fix(deps): update dependency com.google.crypto.tink:tink-android to v1.15.0 #98
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
![renovate[bot]](https://avatars.githubusercontent.com/in/2740?s=60&v=4){kind=small}
renovate
bot
changed the title
renovate
bot
force-pushed
the
renovate/com.google.crypto.tink-tink-android-1.x
branch
from
fde62ba
to
5216dcd
Compare
renovate
bot
changed the title
renovate
bot
force-pushed
the
renovate/com.google.crypto.tink-tink-android-1.x
branch
from
5216dcd
to
235f966
Compare
renovate
bot
changed the title
renovate
bot
force-pushed
the
renovate/com.google.crypto.tink-tink-android-1.x
branch
from
235f966
to
29a5219
Compare
renovate
bot
changed the title
renovate
bot
force-pushed
the
renovate/com.google.crypto.tink-tink-android-1.x
branch
from
29a5219
to
16e0ae4
Compare
renovate
bot
force-pushed
the
renovate/com.google.crypto.tink-tink-android-1.x
branch
from
16e0ae4
to
caeb20e
Compare
renovate
bot
changed the title
renovate
bot
force-pushed
the
renovate/com.google.crypto.tink-tink-android-1.x
branch
from
caeb20e
to
ff824e5
Compare
renovate
bot
changed the title
renovate
bot
force-pushed
the
renovate/com.google.crypto.tink-tink-android-1.x
branch
from
ff824e5
to
d80521a
Compare
renovate
bot
changed the title
renovate
bot
force-pushed
the
renovate/com.google.crypto.tink-tink-android-1.x
branch
from
d80521a
to
a0f8df9
Compare
renovate
bot
changed the title
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR contains the following updates:
1.7.0->1.15.0Warning
Some dependencies could not be looked up. Check the Dependency Dashboard for more information.
Release Notes
tink-crypto/tink-java (com.google.crypto.tink:tink-android)
v1.15.0: Tink Java v1.15.0Tink is a multi-language, cross-platform library that provides simple and misuse-proof APIs for common cryptographic tasks.
This is Tink Java 1.15.0
To get started using Tink, see the setup guide.
What's new?
ConfigurationFips140v2.ConfigurationFips140v2.RsaSsaPssSignJceandRsaSsaPssVerifyJcenow throw an exception ifsigHashandmgf1Hashare not equal. This makes these functions consistent with the non-subtle API and with other languages.AeadOrDaeadandEciesAeadHkdfDemHelperfrom subtle API. These were internal helper classes for hybrid encryption that are not needed anymore.tink-android'sandroidx.annotationdependency tov1.8.2.Future work
To see what we're working towards, check our project roadmap.
Getting started
Maven:
Gradle:
Bazel:
The recommended way to use tink-java is as a Maven dependency through
rules_jvm_external.Alternatively, one can build Tink from source and include it with
http_archive:v1.14.1Tink is a multi-language, cross-platform library that provides simple and misuse-proof APIs for common cryptographic tasks.
This is Tink Java 1.14.1
To get started using Tink, see the setup guide.
What's new?
Future work
To see what we're working towards, check our project roadmap.
Getting started
Maven:
Gradle:
Bazel:
The recommended way to use tink-java is as a Maven dependency through
rules_jvm_external.Alternatively, one can build Tink from source and include it with
http_archive:v1.14.0: Tink Java 1.14.0Tink is a multi-language, cross-platform library that provides simple and misuse-proof APIs for common cryptographic tasks.
This is Tink Java 1.14.0
To get started using Tink, see the setup guide.
What's new?
API changes
PrimitiveWrapper. We anticipate no impact on users, as this class was already rendered unavailable afterRegistry.registerPrimitiveWrapperwas removed in Tink Java 1.13.0.Performance improvements
Bug fixes
TinkBugExceptionwhen parsing invalid input.RuntimeExceptionwhen parsing invalid input.newSeekableDecryptingChannelfalsely returned -1 onreadcalls. This only happens ifreadwas called with an empty buffer, and if the previous call toreadsucessfully read the end of the stream.Upgraded dependencies
Future work
To see what we're working towards, check our project roadmap.
Getting started
Maven:
Gradle:
Bazel:
The recommended way to use tink-java is as a Maven dependency through
rules_jvm_external.Alternatively, one can build Tink from source and include it with
http_archive:v1.13.0: Tink Java 1.13.0Tink is a multi-language, cross-platform library that provides simple and misuse-proof APIs for common cryptographic tasks.
