ca85275 | thaidn | 15 October 2020, 23:44:41 UTC | Enable GitHub CodeQL scanning. PiperOrigin-RevId: 337409066 | 15 October 2020, 23:45:12 UTC |
7371ced | thaidn | 15 October 2020, 18:20:16 UTC | Add size checks. PiperOrigin-RevId: 337347087 | 15 October 2020, 18:21:11 UTC |
1683213 | thaidn | 15 October 2020, 08:05:49 UTC | Build and distribute a single Tinkey binary for Linux, macOS and Windows. PiperOrigin-RevId: 337258756 | 15 October 2020, 08:06:21 UTC |
56963ab | thaidn | 15 October 2020, 07:38:22 UTC | Wrap up 1.5.0 release. PiperOrigin-RevId: 337255556 | 15 October 2020, 07:38:52 UTC |
074c730 | thaidn | 14 October 2020, 23:02:20 UTC | Add Tink user agent to Cloud KMS requests. PiperOrigin-RevId: 337192266 | 14 October 2020, 23:03:00 UTC |
94a66dc | thaidn | 14 October 2020, 22:31:57 UTC | Update Go examples. PiperOrigin-RevId: 337186239 | 14 October 2020, 22:32:31 UTC |
81989a4 | juerg | 14 October 2020, 15:51:01 UTC | Add some comments to the AEAD consistency cross language tests. PiperOrigin-RevId: 337099465 | 14 October 2020, 15:51:41 UTC |
cfec841 | Copybara-Service | 14 October 2020, 15:33:33 UTC | Merge pull request #434 from gfontenot:master PiperOrigin-RevId: 337094583 | 14 October 2020, 15:33:33 UTC |
b766714 | juerg | 14 October 2020, 13:47:41 UTC | Add cross-language test to verify that AEAD ciphertexts with bitflips are rejected. PiperOrigin-RevId: 337080294 | 14 October 2020, 13:48:22 UTC |
1f36e39 | thaidn | 14 October 2020, 07:26:45 UTC | Update Obj-C CHANGELOG. PiperOrigin-RevId: 337034608 | 14 October 2020, 07:27:27 UTC |
0879600 | thaidn | 14 October 2020, 06:00:46 UTC | Retry when KeyStore.containsAlias threw NullPointerException. PiperOrigin-RevId: 337026380 | 14 October 2020, 06:01:18 UTC |
8c65486 | thaidn | 13 October 2020, 22:41:29 UTC | Correct Java deps in Maven artifacts. - Remove JWT because it's not ready. - Add PRF-CMAC and AES-GCM-SIV. - Ensure Android does not depend on Protobuf full. PiperOrigin-RevId: 336970777 | 13 October 2020, 22:42:01 UTC |
018a375 | thaidn | 13 October 2020, 21:57:52 UTC | Fix Python distribution scripts. PiperOrigin-RevId: 336962372 | 13 October 2020, 21:58:27 UTC |
abd2419 | Gordon Fontenot | 13 October 2020, 20:00:41 UTC | Fix objc nullability issues NSObject's -init method isn't nullable anymore, so declaring the overriden initializers as being nullable results in a nullability check failure. | 13 October 2020, 20:00:41 UTC |
6550e79 | thaidn | 13 October 2020, 16:18:29 UTC | Bump version to 1.5.0 and clean up README. PiperOrigin-RevId: 336889984 | 13 October 2020, 16:19:09 UTC |
57e821a | rafaelmisoczki | 13 October 2020, 16:11:15 UTC | Improve random.cc documentation PiperOrigin-RevId: 336888631 | 13 October 2020, 16:11:52 UTC |
5e48d06 | juerg | 13 October 2020, 07:18:26 UTC | Remove old StreamingAEAD cross-language test. PiperOrigin-RevId: 336822658 | 13 October 2020, 07:18:59 UTC |
93d839a | sschmieg | 12 October 2020, 23:02:38 UTC | Fixing ciphertext malleability issue in Java caused by storing the ciphertext prefix in a hashmap keyed by UTF8 encoded strings, instead of byte arrays, leading to the ability to retrieve keys with IDs that happen to be invalid Unicode strings with a changed ID. PiperOrigin-RevId: 336763863 | 12 October 2020, 23:03:15 UTC |
ac94479 | tholenst | 12 October 2020, 12:40:37 UTC | Add some tests to validation_test PiperOrigin-RevId: 336646110 | 12 October 2020, 12:41:15 UTC |
