Release Notes
Product Description
CipherTrust Application Data Protection for .NET Core provides APIs for performing cryptographic and key management operations using CipherTrust Manager.
Release Description
This release of CADP for .NET Core includes new features and enhancements.
Features and Enhancements
Support for FPE/AES/Card10 in local mode.
Support for FPE/AES/Card26 in local mode.
Support for Credential and Passphrase Encryption.
Support for the NuGet Package (CipherTrust.CADP.NETCore).
Samples are moved to GitHub.
Added domain support.
Removed username entries from logs.
Added
CADP.NETCore_Properties.xml
in the installation directory of the NuGet package.Password masking on console while running samples.
Deprecated Support
The
Host
property is no longer required and will be deprecated in future release.The old log levels (LOW, MEDIUM, HIGH) are deprecated.
ProtectApp .NETCore 8.9 and earlier versions are now end of development.
Advisory Notes
It is recommended not to use the
Host
property; as this property will be deprecated in future release.Use the new log levels named NONE, ERROR, WARN (default), INFO, and DEBUG. If old log levels are used, they will be automatically set to WARN state.
The FPE/AES/CARD10 and FPE/AES/CARD26 algorithms are only applicable for non-versioned keys.
Permissions
To run the CADP for .NET Core, it is important that users have the necessary read and write permissions for log files.
If users do not have appropriate permissions, the CADP for .NET Core will return an error.
.NET Standard
CADP for .NET Core version 8.11.0 is supported on .NET Standard 2.1.
Multi-threaded Application with Large Number of Threads and Sessions
When spawning a high number of threads with each thread opening a new session, and all threads getting spawned with a delay in milliseconds, the code takes few seconds to process SSL client certificates. On the other hand if the threads can share the session the delay in SSL Client Certificate processing can be avoided.
Known Issues
This section lists the issues known to exist in the product at the time of release.
Issue | Synopsis |
---|---|
PAN-3064 | Problem: The HMAC ComputeHash API throws an error when data is more than 4096 bytes in remote mode. Workaround: Use the GenerateMac API. |
PAN-4618 | Problem: While getting/retrieving connection, the following error is encountered Intermittently: "The buffers supplied to a function was too small". |
CADP-9017 | Problem: While performing encryption using FPE/AES/CARD10 in remote mode, incorrect logs are generated if input data is more than 3500 bytes. |
CADP-24383 | Problem: In case of Versioned key, while using the AES/GCM algorithm, the auth tag generated for local mode and remote mode are different. Data encrypted through local mode can be decrypted through local mode only. Workaround: To resolve this issue, data encrypted through any other connector can be decrypted through CADP for .NET Core remote mode only. |
Limitations
For SSL connection, if multiple NAE servers are specified in the properties file, the Common Name/SAN must be same for all the server certificates. The Host
property in the properties file only supports single value.
Compatibility Information
This release is compatible with the CipherTrust Manager 2.2 and higher versions.
Supported Platforms
CADP for .NET Core is tested on the following platforms:
Windows Server 2016 Datacenter
RHEL Server 7.0 (Maipo)
macOS 12.5
Ubuntu 20.04