This is Tink Java 1.13.0
To get started using Tink, see the setup guide.
What's new?
Bugs fixed:
JwkSetConverternow encodes RSA public keys without leading zero, asrequired by RFC 7518.
Performance improvements:
are now smaller, because the unused keyset info metadata is not written
anymore. JsonKeysetWriter and TinkJsonProtoKeysetFormat still output this
metadata.
makes encryption with ChaCha20Poly1305 and XChaCha20Poly1305 about 2-3 times
faster.
API changes:
PrimitiveSetandRegistry.registerPrimitiveWrapperfrom thepublic API. While these were in the public API, they have changed semantics
in the past and will change more in the future. Code using either
PrimitiveSetorRegistry.registerPrimitiveWrapperwill not work afterupcoming changes. Instead of breaking users silently, we prefer to break
during compilation. If affected, please file an issue on
github.com/tink-crypto/tink-java/.
JwtSignatureConfig.register()orJwtMacConfig.register()now need to be called before the keyset is parsed.If not, calling
keysetHandle.getPrimitive(...)will fail with an errormessage: "Unable to get primitive interface
com.google.crypto.tink.jwt.JwtPublicKeySign for key of type ..." or "Unable
to get primitive interface com.google.crypto.tink.jwt.JwtPublicKeyVerify for
key of type ...".
public API. These were never intended to be public, and we expect that
nobody used either of them.
com.google.crypto.tink.subtle.EciesAeadHkdfHybridDecryptandcom.google.crypto.tink.subtle.EciesAeadHkdfHybridEncryptfrom the publicAPI. These took as argument a
EciesAeadHkdfDemHelperobject whose onlyimplementation was private to Tink. We are hence confident that this is
unused.
AndroidKeystoreKmsClient.setKeyStore. This function didn'twork as expected, as in some places, still the real KeyStore was used. If you
need to test your code with a fake KeyStore instance, it is preferable to
inject fake security provider using
Security.addProvider, seeFakeAndroidKeystoreProvider.java as an example for such a provider.
consider this. This will be used later for automatic migrations.
ConfigurationFips140v2. Users who do not want to restrict thewhole binary to FIPS-only but still want to use FIPS-compliant primitives at
specific call sites can use
keysetHandle.GetPrimitive(ConfigurationFips140v2.get(), ExamplePrimitive.class).ConfigurationV0containing Tink's recommended primitives.Usage:
keysetHandle.GetPrimitive(ConfigurationV0.get(), ExamplePrimitive.class).Dependencies changes:
com.google.protobuf:protobuf=> 3.25.1.Future work
To see what we're working towards, check our project roadmap.
Getting started
Maven:
Gradle:
Bazel:
Alternatively, one can build Tink from source, and include it with
http_archive:v1.12.0: Tink Java 1.12.0Tink is a multi-language, cross-platform library that provides simple and misuse-proof APIs for common cryptographic tasks.
This is Tink Java 1.12.0
To get started using Tink, see the setup guide.
What's new?
Bugs fixed:
Tink previously uses an AES-GCM cipher for AES-GCM-SIV keys. Now, Tink will
throw an exception on encrypt/decrypt calls (issue).
API changes:
Aead, DeterministicAead, StreamingAead, HybridEncrypt, HybridDecrypt, Mac, PublicKeySign, PublicKeyVerify. To the best of our knowledge there is nouser using this mechanism for any other class (which would be fairly
exotic).
now rejects duplicate map keys.
PrivilegedRegistry. This was never intended to be public, and tothe best of our knowledge there is no user of this class outside of Tink.
Registrymethods which triggered a TypeParameterUnusedInFormalserror prone warnings. Using these is a bug, and the methods were deprecated
in October 2018. See
https://errorprone.info/bugpattern/TypeParameterUnusedInFormals for
information about this warning.
AesCtrKeyManager. This was never intended to be public, and to thebest of our knowledge there are no users of this class outside Tink.
TestUtilclass.AesGcmHkdfStreaming::create.AesCtrHmacStreaming::create.EncryptThenAuthenticate::createfor AesCtrHmacAeadKey.ChaCha20Poly1305::create.XChaCha20Poly1305::create.AesGcmSiv::create.AesEaxJce::create.EcdsaSignJce::create,EcdsaVerifyJce::create.RsaSsaPkcsSignJce::create,RsaSsaPkcsVerifyJce::create.RsaSsaPssSignJce::create,RsaSsaPssVerifyJce::create.Ed25519Sign::create,Ed25519Verify::create.Dependencies changes:
com.google.protobuf:protobuf=> 3.24.3.com.google.errorprone:error-prone-annotations=> 2.22.0com.google.http-client:google-http-client=> 2.22.0rules_jvm_external=> 5.3com.google.auto:auto-common:1.2.1com.google.auto.service:auto-service:1.0.1com.google.auto.service:auto-service-annotations:1.0.1Future work
To see what we're working towards, check our project roadmap.