824629e | juerg | 12 October 2020, 10:09:06 UTC | Replace fake keys and primitives with real ones in primitive set test. PiperOrigin-RevId: 336626047 | 12 October 2020, 10:09:39 UTC |
e67c1de | juerg | 12 October 2020, 09:09:13 UTC | Remove Fake{Input,Output}StreamAdapter from streaming aead tests. PiperOrigin-RevId: 336619068 | 12 October 2020, 09:09:50 UTC |
ce0e625 | tholenst | 12 October 2020, 08:16:19 UTC | Migrate GetOutputPrefix to use as input a KeyInfo instead of two elements from KeyInfo. PiperOrigin-RevId: 336613763 | 12 October 2020, 08:17:02 UTC |
33de788 | mshavit | 11 October 2020, 00:31:12 UTC | Define an AeadOrDaead helper class in Java. This will be used to support AES_SIV as the DEM for Hybrid encryption. PiperOrigin-RevId: 336491420 | 11 October 2020, 00:31:39 UTC |
4ce4358 | thaidn | 09 October 2020, 20:43:32 UTC | Ship Tink as a single monolithic module, as recommended by Golang's team. PiperOrigin-RevId: 336357232 | 09 October 2020, 21:36:24 UTC |
98f33c7 | thaidn | 09 October 2020, 20:18:16 UTC | Split GCP and AWS KMS integrations into their own Go modules. PiperOrigin-RevId: 336352551 | 09 October 2020, 21:36:03 UTC |
d61cefe | Tink Team | 09 October 2020, 21:34:57 UTC | Merge pull request #397 from Boehrsi:master PiperOrigin-RevId: 336352112 | 09 October 2020, 21:34:57 UTC |
4048769 | thaidn | 09 October 2020, 19:34:00 UTC | Split GCP and AWS KMS integrations into their own Go modules. PiperOrigin-RevId: 336344255 | 09 October 2020, 19:34:39 UTC |
50d36bb | thaidn | 09 October 2020, 18:15:20 UTC | Use a single set of Go dependencies. PiperOrigin-RevId: 336328916 | 09 October 2020, 18:16:22 UTC |
f89c53b | juerg | 09 October 2020, 16:41:20 UTC | Remove fake streaming aead. PiperOrigin-RevId: 336309423 | 09 October 2020, 16:42:35 UTC |
0f82f86 | juerg | 09 October 2020, 14:45:08 UTC | Remove streaming_aead.key_manager_from_cc_registry. PiperOrigin-RevId: 336291528 | 09 October 2020, 14:45:54 UTC |
d4c6528 | juerg | 09 October 2020, 14:19:13 UTC | Refactor some streaming_aead tests. PiperOrigin-RevId: 336288426 | 09 October 2020, 14:19:47 UTC |
815e5c3 | tholenst | 09 October 2020, 11:45:35 UTC | Migrate PrimitiveSet::AddPrimitive to take a KeyInfo instead of a Key. PiperOrigin-RevId: 336271198 | 09 October 2020, 11:46:07 UTC |
4323440 | juerg | 09 October 2020, 10:06:44 UTC | Make PRF the input parameter of the prf_set wrapper. PiperOrigin-RevId: 336261175 | 09 October 2020, 10:07:29 UTC |
8d81ae2 | juerg | 09 October 2020, 09:15:10 UTC | Update some comments and type annotations for streaming aead. PiperOrigin-RevId: 336255532 | 09 October 2020, 09:15:45 UTC |
7d0c94a | thaidn | 09 October 2020, 08:03:50 UTC | C++: mitigate the AWS KMS security issues disclosed in https://github.com/google/security-research/security/advisories/GHSA-wqgp-vphw-hphf. PiperOrigin-RevId: 336247803 | 09 October 2020, 08:09:15 UTC |
27c315b | Copybara-Service | 09 October 2020, 08:08:34 UTC | Merge pull request #430 from thomasdarimont:fix/avoid-use-of-deprecated-api-in-java-howto PiperOrigin-RevId: 336247052 | 09 October 2020, 08:08:34 UTC |
267c498 | thaidn | 09 October 2020, 07:52:51 UTC | Fix #396: Make AES-GCM (partially) work on Android KitKat (API 19). Partially because it still does not support AAD. PiperOrigin-RevId: 336246527 | 09 October 2020, 07:53:28 UTC |
b6666e9 | thaidn | 09 October 2020, 00:40:32 UTC | Remove redundant function calls and tests. PiperOrigin-RevId: 336200107 | 09 October 2020, 00:41:07 UTC |
