This is already achieved by removing //build/config:no_rtti config.

Change-Id: Id5dd6ac5d054a959ce05b1d29148e5ef7d1c6a5c

Commands:
git clone https://fuchsia.googlesource.com/third_party/tink
cd tink
git checkout upstream/master
git checkout origin/master -b ${USER}-merge
git merge upstream/master
./tools/convert_for_cobalt

Had to commit using --no-verify because tink apparently added some files
which match its secret patterns.

Change-Id: I413c697c2a6fdcf81705ef706ccea30d55bef2ad

Also remove CMakeLists file creation in convert_for_cobalt.

Change-Id: I9f0f33afc6efbdd370df17fff17c1935762e5d4f

PiperOrigin-RevId: 272708100

Update Hybrid key validation to support X25519.
Add support for XChaCha20Poly1305 key templates.
Add more tests for hybrid decryption.

PiperOrigin-RevId: 272551202

PiperOrigin-RevId: 272461574

Problem was: isOnCurve did not reduce the limbs before checking for equality.

PiperOrigin-RevId: 272245293

PiperOrigin-RevId: 272153257

PiperOrigin-RevId: 271539033

I found the previous code hard to understand, since I didn't know to where the "continue" statement jumps: there's a for and a while loop. I don't think there's a bug, but I think the new code is much easier to understand anyhow.

PiperOrigin-RevId: 271337855

Make the sign key managers public, but restrict visibility of the constructor. Then, add a static function which registers it together with the public key manager.

Also, do the same for the PublicKey{Sign,Verify}wrappers.

PiperOrigin-RevId: 271328404

PiperOrigin-RevId: 271259922

Cleaning up WORKSPACE.

PiperOrigin-RevId: 271114848

Split EciesHkdfRecipientKemBoringSsl into two subclasses:
 * EciesHkdfNistPCurveRecipientKemBoringSsl to handle decrypting for NIST P curves.
 * EciesHkdfX25519RecipientKemBoringSsl to handle decrypting for curve 25519.

Split EciesHkdfSenderKemBoringSsl into two subclasses:
 * EciesHkdfNistPCurveSendKemBoringSsl to handle encrypting using NIST P curves.
 * EciesHkdfX25519SendKemBoringSsl to handle encrypting using curve 25519.

PiperOrigin-RevId: 270765601

PiperOrigin-RevId: 270703734

PiperOrigin-RevId: 270688621

Python configuration is based on https://github.com/tensorflow/tensorflow.
CLIF configuration is based on https://github.com/google/nucleus.

PiperOrigin-RevId: 270669457

PiperOrigin-RevId: 270664047

PiperOrigin-RevId: 270655570

It looks for a 4-byte length-prefix without checking that there are atleast 4
bytes.

Also, while I'm here, drop the use of bytes.Buffer in favor of just directly
slicing the incoming byte-slice. The bytes.Buffer isn't really helping here, it
doesn't itself do any additional validation, it adds additional cases to
validate (see the "n != ed" error-checking to handle impossible short-read
situations), and its almost definitely slower (since it forces copies whereas
slicing will just operate in-place). I also suspect this was forcing
encryptedDEK to be heap-allocated, as the compiler wouldn't be able to see
through the implementation of the tink.AEAD to figure out if the byte-slice
escaped to the heap (I haven't verified this).

PiperOrigin-RevId: 270511611

PiperOrigin-RevId: 270278753

PiperOrigin-RevId: 270264435

Make the EciesAeadHkdfPrivateKeyManager public, but restrict visibility of the constructor. Then, add a static function which registers it together with the public key manager.

Also, do the same for the Hybrid{En,De}cryptWrappers.

PiperOrigin-RevId: 270243637

Note that the Streaming AEAD Wrapper is still missing, so this is not yet at
feature parity with the other primitives.

PiperOrigin-RevId: 270241587

PiperOrigin-RevId: 270236806

Added DecryptingStream, which wraps a C++ decrypting stream and is returned by streaming_aead.new_decrypting_stream(...).

PiperOrigin-RevId: 270236129

PiperOrigin-RevId: 270220616

PiperOrigin-RevId: 270218637

PiperOrigin-RevId: 270099454

PiperOrigin-RevId: 270035715

PiperOrigin-RevId: 270006223

Add static method register() to AEAD key managers so that they can be registered separately from AeadConfig.

PiperOrigin-RevId: 269842065

This file object will be returned by streaming_aead.new_encrypting_stream(...).

PiperOrigin-RevId: 269839414

PiperOrigin-RevId: 269727909

Also update javascript tests to skip curve25519.

PiperOrigin-RevId: 269667740

- Make sure errors related to malformed csv credential file or bad path are thrown.

PiperOrigin-RevId: 269639332

PiperOrigin-RevId: 269573228

PiperOrigin-RevId: 269564299

Make all remaining symmetric key managers public; their constructor package private, and add a static method "register()".

Also do the same transformation to the wrappers and use the new functions in the config.

PiperOrigin-RevId: 269555278

Also do the same transformation to the wrappers and use the new functions in the config.

PiperOrigin-RevId: 269550398