Skip to content

project-oak/tink-rust

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

729 Commits

.github

.github

 
 

aead

aead

 
 

core

core

 
 

daead

daead

 
 

docs

docs

 
 

examples

examples

 
 

hybrid

hybrid

 
 

integration

integration

 
 

mac

mac

 
 

prf

prf

 
 

proto

proto

 
 

rinkey

rinkey

 
 

scripts

scripts

 
 

signature

signature

 
 

streaming

streaming

 
 

testing

testing

 
 

tests

tests

 
 

third_party/pki.goog

third_party/pki.goog

 
 

wycheproof @ 2196000

wycheproof @ 2196000

 
 

.codecov.yml

.codecov.yml

 
 

.gitignore

.gitignore

 
 

.gitmodules

.gitmodules

 
 

.mdl-style.rb

.mdl-style.rb

 
 

.mdlrc

.mdlrc

 
 

.rustfmt.toml

.rustfmt.toml

 
 

AUTHORS

AUTHORS

 
 

CONTRIBUTING.md

CONTRIBUTING.md

 
 

Cargo.lock

Cargo.lock

 
 

Cargo.toml

Cargo.toml

 
 

LICENSE

LICENSE

 
 

README.md

README.md

 
 

deny.toml

deny.toml

 
 

Repository files navigation

Tink in Rust

Docs MSRV CI Status Interop Status codecov

This repository holds a Rust port of Google's Tink cryptography library.

The following warnings apply to use of this repo:

  • This is not an official port of Tink, and is not supported by Google's cryptography teams.
  • The repo is under construction and so details of the API and the code may change without warning.

Also, this repository does not implement cryptographic functionality itself; the underlying cryptographic operations are currently provided by the RustCrypto crates – this repo focuses on making those cryptographic operations available via the Tink API.

This means that all of the security warnings for the underlying RustCrypto crates apply to this repo too.

Disclaimer

This is not an officially supported Google product.

Usage Overview

An introduction to working with the Tink API is provided here.

Crate Structure

The tink-core crate holds common functionality and includes the trait definitions for all primitives, but includes very little cryptographic functionality.

Individual cryptographic primitives are implemented in tink-<primitive> crates, which depend on:

  • the tink-core crate for common types and helpers
  • the tink-proto crate for protobuf-derived structs
  • the RustCrypto crates to provide underlying cryptographic implementations.

For example, the tink-aead crate provides code that performs authenticated encryption with additional data (AEAD), implementing the Aead trait from tink-core.

All of the tests for the Tink crates are integration tests (i.e. only use public APIs) and reside in a separate tink-tests crate.

Crate Features

The following crate features are available.

  • The tink-proto crate has a json feature that enables methods for serializing keysets to/from JSON. This additional functionality requires serde and serde_json as dependencies.
  • The tink-core crate also has a json feature that enables methods for serializing keysets to/from JSON, using tink-proto/json as above.
  • The tink-core crate also has an insecure feature, which enables methods that expose unencrypted key material. This feature should only be enabled for testing and development.

Port Design

A separate document describes the design choices involved in the Rust port.

About

Rust port of Tink cryptography library

Resources

Readme

License

Apache-2.0 license
Activity
Custom properties

Stars

80 stars

Watchers

13 watching

Forks

11 forks
Report repository

Releases

96 tags

Packages

No packages published

Contributors 4

  •  
  •  
  •  
  •  

Languages