Your suggested change has been received. Thank you.

close

Suggest A Change

https://thales.na.market.dpondemand.io/docs/dpod/services/kmo….

Thales Logo

All

  • All
back

Release Notes

search

Please Note:

Release Notes

Product Description

CipherTrust Application Data Protection for .NET Core provides APIs for performing cryptographic and key management operations using CipherTrust Manager.

Release Description

This release of CADP for .NET Core includes new features and enhancements.

Features and Enhancements

  • Support added for the following algorithms in the local mode:

    • FPE/FF3-1/Card10

    • FPE/FF3-1/Card26

    • FPE/FF3-1/Card62

    • FPE/FF3-1/Unicode

  • Support added for the following encodings for FPE in the local mode:

    • UTF-16LE

    • UTF-16BE

    • UTF-32LE

  • Added capability to provide the encrypted Syslog_Passphrase using the Syslog_Passphrase_Encrypted property.

  • Support added for persistent cache.

  • Added support for CryptoDataUtility.

  • Added support to Sign and SignVerify Data using an EC Key.

  • Added ability to perform crypto operations based on the key permissions granted to the groups on the CipherTrust Manager.

  • Support added to fetch key name, version and header bytes using UUID for NAE versioned key.

Deprecated Support

  • The Host property is no longer required and will be deprecated in future release.

  • The old log levels (LOW, MEDIUM, HIGH) are deprecated.

  • ProtectApp .NETCore 8.9 and earlier versions are now end of development.

Advisory Notes

  • It is recommended not to use the Host property; as this property will be deprecated in future release.

  • Use the new log levels named NONE, ERROR, WARN (default), INFO, and DEBUG. If old log levels are used, they will be automatically set to WARN state.

Permissions

To run the CADP for .NET Core, it is important that users have the necessary read and write permissions for log files.

If users do not have appropriate permissions, the CADP for .NET Core will return an error.

.NET Standard

CADP for .NET Core version 8.14.0 is supported on .NET Standard 2.1.

Multi-threaded Application with Large Number of Threads and Sessions

When spawning a high number of threads with each thread opening a new session, and all threads getting spawned with a delay in milliseconds, the code takes few seconds to process SSL client certificates. On the other hand if the threads can share the session the delay in SSL Client Certificate processing can be avoided.

Resolved Issues

This section lists the issues fixed in this release.

IssueSynopsis
CADP-13490Exporting all versions of a versioned key doesn't work correctly.
CADP-19434Encrypting files larger than 1 MB throws an exception.
CADP-20351If FQDN is mentioned with the NAE_IP attribute, the Cryptodatautility fails to get keys from the local key cache file to perform encrypt/decrypt operations.

Known Issues

This section lists the issues known to exist in the product at the time of release.

IssueSynopsis
CADP-17523Problem: FF3-1/Card10 remote mode, the crypto operations don't work outside cardinality data provided in the input.
Workaround: Use FF3-1/Card10 in local mode.
PAN-3064Problem: The HMAC ComputeHash API throws an error when data is more than 4096 bytes in remote mode.
Workaround: Use the GenerateMac API.
CADP-11503Problem: The Special characters & and < are not supported in the Passphrase property.
Workaround: Encrypt the Passphrase using PassphraseUtility and set the Passphrase Encrypted property to yes.
CADP-14766Problem: Decryption of remote encrypted bytes fails on local mode for AES/GCM versioned keys.
CADP-15995Problem: Special Character &, <, and > are not supported in AAD data in AES/GCM.

Limitations

  • For SSL connection, if multiple NAE servers are specified in the properties file, the Common Name/SAN must be same for all the server certificates. The Host property in the properties file only supports single value.

  • For Persistent Cache to work properly, the total number of key versions on the CipherTrust Manager should be less than 10.

Compatibility Information

Supported Target Frameworks

  • .NET 6.0

  • .NET 8.0

Supported Platforms

CADP for .NET Core is tested on the following platforms:

  • Windows Server 2019 Datacenter

  • Red Hat Enterprise Linux 8.0 (Ootpa)

  • macOS 13.3

  • Ubuntu 20.04

Key Manager

CipherTrust Manager 2.2 and higher versions.

Deliverables

This release includes the following components:

  • NuGet Package (CipherTrust.CADP.NETCore)

  • Product documentation is available on Thalesdocs

  • CADP for .NET Core samples are available on GitHub

We have attempted to make these documents complete, accurate, and useful, but we cannot guarantee them to be perfect. When we discover errors or omissions, or they are brought to our attention, we endeavor to correct them in succeeding releases of the product.

On this page