal need to be approved? This interface change is breaking and looks like it would require a major bump.

juergw commented 11 months ago

We agree that this is an issue that we should address, and we plan to work on this in the next months. And yes, it is a bit tricky because we don't want to break current users of AEAD, and we probably also don't want to do a major version increase because of this. So I don't think this is a good candidate for contributions.

juergw commented 9 months ago

We have planed to add this, but we don't have a timeline for it yet.