ce9d83b | Copybara-Service | 09 October 2020, 00:28:03 UTC | Merge pull request #386 from canoeist2018:master PiperOrigin-RevId: 336196782 | 09 October 2020, 00:28:03 UTC |
e23acf0 | Copybara-Service | 08 October 2020, 23:37:16 UTC | Merge pull request #354 from 0xflotus:patch-2 PiperOrigin-RevId: 336187721 | 08 October 2020, 23:37:16 UTC |
5edaf0b | Copybara-Service | 08 October 2020, 22:07:15 UTC | Merge pull request #382 from howardtw:patch-1 PiperOrigin-RevId: 336170249 | 08 October 2020, 22:07:15 UTC |
d2cc28e | Copybara-Service | 08 October 2020, 21:56:26 UTC | Merge pull request #363 from MariusVolkhart:patch-1 PiperOrigin-RevId: 336168943 | 08 October 2020, 21:56:26 UTC |
24aaea1 | Copybara-Service | 08 October 2020, 21:45:24 UTC | Merge pull request #384 from hazaelsan:master PiperOrigin-RevId: 336166862 | 08 October 2020, 21:45:24 UTC |
2b355b8 | Copybara-Service | 08 October 2020, 21:24:43 UTC | Merge pull request #420 from chanced:patch-1 PiperOrigin-RevId: 336161994 | 08 October 2020, 21:24:43 UTC |
da4e989 | Copybara-Service | 08 October 2020, 21:13:47 UTC | Merge pull request #398 from ozeranskiy:patch-1 PiperOrigin-RevId: 336160191 | 08 October 2020, 21:13:47 UTC |
854f21c | Tink Team | 08 October 2020, 20:20:43 UTC | Define JsonOject to encapsulate json functions. PiperOrigin-RevId: 336151509 | 08 October 2020, 20:21:31 UTC |
9e98747 | thaidn | 08 October 2020, 20:20:24 UTC | Internal change PiperOrigin-RevId: 336151444 | 08 October 2020, 20:20:57 UTC |
393620f | thaidn | 08 October 2020, 19:57:20 UTC | Fix #431: add aead.NewKMSEnvelopeAEAD2 which takes a pointer to a KeyTemplate proto, instead of a value. PiperOrigin-RevId: 336146886 | 08 October 2020, 19:57:49 UTC |
118a8f6 | thaidn | 08 October 2020, 19:24:51 UTC | Decrypt with newer keys first because they more likely are the correct one. This was suggested in https://github.com/google/tink/issues/381. PiperOrigin-RevId: 336139982 | 08 October 2020, 19:25:19 UTC |
ba3563e | thaidn | 08 October 2020, 18:48:17 UTC | Golang: mitigate the AWS KMS security issues disclosed in https://github.com/google/security-research/security/advisories/GHSA-wqgp-vphw-hphf. This requires upgrading AWS SDK to the latest version. PiperOrigin-RevId: 336132063 | 08 October 2020, 18:48:57 UTC |
344dbdc | thaidn | 08 October 2020, 18:33:02 UTC | Fix #378: use kmsiface.KMSAPI interface in aws integration instead of kms.KMS. PiperOrigin-RevId: 336128983 | 08 October 2020, 18:33:39 UTC |
a056e3d | thaidn | 08 October 2020, 16:00:56 UTC | Retry one more time when cannot encrypt or decrypt with a KeyStore key. Android KeyStore has a hard limitation of 15 key operations that can be in flight at any given time (4 for Strongbox). If this limit is exceeded the least recently key usage operation gets pruned. This does not affect key generation or attestation though. When encrypting or decrypting with a KeyStore key, if Tink encountered an error, it'd retry one more time. We can't retry more than once because we can't tell why KeyStore failed -- if the error is not transient, retrying multiple times might lengthen the user's wait time. PiperOrigin-RevId: 336095561 | 08 October 2020, 16:01:39 UTC |
035ca84 | thaidn | 08 October 2020, 15:13:52 UTC | Mitigate the AWS KMS security issues disclosed in https://github.com/google/security-research/security/advisories/GHSA-wqgp-vphw-hphf. This requires upgrading the AWS SDK dependencies to version 1.11.877. PiperOrigin-RevId: 336087635 | 08 October 2020, 15:14:30 UTC |
