Tink is a multi-language, cross-platform library that provides simple and misuse-proof APIs for common cryptographic tasks.
This is Tink Go 2.2.0
To get started using Tink, see the setup guide.
What's new?
The complete list of changes since 2.1.0 can be found here.
- Changed target Go language version to 1.21
- Use the
crypto/rsa
Validate()
method when instantiating keys via struct
literals in the signature and jwt packages. Certain invalid keys (e.g.
corrupted) will fail earlier, during primitive creation instead of during
cryptographic operations. - encrypted keysets produced with
keyset.NewBinaryWriter
are now smaller,
because the unused keyset_info metadata is not written anymore.
keyset.NewJSONWriter
is unchanged and still output this metadata. - Added Bzlmod support.
- Upgraded dependencies:
golang.org/x/crypto
=>v0.17.0
google.golang.org/protobuf
=>v1.33.0
- JWT keys that don't use TINK or RAW output prefix type are now rejected.
- Removed the exported "Key" field in of several subtle primitives.
- Added proto definitions to
proto/
. - Improved performance of Streaming AEAD implementations by reducing memory allocations.
Future work
To see what we're working towards, check our project roadmap.
Getting started
To get started using Tink, see the setup guide.
Go Tooling
go get github.com/tink-crypto/tink-go/[email protected]
Bazel
If you want to use Tink Go with Bazel, you should use bazel-gazelle
. It can be also included as a Bazel-only dependency as follows:
load("@bazel_tools//tools/build_defs/repo:http.bzl", "http_archive")
http_archive(
name = "io_bazel_rules_go",
integrity = "sha256-gKmCd60TEdrNg3+bFttiiHcC6fHRxMn3ltASGkbI4YQ=",
urls = [
"https://mirror.bazel.build/github.com/bazelbuild/rules_go/releases/download/v0.46.0/rules_go-v0.46.0.zip",
"https://github.com/bazelbuild/rules_go/releases/download/v0.46.0/rules_go-v0.46.0.zip",
],
)
http_archive(
name = "bazel_gazelle",
integrity = "sha256-MpOL2hbmcABjA1R5Bj2dJMYO2o15/Uc5Vj9Q0zHLMgk=",
urls = [
"https://mirror.bazel.build/github.com/bazelbuild/bazel-gazelle/releases/download/v0.35.0/bazel-gazelle-v0.35.0.tar.gz",
"https://github.com/bazelbuild/bazel-gazelle/releases/download/v0.35.0/bazel-gazelle-v0.35.0.tar.gz",
],
)
TINK_GO_VERSION="2.2.0"
TINK_GO_SHA256="fea1ff9ed06a7302e3496587834a53f91235085e45e3de03af80b897514b7a1b"
http_archive(
name = "com_github_tink_crypto_tink_go_v2",
urls = ["https://github.com/tink-crypto/tink-go/releases/download/v%s/tink-go-%s.zip" % (TINK_GO_VERSION, TINK_GO_VERSION)],
strip_prefix = "tink-go-%s" % TINK_GO_VERSION,
sha256 = TINK_GO_SHA256,
)
load("@io_bazel_rules_go//go:deps.bzl", "go_register_toolchains", "go_rules_dependencies")
load("@bazel_gazelle//:deps.bzl", "gazelle_dependencies", "go_repository")
load("@com_github_tink_crypto_tink_go_v2//:deps.bzl", tink_go_dependencies="go_dependencies")
tink_go_dependencies()
#######################################
#
# Your project dependencies here.
#
#######################################
go_rules_dependencies()
go_register_toolchains(version = "1.21.8")
gazelle_dependencies()