fix: update dependency com.google.crypto.tink:tink-android to v1.15.0

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
com.google.crypto.tink:tink-android	1.13.0 -> 1.15.0

---

Release Notes

tink-crypto/tink-java (com.google.crypto.tink:tink-android)

v1.15.0: Tink Java v1.15.0

Tink is a multi-language, cross-platform library that provides simple and misuse-proof APIs for common cryptographic tasks.

This is Tink Java 1.15.0

To get started using Tink, see the setup guide.

What's new?

• Use Conscrypt to verify RSA SSA PKCS1 signatures if it is available. This fixes a bug when Tink is used in FIPS-only mode and when using ConfigurationFips140v2.
• Use Conscrypt for RSA SSA PSS signatures if it is available. RSA SSA PSS is now available when Tink is used in FIPS-only mode and when using ConfigurationFips140v2.
• RsaSsaPssSignJce and RsaSsaPssVerifyJce now throw an exception if sigHash and mgf1Hash are not equal. This makes these functions consistent with the non-subtle API and with other languages.
• Removed AeadOrDaead and EciesAeadHkdfDemHelper from subtle API. These were internal helper classes for hybrid encryption that are not needed anymore.
• Upgraded tink-android's androidx.annotation dependency to v1.8.2.

Future work

To see what we're working towards, check our project roadmap.

Getting started

Maven:

<dependency>
    <groupId>com.google.crypto.tink</groupId>
    <artifactId>tink</artifactId>
    <version>1.15.0</version>
</dependency>

Gradle:

dependencies {
  implementation 'com.google.crypto.tink:tink-android:1.15.0'
}

Bazel:

The recommended way to use tink-java is as a Maven dependency through rules_jvm_external.

load("@​bazel_tools//tools/build_defs/repo:http.bzl", "http_archive")

RULES_JVM_EXTERNAL_TAG = "6.1"
RULES_JVM_EXTERNAL_SHA ="d31e369b854322ca5098ea12c69d7175ded971435e55c18dd9dd5f29cc5249ac"

http_archive(
    name = "rules_jvm_external",
    strip_prefix = "rules_jvm_external-%s" % RULES_JVM_EXTERNAL_TAG,
    sha256 = RULES_JVM_EXTERNAL_SHA,
    url = "https://github.com/bazelbuild/rules_jvm_external/releases/download/%s/rules_jvm_external-%s.tar.gz" % (RULES_JVM_EXTERNAL_TAG, RULES_JVM_EXTERNAL_TAG)
)

load("@​rules_jvm_external//:repositories.bzl", "rules_jvm_external_deps")

rules_jvm_external_deps()

load("@​rules_jvm_external//:setup.bzl", "rules_jvm_external_setup")

rules_jvm_external_setup()

maven_install(
    artifacts = [
        "com.google.crypto.tink:tink:1.15.0",

##### ... other dependencies ...
    ],
    repositories = [
        "https://repo1.maven.org/maven2",
    ],
)

Alternatively, one can build Tink from source and include it with http_archive:

http_archive(
    name = "tink_java",
    urls = ["https://github.com/tink-crypto/tink-java/releases/download/v1.15.0/tink-java-1.15.0.zip"],
    strip_prefix = "tink-java-1.15.0",
    sha256 = "e246f848f7749e37f558955ecb50345b04d79ddb9d8d1e8ae19f61e8de530582"
)

load("@​tink_java//:tink_java_deps.bzl", "TINK_MAVEN_ARTIFACTS", "tink_java_deps")

tink_java_deps()

load("@​tink_java//:tink_java_deps_init.bzl", "tink_java_deps_init")

tink_java_deps_init()

##### ...

maven_install(
    artifacts = TINK_MAVEN_ARTIFACTS + # ... other dependencies ...
    repositories = [
        "https://repo1.maven.org/maven2",
    ],
)

v1.14.1

Tink is a multi-language, cross-platform library that provides simple and misuse-proof APIs for common cryptographic tasks.

This is Tink Java 1.14.1

To get started using Tink, see the setup guide.

What's new?

• Downgraded protobuf to 25.3; Protobuf 26.x introduced a breaking change for <= 25.x users.

Future work

To see what we're working towards, check our project roadmap.

Getting started

Maven:

<dependency>
    <groupId>com.google.crypto.tink</groupId>
    <artifactId>tink</artifactId>
    <version>1.14.1</version>
</dependency>

Gradle:

dependencies {
  implementation 'com.google.crypto.tink:tink-android:1.14.1'
}

Bazel:

The recommended way to use tink-java is as a Maven dependency through rules_jvm_external.

load("@​bazel_tools//tools/build_defs/repo:http.bzl", "http_archive")