Getting started
Maven:
Gradle:
Bazel:
Alternatively, one can build Tink from source, and include it with
http_archive:v1.11.0: Tink Java 1.11.0Tink is a multi-language, cross-platform library that provides simple and misuse-proof APIs for common cryptographic tasks.
This is Tink Java 1.11.0
To get started using Tink, see the setup guide.
What's new?
The complete list of changes since 1.10.0 can be found here.
KmsEnvelopeAead.create(commit)HkdfStreamingPrf::create(HkdfPrfKey key)(commit)AeadKeyTemplates.createKmsAeadKeyTemplate(commit)InputStreamDecrypter.read()InputStreamcompliant (issue, commit).Future work
To see what we're working towards, check our project roadmap.
Getting started
Maven:
Gradle:
Bazel:
Alternatively, one can build Tink from source, and include it with
http_archive:v1.10.0: Tink Java 1.10.0Tink is a multi-language, cross-platform library that provides simple and misuse-proof APIs for common cryptographic tasks.
This is Tink Java 1.10.0
What is new?
The complete list of changes since 1.9.0 can be found here.
New Features:
KeysetHandle#equalsKeysetcan now be used to compare keysetsJwtEcdsaPrivateKey,JwtEcdsaPublicKey,RsaSsaPssPrivateKey,RsaSsaPssPublicKey.RawJwt.getJsonPayload.Potentially breaking changes:
While we aim to be backwards compatible in minor releases, we removed some APIs that were not meant to be public and/or that we are confident are not widely used. If you are impacted by any of these, please file an issue.
PrivilegedRegistry.parseKeyData-- this was never meant to be in the public API.Future work
To see what we're working towards, check our project roadmap.
Getting started
To get started using Tink, see the setup guide.
Maven:
Gradle:
Bazel:
Alternatively, one can build Tink from source, and include it with
http_archive:v1.9.0: Tink Java 1.9.0Tink is a multi-language, cross-platform library that provides simple and misuse-proof APIs for common cryptographic tasks.
This is Tink Java 1.9.0
To get started using Tink, see the setup guide.
Maven:
Gradle:
Bazel:
Alternatively, one can build Tink from source, and include it with
http_archive:For example, to use
tink-java-gcpkmsyourWORKSPACEfile becomes as follows (analogously fortink-java-awskms):Dependencies to targets in
//src/main/java/com/google/crypto/tink/integration/gcpkmsnow are located in@tink_java_gcpkms.What's new
The complete list of changes since 1.8.0 can be found here.
Ed25519AesGcmSiv(commit)androidx.annotationsfromcom.google.crypto.tink:tink(commit); as a result, com.google.crypto.tink:tink has only dependencies from Maven Central.com.google.crypto.tink:tink-android’s POM file (commit).To see what we're working towards, check our project roadmap.
v1.8.0: Tink Java 1.8.0Tink is a multi-language, cross-platform library that provides simple and misuse-proof APIs for common cryptographic tasks.
This is Tink Java 1.8.0
To get started using Tink, see the setup guide.
Maven:
Gradle:
Bazel:
Alternatively, one can build Tink from source, and include it with
http_archive:For example, to use
tink-java-gcpkmsyourWORKSPACEfile becomes as follows (analogously fortink-java-awskms):Dependencies to targets in
//src/main/java/com/google/crypto/tink/integration/gcpkmsnow are located in@tink_java_gcpkms.What's new
This is the first release from https://github.com/tink-crypto/tink-java.
The complete list of changes since 1.7.0 can be found here.
tink-javaPOM file as follows:androidx.annotation.annotation.AesCmacandHmac.TinkProtoKeysetFormatandTinkJsonProtoKeysetFormat.com.google.crypto.tink.integration.android. Also improved the exceptions raised.com.google.errorprone:error_prone_annotationsto 2.16.google.http-client:google-http-clientto 1.42.3.com.google.api-client:google-api-clientto 2.2.0.com.google.code.gson:gsonto 2.10.To see what we're working towards, check our project roadmap.
Configuration
📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR was generated by Mend Renovate. View the repository job log.