Release Notes
| Product Version | GA Date |
|---|---|
| 8.18.0 | September 11, 2025 |
Product Description
CADP for C
CADP for C provides C/C++ based APIs for performing cryptographic and key management operations using CipherTrust Manager. It communicates with the CipherTrust Manager over NAE interfaces to manage the stored objects. It can also operate over KMIP.
CipherTrust Manager
With CipherTrust Manager, organizations can leverage a range of disparate software and hardware-based encryption products, while gaining the efficiency and security benefits of having all keys stored on a centralized, hardened security appliance.
The CipherTrust Manager offers robust capabilities for managing cryptographic keys across their lifecycle, including key generation, key import and export, key rotation, and much more. The CipherTrust Manager can be integrated through open APIs with virtually any off-the-shelf encryption product, including database encryption, laptop and device encryption, file and storage level encryption, and more.
Release Description
This release of CADP for C includes the new features and enhancements listed below.
New Features and Enhancements
- OpenSSL Upgrade: The OpenSSL version is upgraded to 3.0.17.
CAPI
Support of Auto Refresh Key Cache for symmetric and asymmetric keys.
Support of Refresh Key Cache API for symmetric keys.
CADP PKCS11
Bug fixes in this release.
Compatibility Information
CADP for C 8.18.0 is compatible with CipherTrust Manager 2.17.0 and higher.
Resolved and Known Issues
This section lists the issues fixed in this release. Also, the section lists the issues known to exist in the product at the time of release. The following table defines the severity of the issues listed in this section.
| Severity | Classification | Definition |
|---|---|---|
| C | Critical | No reasonable workaround exists. |
| H | High | Reasonable workaround exists. |
| M | Medium | Medium level priority problems. |
| L | Low | Lowest level priority problems. |
CAPI library
Resolved Issues
No resolved issues.
Known Issues
| Issue | Severity | Synopsis |
|---|---|---|
| CADP-12271 | H | Problem: Null value being appended to decrypted text with SEED/CBC/NoPadding |
| CADP-4910 | M | Problem: If connetion_idle_timeout is set to 0, the batch connections do not expire after _expiredTimeDiff, which is set to 240sec |
| CADP-1041 | M | Problem: Crypto operations can be done with Restricted Key in local mode |
| CADP-10883 | M | Problem: Key Wrapping and UnWrapping are not working with the KMIP |
| CADP-25156 | H | Problem: The I_C_KeyRefresh API is not supported in this version |
Limitations
Korean algorithm ARIA is not supported in Local encryption mode.
ECIES is not supported in batching.
NULL character is not supported in FPE/FF3 and FPE/FF3-1 algorithms.
PCKS#11 library
Resolved Issues
| Issue | Severity | Synopsis |
|---|---|---|
| CADP-23874 | M | Problem: CKA_ID is returned in Base64 format after migration |
Known Issues
| Issue | Severity | Synopsis |
|---|---|---|
| CADP-12638 | H | Problem: Version key Rotation Fails through C_GenerateKey API fails After 19 Rotation |
| CADP-1192 | M | Problem: Setting CKA_SIGN and CKA_VERIFY when importing an AES key does not work |
| CADP-12441 | M | Problem: Key/Object Handles returned by C_FindObjects are different from values returned by VAE |
| CADP-7961 | M | Problem: C_DestroyObject does not delete all versions when provided a base key handle |
| CADP-14324 | M | Problem: Key Imported with C_UnwrapKey does not have MUID and KEYID |
| CADP-13993 | M | Problem: Different Key Handle For the Asymmetric Keys when searched with UUID |
| CADP-14499 | M | Problem: CKA_SERIAL_NUMBER is not reflecting for keys after migration from DSM to CM |
Limitations
Wrapping and unwrapping are not supported for Asymmetric to Asymmetric keys.
Key Alias is not supported for Asymmetric keys.
Aliases are not supported for opaque objects.
NULL character is not supported in FPE/FF3 and FPE/FF3-1 algorithms.
Versioned Asymmetric keys are not supported.
DPM Headers are not supported for non-versioned keys and Muti-part operations.
RSA DPM header is supported in
LEGACY_VAE compatibilitymode only.Unwrapping of Opaque object with Symmetric key is not supported.
Wrapping and Unwrapping of Opaque object with Asymmetric key is not supported.
Associating an alias with a specific version of the key is not supported on the CipherTrust Manager. All the aliases get associated with the most active or latest version of the key.
AES-CTR algorithm is supported in Local mode only.
Supported Platforms
CADP for C is supported on the following platforms:
Windows (validated with Windows Server 2022)
RHEL (validated with RHEL 8)
