Release Notes
Product Description
CipherTrust Batch Data Transformation (BDT) is a command line utility that is used to transform (encrypt/tokenize) data in files and databases. It is a policy-based tool and can efficiently transform bulk data, and can also be used for rekey operations.
Release Description
This release includes new features and enhancements.
New Features and Enhancements
Added support for storing output of crypto operations in a new column
Added a new attribute targetColName to the BDT Policy File under Columns Attributes for storing output of the crypto operations (encrypt/decrypt/rekey) in a new column.
Refer to Storing Output of Crypto Operations in a New Column, Sample to Encrypt/Decrypt/Rekey in a New Column for CSV File and Sample to Encrypt/Decrypt/Rekey in a New Column for Fixed Length File for details.
Added support for FPE_AES encryption
Refer to FPE_AES section under Supported Encryption Algorithms for details.
Added support for enableHexLiteral attribute
Added support for a new attribute enableHexLiteral that allows the ciphertext to be enclosed with hex literals.
Refer to enableHexLiteral attribute under Top-level Policy Attributes in BDT Policy File for details.
Note
The above features do not support TOKENIZE and DETOKENIZE crypto operations.
Added support for trimming trailing and initial white spaces from input file
This feature allows BDT to trim initial and trailing white spaces from data present in the column to be transformed.
Refer to trimSpaces attribute under Top-level Policy Attributes in BDT Policy File for details.
Added support for identity column for SQL Server database
Improved BDT logging
Refer to Configure Logging for details.
Advisory Note
Support for initial encryption is available up to DPG version 1.2.0.
Compatibility Information
Key Manager
BDT is compatible with CipherTrust Manager 2.11.1 LTS and higher.
Note
When running BDT with a centralized policy file, CipherTrust Manager version 2.12.2, 2.18, and higher is not supported.
Supported JRE Versions
Following JRE versions are supported in this release:
| JRE | Version |
|---|---|
| Oracle Java | Version 8 (minimum 1.8.0_132) and higher. |
| OpenJDK | Version 11 (version 11.0.19) and 12 (version 12.0.2). |
| IBM Java | Version 8 (minimum 8.0.8.5). |
Resolved Issues
| Reference | Description |
|---|---|
| CADP-13935 | Transformation fails if the destination table of the SQL Server database contains identity column. Following error message appears: PreparedStatementCallback; uncategorized SQLException for SQL [Insert into COLLEGES values(?,?,?)]; SQL state [S0001]; error code [8101]; An explicit value for the identity column in table ' |
| CADP-14503 | Getting error if the default column in the orderby clause is case sensitive.Note: This is a legacy bug that is fixed in this release. |
| CADP-14521 | Transformation fails when the BDT policy file contains subset fields with zero (0) offset, limit and recurrency. Note: This is a legacy bug that is fixed in this release. |
Known Issues
| Reference | Description |
|---|---|
| CADP-24350 | Transformation on multiple tables fail when thread count is 1. |
| CADP-28055 | Encrypting or decrypting Arabic characters using FPE results in errors. |
| CADP-19398 | Unable to read the unprocessed record file when inPlaceUpdate is set to true, as the data is written without column headers. |
| CADP-24175 | A deadlock error occurs during an in-place transformation in the Microsoft SQL Server database when the table has a primary key with a varchar datatype. Workaround: Using a primary key of a varchar datatype can slow down comparisons compared to integer datatypes, potentially leading to a deadlock. Therefore, it is recommended to modify the table to have a primary key of integer datatype. After the transformation is over, these changes can be reverted. 1. Identify the primary key constraint name. SELECT nameFROM sys.key_constraintsWHERE type = 'PK'AND parent_object_id = OBJECT_ID('table_name');2. Drop composite primary key constraint from the table. ALTER TABLE table_name DROP CONSTRAINT <constraint_name>;The Alter table <table_name> add <new_primary_column> int primary key identity(1,1)4. Run the transformation. It will run successfully. 5. Delete the new primary key created in step 3. — Identify its constraint name using the query mentioned in step 1. — Drop the constraint using query mentioned in step 2. 6. Alter the table to add the composite primary key constraint back. ALTER TABLE <table_name> ADD CONSTRAINT <constraint_name> PRIMARY KEY (<column_name1>, <column_name2>); |
| CADP-13218 | Following error message appears continuously on console while performing transformation on empty table in DB2:Note: The user needs to abort manually using Ctrl+C option. |
| CADP-14217 | If the destination table contains identity column of type ALWAYS, transformation fails. This is a limitation from Oracle and DB2 databases that you cannot insert explicit value in identity column of type ALWAYS. Following are the workarounds to perform transformation: Oracle: Alter table and modify identity column type ALWAYS to BY DEFAULT. DB2: Alter table to drop identity property from column. Alter table to add identity property of type BY DEFAULT.
|
| CADP-15091 | After configuring the policy file for two tables and setting srcColumnAction to "remove", if the transformation fails for any of these tables, the source column will not be removed. |
| CADP-16680 | BDT throws the following error while configuring dataProtectionConfig using the password that contains double quotes (") or backslash (\) characters:Failed post request to Data Protection Service. Received response - null Workaround: If the password contains double quotes (") or backslash (\) characters, escape these characters while setting in BDT.For example, if the actual password is xyz"@123\xyz, the password in dataProtectionConfig must be configured as xyz\"@123\\xyz |
| CADP-18948 | If the source table contains null value in the column to be transformed and trimSpaces is enabled, transformation fails with NullPointerException.Workaround: • If trimSpaces is not required, disable or do not configure it in the BDT policy file.• If trimSpaces is required, use File-to-DB or File-to-File transformation. |
