Remove validation of the public key.

This isn't relevant anymore (and was always a bit of a minor thing). Let me explain.

One of the issues with the KeyManagers is that there can be invalid key protos. For example, suppose that a proto of type AesGcmKey contains a key of length 1. Then, clearly this is invalid.

The principle "Parse, don’t validate" says one should, when one creates an object, check that it is valid, and not even create it.

However, with protos this isn't possible. So the KeyTypeManagers tried to ensure that whenever they actually parse the proto and make it come to existence, it is also validated.

Because of this, the private key ones were designed to call "Validate" (in the public key manager) when they create a public key. This made things a bit more complicated and was probably a mistake from the beginning (instead, I could have probably done things better by just simply calling PublicKeyManager.validate(...) in each private key manager manually).

Anyhow, we don't need this anymore: we now always go key objects anyhow (in case we have a KeyTypeManager), so things will be validated properly. We can hence remove this.

PiperOrigin-RevId: 580834617
Change-Id: Ie88b958d804e4369a622cde2eea52deb3aa0e2eb
1 file changed
tree: 9509defbc0805f8084581e8d8f01a400e774e27c
  1. docs/
  2. examples/
  3. kokoro/
  4. maven/
  5. proto/
  6. src/
  7. src_android/
  8. testdata/
  9. tools/
  10. .bazelignore
  11. .bazelrc
  12. .bazelversion
  13. BUILD.bazel
  14. jar_jar_rules.txt
  15. LICENSE
  16. README.md
  17. template_rule.bzl
  18. tink_java_deps.bzl
  19. tink_java_deps_init.bzl
  20. version.bzl
  21. WORKSPACE
README.md

Tink Java

TestGCP UbuntuMacOS
BazelBazel_GcpUbuntuBazel_MacOs
MavenMaven_GcpUbuntuN/A

Using crypto in your application shouldn't have to feel like juggling chainsaws in the dark. Tink is a crypto library written by a group of cryptographers and security engineers at Google. It was born out of our extensive experience working with Google's product teams, fixing weaknesses in implementations, and providing simple APIs that can be used safely without needing a crypto background.

Tink provides secure APIs that are easy to use correctly and hard(er) to misuse. It reduces common crypto pitfalls with user-centered design, careful implementation and code reviews, and extensive testing. At Google, Tink is one of the standard crypto libraries, and has been deployed in hundreds of products and systems.

To get a quick overview of Tink's design please take a look at Tink's goals.

The official documentation is available at https://developers.google.com/tink.

Contact and mailing list

If you want to contribute, please read CONTRIBUTING and send us pull requests. You can also report bugs or file feature requests.

If you'd like to talk to the developers or get notified about major product updates, you may want to subscribe to our mailing list.

Maintainers

Tink is maintained by (A-Z):

  • Moreno Ambrosin
  • Taymon Beal
  • William Conner
  • Thomas Holenstein
  • Stefan Kölbl
  • Charles Lee
  • Cindy Lin
  • Fernando Lobato Meeser
  • Ioana Nedelcu
  • Sophie Schmieg
  • Elizaveta Tretiakova
  • Jürg Wullschleger

Alumni:

  • Haris Andrianakis
  • Daniel Bleichenbacher
  • Tanuj Dhir
  • Thai Duong
  • Atul Luykx
  • Rafael Misoczki
  • Quan Nguyen
  • Bartosz Przydatek
  • Enzo Puig
  • Laurent Simon
  • Veronika Slívová
  • Paula Vidas