44808be | tholenst | 08 October 2020, 14:36:20 UTC | Add internal methods KeyInfoForKey and KeysetInfoForKeyset. PiperOrigin-RevId: 336082073 | 08 October 2020, 14:37:01 UTC |
d7f9534 | tholenst | 08 October 2020, 09:41:35 UTC | Internal change PiperOrigin-RevId: 336046258 | 08 October 2020, 09:42:03 UTC |
7a659ba | juerg | 08 October 2020, 08:12:56 UTC | Update legacy mac tests in go. PiperOrigin-RevId: 336036773 | 08 October 2020, 08:13:29 UTC |
77afecf | Tink Team | 07 October 2020, 17:24:56 UTC | Add UNAUTHENTICATED status to C++ util::Status to mirror absl::Status PiperOrigin-RevId: 335897971 | 07 October 2020, 17:25:31 UTC |
975c143 | tholenst | 07 October 2020, 12:45:42 UTC | Change get_output_prefix(key) to GetOutputPrefix(key_id, output_prefix_type). We change the arguments, and get closer to the Google C++ style guide by renaming. PiperOrigin-RevId: 335847935 | 07 October 2020, 12:46:18 UTC |
ff850e6 | thaidn | 07 October 2020, 08:23:44 UTC | Tink throws IOException, not InvalidKeyException, when it can't decrypt a keyset. Clarify Javadoc and add a test to confirm this behavior. PiperOrigin-RevId: 335815124 | 07 October 2020, 08:24:30 UTC |
fd7e060 | thaidn | 05 October 2020, 23:36:56 UTC | Fix #271: disable key ID check when the key ID is not a full key ARN. PiperOrigin-RevId: 335526356 | 05 October 2020, 23:37:40 UTC |
864f782 | Thomas Darimont | 04 October 2020, 12:35:09 UTC | Fix broken source links in Java How-To Adapted paths to use java -> java_src Fixes #429 | 04 October 2020, 12:35:09 UTC |
1dcc1e1 | Thomas Darimont | 04 October 2020, 12:22:52 UTC | Revise Java How-To to avoid usage of deprecated API This revises the API usage in the examples by following the API suggestions from the deprecation notes. Fixes #429 | 04 October 2020, 12:22:52 UTC |
3ba9b80 | aluykx | 01 October 2020, 15:48:36 UTC | Removing deprecated Registry.getPrimitives(KeySetHandle, KeyManager) in Java. PiperOrigin-RevId: 334821764 | 01 October 2020, 15:49:24 UTC |
8dda984 | aluykx | 01 October 2020, 05:22:54 UTC | Removing deprecated Registry.getPrimitives(KeysetHandle) function in java. PiperOrigin-RevId: 334745980 | 01 October 2020, 05:23:30 UTC |
c9dbe5e | aluykx | 30 September 2020, 15:39:53 UTC | Add KeyAccess and SecretKeyAccess classes. PiperOrigin-RevId: 334605871 | 30 September 2020, 15:41:07 UTC |
8442a30 | kste | 30 September 2020, 12:07:56 UTC | Add a Python CLI example for decryption using hybrid encryption. This adds a simple CLI application to use a cleartext key for decrypting files with ECIES. PiperOrigin-RevId: 334576137 | 30 September 2020, 12:08:32 UTC |
c88f262 | mshavit | 30 September 2020, 04:38:36 UTC | Define a HybridEncryption key template using a Deterministic AEAD. PiperOrigin-RevId: 334525191 | 30 September 2020, 04:39:15 UTC |
0faf845 | aluykx | 30 September 2020, 00:31:00 UTC | Temporarily disable GCP Python tests. PiperOrigin-RevId: 334497365 | 30 September 2020, 00:31:33 UTC |
18f1422 | rafaelmisoczki | 29 September 2020, 17:20:42 UTC | Basic integration of the post-quantum NTRU-HRSS KEM implementation from BoringSSL. PiperOrigin-RevId: 334407313 | 29 September 2020, 17:21:14 UTC |
d0999f3 | thaidn | 29 September 2020, 16:06:51 UTC | Temporarily disable GCP tests. PiperOrigin-RevId: 334391169 | 29 September 2020, 16:07:32 UTC |
2b910c3 | juerg | 29 September 2020, 15:00:17 UTC | Add public methods to (de)serialize KeyTemplates in Java. PiperOrigin-RevId: 334379040 | 29 September 2020, 15:01:01 UTC |
b26fc66 | tholenst | 29 September 2020, 11:23:08 UTC | Add a KeysetWrapper interface and an implementation of it based on TransformingPrimitiveWrapper. TransformingPrimitiveWrapper is meant as a temporary interface, and will replace PrimitiveWrapper. The KeysetWrapper wraps a Keyset into primitives. PiperOrigin-RevId: 334349397 | 29 September 2020, 11:23:44 UTC |
1fc5077 | thaidn | 28 September 2020, 21:53:07 UTC | Temporarily disable GCP Java tests. PiperOrigin-RevId: 334243659 | 28 September 2020, 21:53:42 UTC |
702f18f | Tink Team | 28 September 2020, 17:41:49 UTC | This change removes TypeScript code that cannot be reached. Unreachable code is error prone: it can suggest that the author of the code did not quite understand their code's control flow, or control flow changed in refactorings, etc. At best, the code is misleading. TypeScript compiler includes an option to strictly check unreachable code (allowUnreachableCode: false). We want to enable this option in google3, but must first clean up any code that violates it. This code was only statically detected to be unreachable. If your code has incorrect type annotations, there's a very small chance the code is still executed. PiperOrigin-RevId: 334189859 | 28 September 2020, 17:42:27 UTC |
6a0c028 | aluykx | 28 September 2020, 16:44:12 UTC | Add TinkKey interface. PiperOrigin-RevId: 334176727 | 28 September 2020, 16:44:53 UTC |
dee5a45 | aluykx | 25 September 2020, 15:59:53 UTC | Add Registry.newKeyData(com.google.crypto.tink.KeyTemplate) function in java. PiperOrigin-RevId: 333743157 | 25 September 2020, 16:00:34 UTC |
2a229eb | aluykx | 25 September 2020, 14:15:43 UTC | Add Java tests for Registry.newKeyData PiperOrigin-RevId: 333727490 | 25 September 2020, 14:16:14 UTC |
2f8a347 | kste | 25 September 2020, 11:37:57 UTC | Add a Python CLI example for encrypting using hybrid encryption. This adds a simple CLI application to use a cleartext key for encrypting files with ECIES. PiperOrigin-RevId: 333709216 | 25 September 2020, 11:38:56 UTC |
0ef6535 | Chance | 21 September 2020, 02:21:27 UTC | Update to the code example in GOLANG-HOWTO README This update fixes two minor issue with the example for "Storing and loading existing keysets" in the GOLANG-HOWTO README. | 21 September 2020, 02:21:27 UTC |
2203fb8 | juerg | 18 September 2020, 14:16:10 UTC | Remove keyset_builder from cross-language util. PiperOrigin-RevId: 332445326 | 18 September 2020, 14:16:46 UTC |
d9f8697 | juerg | 18 September 2020, 13:10:58 UTC | Use new keyset_builder in streaming_aead and prf_set crosslanguage tests. PiperOrigin-RevId: 332437057 | 18 September 2020, 13:11:46 UTC |
7d800b3 | ckl | 18 September 2020, 04:59:54 UTC | Remove unused C++ *_factory dependencies. PiperOrigin-RevId: 332382512 | 18 September 2020, 05:00:33 UTC |
dcfd2ea | juerg | 17 September 2020, 15:34:09 UTC | Set default value of enable_compute_old_legacy_mac to false. PiperOrigin-RevId: 332240189 | 17 September 2020, 15:34:46 UTC |
ca9e70f | ckl | 17 September 2020, 15:01:58 UTC | Remove unused dependency. PiperOrigin-RevId: 332234784 | 17 September 2020, 15:02:32 UTC |
c5a963e | juerg | 15 September 2020, 16:35:07 UTC | Add flag to disable computation of LEGACY MACs in Go. By default, computation is enabled. PiperOrigin-RevId: 331787212 | 15 September 2020, 16:35:43 UTC |
