Bump crypto.tink.version from 1.6.1 to 1.7.0

[dependabot[bot]]

Bumps crypto.tink.version from 1.6.1 to 1.7.0. Updates tink from 1.6.1 to 1.7.0

Release notes

Sourced from tink's releases.

Tink 1.7.0

Tink is a multi-language, cross-platform library that provides simple and misuse-proof APIs for common cryptographic tasks.

This is Tink 1.7.0.

To get started using Tink, see the installation instructions.

To see what we're working towards, check our project roadmap.

What's new

The complete list of changes since 1.6.1 can be found here.

General

• Hybrid Public Key Encryption (HPKE)
  • Added support for HPKE as defined in RFC 9180
  • Implemented in C++, Java, Go, and Python.
  • NOTE: In C++, HPKE is not present when using OpenSSL or when FIPS-only mode is enabled.
• JSON Web Token (JWT)
  • Added support for a subset of JWT as defined by RFC 7519 that is considered safe and most often used
  • Implemented in C++, Java, Go, and Python.
  • See the JWT-HOWTO.
• Protocol buffer definitions and test data are now embedded within each Bazel workspace.

C++

• Post-Quantum Cryptography
  • Experimental only implementations of Dilithium, Falcon, and Sphincs.
• CMake build options
  • Added option to use pre-installed OpenSSL (v1.1.1), gTest, and Abseil (v1.1.1) src
  • Added option to propagate client CMAKE_CXX_STANDARD, see the CMAKE HOW-TO
• Optional migration to absl::Status and absl::StatusOr
  • CMake
  • Bazel

Java

• Upgraded dependencies with vulnerabilities
  • gson 2.8.6 => 2.8.9 (solves CVE-2022-25647) [src]
  • protobuf-java 3.14.0 => 3.19.3 (solves CVE-2021-22569) [src]

Go

• GCP KMS
  • Added more flexible client instantiation via NewClientWithOptions which takes option.ClientOptions arguments.
• Fix memory utilization bug in streaming AEAD (google/tink#594)

Python

... (truncated)

Commits

• 27b061b Bump version to 1.7.0.
• d1ea07d Fix typo in test environment check.
• c72064f Tag CreatePublicKeysetCommandTest as manual.
• c98c476 Add a test to the MacWrapper that if a key is a MacKey, the OutputPrefix is a...
• dbb5ca7 Add validation test with duplicated 'issuer' claim, and with invalid UTF-16 e...
• 76008a2 Move the SimpleParameters into LegacyProtoKey and rename it to LegacyProtoPar...
• 270f07c Migrate more instances of StandardCharsets to toBytesFromPrintableAscii.
• b9d25ca Tag tools KMS integration tests as manual and update Kokoro accordingly.
• cb0a9b6 Add parameter to kokoro/testutils/copy_credentials.sh to select for which KMS...
• 826e8b7 Tag Java GCPKMS tests as manual and update Kokoro accordingly.
• Additional commits viewable in compare view

Updates tink-awskms from 1.6.1 to 1.7.0

Release notes

Sourced from tink-awskms's releases.

Tink 1.7.0

Tink is a multi-language, cross-platform library that provides simple and misuse-proof APIs for common cryptographic tasks.

This is Tink 1.7.0.

To get started using Tink, see the installation instructions.

To see what we're working towards, check our project roadmap.

What's new

The complete list of changes since 1.6.1 can be found here.

General

• Hybrid Public Key Encryption (HPKE)
  • Added support for HPKE as defined in RFC 9180
  • Implemented in C++, Java, Go, and Python.
  • NOTE: In C++, HPKE is not present when using OpenSSL or when FIPS-only mode is enabled.
• JSON Web Token (JWT)
  • Added support for a subset of JWT as defined by RFC 7519 that is considered safe and most often used
  • Implemented in C++, Java, Go, and Python.
  • See the JWT-HOWTO.
• Protocol buffer definitions and test data are now embedded within each Bazel workspace.

C++

• Post-Quantum Cryptography
  • Experimental only implementations of Dilithium, Falcon, and Sphincs.
• CMake build options
  • Added option to use pre-installed OpenSSL (v1.1.1), gTest, and Abseil (v1.1.1) src
  • Added option to propagate client CMAKE_CXX_STANDARD, see the CMAKE HOW-TO
• Optional migration to absl::Status and absl::StatusOr
  • CMake
  • Bazel

Java

• Upgraded dependencies with vulnerabilities
  • gson 2.8.6 => 2.8.9 (solves CVE-2022-25647) [src]
  • protobuf-java 3.14.0 => 3.19.3 (solves CVE-2021-22569) [src]

Go

• GCP KMS
  • Added more flexible client instantiation via NewClientWithOptions which takes option.ClientOptions arguments.
• Fix memory utilization bug in streaming AEAD (google/tink#594)

Python

... (truncated)

Commits

• 27b061b Bump version to 1.7.0.
• d1ea07d Fix typo in test environment check.
• c72064f Tag CreatePublicKeysetCommandTest as manual.
• c98c476 Add a test to the MacWrapper that if a key is a MacKey, the OutputPrefix is a...
• dbb5ca7 Add validation test with duplicated 'issuer' claim, and with invalid UTF-16 e...
• 76008a2 Move the SimpleParameters into LegacyProtoKey and rename it to LegacyProtoPar...
• 270f07c Migrate more instances of StandardCharsets to toBytesFromPrintableAscii.
• b9d25ca Tag tools KMS integration tests as manual and update Kokoro accordingly.
• cb0a9b6 Add parameter to kokoro/testutils/copy_credentials.sh to select for which KMS...
• 826e8b7 Tag Java GCPKMS tests as manual and update Kokoro accordingly.
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[codecov[bot]]

Codecov Report

Merging #109 (7c9aa41) into main (fc9ffca) will not change coverage. The diff coverage is n/a.

@@            Coverage Diff            @@
##               main     #109   +/-   ##
=========================================
  Coverage     55.75%   55.75%           
  Complexity      105      105           
=========================================
  Files            38       38           
  Lines           382      382           
  Branches          8        8           
=========================================
  Hits            213      213           
  Misses          161      161           
  Partials          8        8           

:mega: We’re building smart automated test selection to slash your CI/CD build times. Learn more