Skip to content

v1.10.0

Latest
Latest
Compare
Choose a tag to compare
@morambro morambro released this 02 May 07:10
· 30 commits to main since this release
v1.10.0
601b2b8

Tink is a multi-language, cross-platform library that provides simple and misuse-proof APIs for common cryptographic tasks.

This is Tink Python 1.10.0

What's new

This is the first release from https://github.com/tink-crypto/tink-py.

The complete list of changes since 1.9.0 can be found here.

  • Added support:
    • Python 3.12
    • MS Windows (MSVC >= 2019)
    • HashiCorp Vault; added a KMS extension providing a hcvault.new_aead API to create an AEAD that interacts with a Vault server.
  • The the unused keyset_info metadata in encrypted keysets produced with tink.BinaryKeysetWriter and tink.proto_keyset_format.serialize_encrypted is not written anymore. This results in smaller keysets. tink.JsonKeysetWriter and tink.json_proto_keyset_format.serialize_encrypted are unchanged and still output keyset_info.
  • Added/upgraded deps:
    • tink-cc => 2.1.3
    • Bazel => 6.4.0
    • pybind11_bazel => v2.11.1.bzl.1
    • hvac>=1.1.1 (when using the hcvault extras)
    • rules_python => 0.31.0
  • PRF keys that don't use RAW output prefix type are now rejected.
  • Disallow using pickle on KeysetHandle objects making __getstate__ and __setstate__ raise a TinkError; this intends to prevent unintentional serialization of keyset handles which may leak keys. To serialize the KeysetHandle, use tink.proto_keyset_format or tink.json_proto_keyset_format. If this breaks your code, please file an issue on https://github.com/tink-crypto/tink-python.
  • Bazel build:
    • Updated tink_py_deps() to include all direct dependencies
    • Added tink_py_testonly_deps() to include test-only dependencies

To see what we're working towards, check our project roadmap.

Get started

To get started using Tink, see the setup guide.

Pip

# Core Tink.
pip3 install tink==1.10.0
# Core Tink + Google Cloud KMS extension.
pip3 install tink[gcpkms]==1.10.0
# Core Tink + AWS KMS extension.
pip3 install tink[awskms]==1.10.0
# Core Tink + HashiCorp Vault KMS extension.
pip3 install tink[hcvault]==1.10.0
# Core Tink + all the KMS extensions.
pip3 install tink[all]==1.10.0

Bazel

Tink Python can be used in a Bazel project as a pip dependency using rules_python’s pip_parse macro

Alternatively, tink-py can be added as a Bazel build dependency to your WORKSPACE file:

load("@bazel_tools//tools/build_defs/repo:http.bzl", "http_archive")

http_archive(
    name = "tink_py",
    urls = ["https://github.com/tink-crypto/tink-py/releases/download/v1.10.0/tink-py-1.10.0.zip"],
    strip_prefix = "tink-py-1.10.0",
    sha256 = "767453aae4aad6de4fbb4162992184aa427b7b27864fe9912c270b24c673e1cc",
)

load("@tink_py//:tink_py_deps.bzl", "tink_py_deps")
tink_py_deps()

// New
load("@rules_python//python:repositories.bzl", "py_repositories")
// New
py_repositories()

load("@tink_py//:tink_py_deps_init.bzl", "tink_py_deps_init")
tink_py_deps_init("tink_py")
Assets 3
Loading