RULES_JVM_EXTERNAL_TAG = "6.1"
RULES_JVM_EXTERNAL_SHA ="d31e369b854322ca5098ea12c69d7175ded971435e55c18dd9dd5f29cc5249ac"

http_archive(
    name = "rules_jvm_external",
    strip_prefix = "rules_jvm_external-%s" % RULES_JVM_EXTERNAL_TAG,
    sha256 = RULES_JVM_EXTERNAL_SHA,
    url = "https://github.com/bazelbuild/rules_jvm_external/releases/download/%s/rules_jvm_external-%s.tar.gz" % (RULES_JVM_EXTERNAL_TAG, RULES_JVM_EXTERNAL_TAG)
)

load("@​rules_jvm_external//:repositories.bzl", "rules_jvm_external_deps")

rules_jvm_external_deps()

load("@​rules_jvm_external//:setup.bzl", "rules_jvm_external_setup")

rules_jvm_external_setup()

maven_install(
    artifacts = [
        "com.google.crypto.tink:tink:1.14.1",

##### ... other dependencies ...
    ],
    repositories = [
        "https://repo1.maven.org/maven2",
    ],
)

Alternatively, one can build Tink from source and include it with http_archive:

http_archive(
    name = "tink_java",
    urls = ["https://github.com/tink-crypto/tink-java/releases/download/v1.14.1/tink-java-1.14.1.zip"],
    strip_prefix = "tink-java-1.14.1",
    sha256 = "1f8a2df8fcbfc9b19fba0d5f58cdcc12021cb33cdc307d22d840b437fd17347c"
)

load("@​tink_java//:tink_java_deps.bzl", "TINK_MAVEN_ARTIFACTS", "tink_java_deps")

tink_java_deps()

load("@​tink_java//:tink_java_deps_init.bzl", "tink_java_deps_init")

tink_java_deps_init()

##### ...

maven_install(
    artifacts = TINK_MAVEN_ARTIFACTS + # ... other dependencies ...
    repositories = [
        "https://repo1.maven.org/maven2",
    ],
)

v1.14.0: Tink Java 1.14.0

Tink is a multi-language, cross-platform library that provides simple and misuse-proof APIs for common cryptographic tasks.

This is Tink Java 1.14.0

To get started using Tink, see the setup guide.

What's new?

API changes

• Removed PrimitiveWrapper. We anticipate no impact on users, as this class was already rendered unavailable after Registry.registerPrimitiveWrapper was removed in Tink Java 1.13.0.

Performance improvements

• Improved performance of AES-EAX AEAD.
• Improved performance of AES-SIV Deterministic AEAD.
• Improved performance of AES-CMAC PRF.
• Improved performance of ECIES Hybrid Encryption.

Bug fixes

• Fixed bug in binary keyset parsing that resulted in a TinkBugException when parsing invalid input.
• Fixed bug in JSON keyset parsing that resulted in a RuntimeException when parsing invalid input.
• Fixed bug where the channel obtained from newSeekableDecryptingChannel falsely returned -1 on read calls. This only happens if read was called with an empty buffer, and if the previous call to read sucessfully read the end of the stream.

Upgraded dependencies

• protobuf (=> 27.0)

Future work

To see what we're working towards, check our project roadmap.

Getting started

Maven:

<dependency>
    <groupId>com.google.crypto.tink</groupId>
    <artifactId>tink</artifactId>
    <version>1.14.0</version>
</dependency>

Gradle:

dependencies {
  implementation 'com.google.crypto.tink:tink-android:1.14.0'
}

Bazel:

The recommended way to use tink-java is as a Maven dependency through rules_jvm_external.

load("@​bazel_tools//tools/build_defs/repo:http.bzl", "http_archive")

RULES_JVM_EXTERNAL_TAG = "6.1"
RULES_JVM_EXTERNAL_SHA ="d31e369b854322ca5098ea12c69d7175ded971435e55c18dd9dd5f29cc5249ac"

http_archive(
    name = "rules_jvm_external",
    strip_prefix = "rules_jvm_external-%s" % RULES_JVM_EXTERNAL_TAG,
    sha256 = RULES_JVM_EXTERNAL_SHA,
    url = "https://github.com/bazelbuild/rules_jvm_external/releases/download/%s/rules_jvm_external-%s.tar.gz" % (RULES_JVM_EXTERNAL_TAG, RULES_JVM_EXTERNAL_TAG)
)

load("@​rules_jvm_external//:repositories.bzl", "rules_jvm_external_deps")

rules_jvm_external_deps()

load("@​rules_jvm_external//:setup.bzl", "rules_jvm_external_setup")

rules_jvm_external_setup()

maven_install(
    artifacts = [
        "com.google.crypto.tink:tink:1.14.0",

##### ... other dependencies ...
    ],
    repositories = [
        "https://repo1.maven.org/maven2",
    ],
)

Alternatively, one can build Tink from source and include it with http_archive:

http_archive(
    name = "com_github_tink_crypto_tink_java",
    urls = ["https://github.com/tink-crypto/tink-java/archive/refs/tags/v1.14.0.zip"],
    strip_prefix = "tink-java-1.14.0",
    sha256 = ...
)

load("@​tink_java//:tink_java_deps.bzl", "TINK_MAVEN_ARTIFACTS", "tink_java_deps")

tink_java_deps()

load("@​tink_java//:tink_java_deps_init.bzl", "tink_java_deps_init")

tink_java_deps_init()

##### ...

maven_install(
    artifacts = TINK_MAVEN_ARTIFACTS + # ... other dependencies ...
    repositories = [
        "https://repo1.maven.org/maven2",
    ],
)

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.