Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(deps): update module github.com/tink-crypto/tink-go/v2 to v2.3.0 #9

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

fix(deps): update module github.com/tink-crypto/tink-go/v2 to v2.3.0 #9

wants to merge 1 commit into from

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Jan 14, 2025

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
github.com/tink-crypto/tink-go/v2 v2.2.0 -> v2.3.0 age adoption passing confidence

Release Notes

tink-crypto/tink-go (github.com/tink-crypto/tink-go/v2)

v2.3.0

Compare Source

This is Tink Go 2.3.0

What's new

The complete list of changes since 2.2.0 can be found here.

New APIs

Keyset Handle and Manager
  • Added methods to keyset.Handle: Len(), Primary(), and Entry(i int).
  • keyset.Manager makes a deep copy of the keyset on calls to Handle().
  • Added AddKey and AddNewKeyFromParameters to keyset.Manager
  • Added Key and Parameters interface which represent keys and their
    parameters. Added key.Parameters and key.Key definitions for:
    • AEAD
      • AES-CTR-HMAC
      • AES-GCM
      • AES-GCM-SIV
      • ChaCha20Poly1305
      • X-AES-GCM
      • XChaCha20Poly1305
    • Signature
      • Ed25519
      • ECDSA
      • RSA-SSA-PKCS1
      • RSA-SSA-PSS
  • Made keyset.Handle NewHandle.* APIs accept only valid keysets; expect
    parsing of invalid proto keysets to fail for invalid keysets. With this
    change, tests that create keysets with an empty or invalid KeyData and
    expect a failure on primitive creation will now fail. The user can still
    create an empty keyset.Handle, for which all methods fail. A valid keyset
    is such that:
    • Is non-empty
    • Keys have key data and valid output prefix and status
    • Has only one primary key, which must be ENABLED
  • Added keyset.ReadWithContext and keyset.WriteWithContext that use the
    tink.AEADWithContext interface.
  • Made WriteWithNoSecrets fail with a nil proto keyset consistently with
    all other Write.* methods.
Other
  • Added the insecuresecretdataaccess.Token struct to track and optionally
    restrict raw key material access, and secretdata.Bytes to wrap access
    controlled key bytes. In tests, insecuresecretkeyaccesstest.Token() can be
    used.
  • Added the tink.AEADWithContext interface, which allows a context.Context
    to be passed along. KMS implementations should prefer this interface when
    implementing a remote AEAD.
  • When serializing ECDSA keys, the encoding changed (as padding of the points
    changed). Users should not rely on specific encodings produced by Tink.
  • Set Go 1.22 as the minimum supported version.
  • Upgraded deps:
    • golang.org/x/crypto to v0.31.0
    • google.golang.org/protobuf to v1.36.0
    • golang.org/x/sys to v0.28.0
  • Add HPKE KEM support for the NIST curves.
  • Add HPKE KDF support for SHA-384 and SHA-512.
  • Performance improvments for AEAD primitives.

Removed APIs

  • Removed Bazel config. With this change Bazel users will no longer be able to
    import tink-go as a pure Bazel dependency (bazel_dep) in their
    MODULE.bazel file. However, Bazel users can continue importing tink-go
    using bazel-gazelle. If this
    causes any issues in your project, please file an issue.
  • Removed ChaCha20Poly1305 subtle's exported Key field. This was added by
    mistake.
  • Removed primitiveset.PrimitiveSet, keyset.Primitives and
    keyset.PrimitivesWithKeyManager from the public API. This API was never
    really intended to be used outside Tink. We are making changes to Tink
    internals and we prefer to break users at compile time. If this affects you,
    please file an issue.

Future work

To see what we're working towards, check our project roadmap.

Get started

To get started using Tink, see the setup guide.

Go tooling

go get github.com/tink-crypto/tink-go/v2@​v2.3.0

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate Renovate
Copy link
Contributor Author

renovate bot commented Jan 14, 2025

ℹ Artifact update notice

File name: go.mod

In order to perform the update(s) described in the table above, Renovate ran the go get command, which resulted in the following additional change(s):

  • 3 additional dependencies were updated
  • The go directive was updated for compatibility reasons

Details:

Package Change
go 1.21 -> 1.23.4
golang.org/x/crypto v0.23.0 -> v0.31.0
golang.org/x/sys v0.20.0 -> v0.28.0
google.golang.org/protobuf v1.34.1 -> v1.36.0

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants