Skip to content

Tink Java 1.8.0
Compare
Choose a tag to compare
@morambro morambro released this 22 Feb 12:35
· 1093 commits to main since this release
v1.8.0
4408a23

Tink is a multi-language, cross-platform library that provides simple and misuse-proof APIs for common cryptographic tasks.

This is Tink Java 1.8.0

To get started using Tink, see the setup guide.

Maven:

<dependency>
    <groupId>com.google.crypto.tink</groupId>
    <artifactId>tink</artifactId>
    <version>1.8.0</version>
</dependency>

Gradle:

dependencies {
  implementation 'com.google.crypto.tink:tink-android:1.8.0'
}

Bazel:

load("@bazel_tools//tools/build_defs/repo:http.bzl", "http_archive")

RULES_JVM_EXTERNAL_TAG = "4.5"
RULES_JVM_EXTERNAL_SHA ="b17d7388feb9bfa7f2fa09031b32707df529f26c91ab9e5d909eb1676badd9a6"

http_archive(
    name = "rules_jvm_external",
    strip_prefix = "rules_jvm_external-%s" % RULES_JVM_EXTERNAL_TAG,
    sha256 = RULES_JVM_EXTERNAL_SHA,
    url = "https://github.com/bazelbuild/rules_jvm_external/archive/refs/tags/%s.zip" % RULES_JVM_EXTERNAL_TAG,
)

load("@rules_jvm_external//:repositories.bzl", "rules_jvm_external_deps")

rules_jvm_external_deps()

load("@rules_jvm_external//:setup.bzl", "rules_jvm_external_setup")

rules_jvm_external_setup()

load("@rules_jvm_external//:defs.bzl", "maven_install")

maven_install(
    artifacts = [
        "com.google.crypto.tink:tink:1.8.0",
        # ... other dependencies ...
    ],
    repositories = [
        "https://maven.google.com",
        "https://repo1.maven.org/maven2",
    ],
)

Alternatively, one can build Tink from source, and include it with http_archive:

http_archive(
    name = "com_github_tink_crypto_tink_java",
    urls = ["https://github.com/tink-crypto/tink-java/archive/refs/tags/v1.8.0.zip"],
    strip_prefix = "tink-java-1.8.0",
    sha256 = "cff458ea60897f7a5edc91d1eb9c58c650c2fd3206d94672f29c950b94398a49"
)

load("@tink_java//:tink_java_deps.bzl", "TINK_MAVEN_ARTIFACTS", "tink_java_deps")

tink_java_deps()

load("@tink_java//:tink_java_deps_init.bzl", "tink_java_deps_init")

tink_java_deps_init()

# ...

maven_install(
    artifacts = TINK_MAVEN_ARTIFACTS + # ... other dependencies ...
    repositories = [
        "https://maven.google.com",
        "https://repo1.maven.org/maven2",
    ],
)

WARNING: When building from source users that require KMS extensions as well must now explicitly include them, since they are published in separate repositories:

For example, to use tink-java-gcpkms your WORKSPACE file becomes as follows (analogously for tink-java-awskms):

http_archive(
    name = "com_github_tink_crypto_tink_java",
    urls = ["https://github.com/tink-crypto/tink-java/archive/refs/tags/v1.8.0.zip"],
    strip_prefix = "tink-java-1.8.0",
    sha256 = "cff458ea60897f7a5edc91d1eb9c58c650c2fd3206d94672f29c950b94398a49"
)

http_archive(
    name = "tink_java_gcpkms",
    urls = ["https://github.com/tink-crypto/tink-java-gcpkms/archive/refs/tags/v<SOME_RELEASE>.zip"],
    strip_prefix = "tink-java-gcpkms-<SOME_RELEASE>",
    sha256 = ...
)

load("@tink_java//:tink_java_deps.bzl", "TINK_MAVEN_ARTIFACTS", "tink_java_deps")

tink_java_deps()

load("@tink_java//:tink_java_deps_init.bzl", "tink_java_deps_init")

tink_java_deps_init()

load("@tink_java_gcpkms//:tink_java_gcpkms_deps.bzl", "TINK_JAVA_GCPKMS_MAVEN_ARTIFACTS")

# ...

maven_install(
    artifacts = TINK_MAVEN_ARTIFACTS +
      TINK_JAVA_GCPKMS_MAVEN_ARTIFACTS + # ... other dependencies ...
    repositories = [
        "https://maven.google.com",
        "https://repo1.maven.org/maven2",
    ],
)

Dependencies to targets in //src/main/java/com/google/crypto/tink/integration/gcpkms now are located in @tink_java_gcpkms.

What's new

This is the first release from https://github.com/tink-crypto/tink-java.

The complete list of changes since 1.7.0 can be found here.

  • Changed the tink-java POM file as follows:
    • Added missing dependency on androidx.annotation.annotation.
    • Only direct dependencies are listed.
    • Updated SCM details to point to github.com/tink-crypto/tink-java.
  • Upgraded to Bazel 6.0.
  • The ChunkedMac primitive can now be used, available implementations are AesCmac and Hmac.
  • Added new API to read and write keysets: TinkProtoKeysetFormat and TinkJsonProtoKeysetFormat.
  • JSON parsing now rejects duplicated map entries.
  • Fixed two race conditions in com.google.crypto.tink.integration.android. Also improved the exceptions raised.
  • ECDSA keys are now serialized using fixed size byte arrays.
  • Tink will prefer Conscrypt as a JCE provider for ECDSA if available.
  • Changes to PrimitiveSet API. Please note that the use of this class is discouraged and should be omitted when possible.
    • For the relevant changes see commit.
  • (Only relevant if you use or maintain a custom Wrapper class) Registering a wrapper in Registry now requires that the object being registered is always the same. See examples here and here.
  • Upgraded dependencies:
    • Protobuf to X.21.9 443baab.
    • com.google.errorprone:error_prone_annotations to 2.16.
    • google.http-client:google-http-client to 1.42.3.
    • com.google.api-client:google-api-client to 2.2.0.
    • com.google.code.gson:gson to 2.10.

To see what we're working towards, check our project roadmap.

Assets 2
Loading