a9760db | sschmieg | 15 September 2020, 15:44:34 UTC | Add derivation support to AES-CTR-HMAC PiperOrigin-RevId: 331776810 | 15 September 2020, 15:45:15 UTC |
1d45e28 | juerg | 15 September 2020, 12:11:44 UTC | Add key rotation tests to signature cross-language tests. PiperOrigin-RevId: 331745655 | 15 September 2020, 12:12:15 UTC |
6f0bde0 | juerg | 15 September 2020, 11:28:21 UTC | Add tests for Legacy MACs in Go. PiperOrigin-RevId: 331740466 | 15 September 2020, 11:29:04 UTC |
662965c | juerg | 15 September 2020, 11:21:18 UTC | Add key rotation tests to hybrid encryption cross-language tests. PiperOrigin-RevId: 331739740 | 15 September 2020, 11:21:53 UTC |
a791e00 | thaidn | 15 September 2020, 10:30:24 UTC | Remove extraneous protected functions. PiperOrigin-RevId: 331734309 | 15 September 2020, 10:31:02 UTC |
8ebffe1 | tholenst | 15 September 2020, 09:32:23 UTC | Migrate Prf keymanagers to use Prfs instead of PrfSets. PiperOrigin-RevId: 331727120 | 15 September 2020, 09:32:51 UTC |
9b10c7c | taymon | 15 September 2020, 03:51:10 UTC | Apply every available autofix for TypeScript lint errors PiperOrigin-RevId: 331689864 | 15 September 2020, 03:51:47 UTC |
906b808 | juerg | 11 September 2020, 13:05:51 UTC | Let aead and daead crosslanguage tests use new keyset_builder, and add tests for raw keys. PiperOrigin-RevId: 331134180 | 11 September 2020, 13:06:24 UTC |
9cc3a01 | juerg | 11 September 2020, 08:49:02 UTC | Remove fake streaming AEADs from the wrapper test. And remove some tests from _streaming_aead_key_manager_test.py that are now covered in the wrapper tests. PiperOrigin-RevId: 331107100 | 11 September 2020, 08:49:38 UTC |
e5160c6 | juerg | 11 September 2020, 08:47:53 UTC | Remove tests that check key_manager.new_key_data. This is already covered _signature_key_manger_test, where each template is used. PiperOrigin-RevId: 331107009 | 11 September 2020, 08:48:27 UTC |
7c2b6c4 | tholenst | 11 September 2020, 06:56:19 UTC | Change the primitive wrapper such that it can wrap a primitive of type A into a primitive of type B. This is, strictly speaking, incompatible with previously releases. However, the incompatibility will only manifest itself if a user uses their own primitive, which I don't expect to be the case. Furthermore, the fix is very easy (see e.g. the change in AeadWrapper). Hence, in the spirit of not having much technical debt, I suggest to be backwards incompatible. PiperOrigin-RevId: 331095397 | 11 September 2020, 06:56:48 UTC |
45a68a7 | mshavit | 10 September 2020, 21:16:23 UTC | Support parsing an AES_SIV key as the Data Encapsulation mechanism for hybrid encryption. PiperOrigin-RevId: 331014645 | 10 September 2020, 21:17:34 UTC |
e409805 | juerg | 10 September 2020, 16:29:32 UTC | Also cover legacy keys in MAC cross language tests. Also, use the new location of the keyset_builder. PiperOrigin-RevId: 330952689 | 10 September 2020, 16:30:09 UTC |
2de37bd | kste | 10 September 2020, 14:20:54 UTC | Change get_primitives interface to use absl::string_view instead of const string&. PiperOrigin-RevId: 330931843 | 10 September 2020, 14:21:30 UTC |
e7863ed | juerg | 10 September 2020, 12:58:57 UTC | Add method to get the public keyset from a keyset_builder. This is needed to implement cross-language tests for asymmetric primitives. PiperOrigin-RevId: 330919520 | 10 September 2020, 12:59:25 UTC |