Latest 1.2.2
Homepage https://github.com/google/tink
License Copyright Copyright 2018 Google
Platforms ios 9.0
Dependencies rapidjson

A multi-language, cross-platform library that provides cryptographic APIs that are secure, easy to use correctly, and hard(er) to misuse.

Ubuntu macOS
Kokoro Ubuntu Kokoro macOS

Index

  1. Introduction
  2. Getting Started
  3. Current Status
  4. Learn More
  5. Contact and Mailing List
  6. Maintainers

Introduction

Using crypto in your application shouldn’t have
to

feel like juggling chainsaws in the dark. Tink is a crypto library written by a
group of cryptographers and security engineers at Google. It was born out of
our extensive experience working with Google’s product teams, fixing
weaknesses in implementations
, and
providing simple APIs that can be used safely without needing a crypto
background.

Tink provides secure APIs that are easy to use correctly and hard(er) to misuse.
It reduces common crypto pitfalls with user-centered design, careful
implementation and code reviews, and extensive testing. At Google, Tink is
already being used to secure data of many products such as AdMob, Google Pay,
Google Assistant, Firebase, the Android Search App, etc.

To get a quick overview of Tink design please take a look at
slides from a
talk about Tink
presented
at Real World Crypto 2019.

Getting started

TIP The easiest way to get started with Tink is to install
Bazel, then build, run
and play with the hello world examples.

Tink performs cryptographic tasks via so-called primitives,
each of which is defined via a corresponding interface that specifies the
functionality of the primitive. For example, symmetric key encryption is
offered via an AEAD-primitive (Authenticated Encryption with Associated
Data)
, that
supports two operations:

  • encrypt(plaintext, associated_data), which encrypts the given plaintext
    (using associated_data as additional AEAD-input) and returns the resulting
    ciphertext
  • decrypt(ciphertext, associated_data), which decrypts the given
    ciphertext (using associated_data as additional AEAD-input) and returns
    the resulting plaintext

Before implementations of primitives can be used, they must be registered at
runtime with Tink, so that Tink "knows" the desired implementations. Here’s how
you can register all implementations of all primitives in Tink:

    import com.google.crypto.tink.config.TinkConfig;

    TinkConfig.register();

After implementations of primitives have been registered, the basic use of Tink
proceeds in three steps:

  1. Load or generate the cryptographic key material (a Keyset in Tink terms).
  2. Use the key material to get an instance of the chosen primitive.
  3. Use that primitive to accomplish the cryptographic task.

Here is how these steps would look like when encrypting or decrypting with an
AEAD primitive in Java:

    import com.google.crypto.tink.Aead;
    import com.google.crypto.tink.KeysetHandle;
    import com.google.crypto.tink.aead.AeadKeyTemplates;

    // 1. Generate the key material.
    KeysetHandle keysetHandle = KeysetHandle.generateNew(
        AeadKeyTemplates.AES128_GCM);

    // 2. Get the primitive.
    Aead aead = keysetHandle.getPrimitive(Aead.class);

    // 3. Use the primitive.
    byte[] ciphertext = aead.encrypt(plaintext, associatedData);

Current Status

  • Java and Android, C++ and
    Obj-C are field tested and ready for production. The
    latest version is
    1.2.2, released on
    2019-01-24.

  • Tink for Go and JavaScript are in active development.

Learn More

Contact and mailing list

If you want to contribute, please read CONTRIBUTING
and send us pull requests. You can also report bugs or file feature requests.

If you’d like to talk to the developers or get notified about major product
updates, you may want to subscribe to our mailing
list
. To join, simply send
an empty email to [email protected]

Maintainers

Tink is maintained by (A-Z):

  • Haris Andrianakis
  • Daniel Bleichenbacher
  • Thai Duong
  • Thomas Holenstein
  • Charles Lee
  • Quan Nguyen
  • Bartosz Przydatek
  • Veronika Slívová

Latest podspec

{
    "authors": "Google, Inc.",
    "dependencies": {
        "rapidjson": "~> 1.1.0"
    },
    "description": "Tink is a crypto library that provides simple and secure APIs that can be used safely without needing a crypto background.",
    "homepage": "https://github.com/google/tink",
    "libraries": [
        "c++"
    ],
    "license": {
        "text": "Copyright 2018 Google",
        "type": "Copyright"
    },
    "name": "Tink",
    "platforms": {
        "ios": "9.0"
    },
    "preserve_paths": [
        "README.md",
        "CHANGELOG"
    ],
    "source": {
        "http": "https://dl.google.com/dl/cpdc/3a198ab317d35620/Tink-1.2.2.tar.gz"
    },
    "summary": "Tink Crypto Library",
    "vendored_frameworks": [
        "Frameworks/Tink.framework"
    ],
    "version": "1.2.2"
}

Pin It on Pinterest

Share This