Your suggested change has been received. Thank you.

close

Suggest A Change

https://thales.na.market.dpondemand.io/docs/dpod/services/kmo….

Thales Logo

All

  • All
back

Release Notes

search

Please Note:

Release Notes

Product Description

CipherTrust Application Data Protection for .NET Core provides APIs for performing cryptographic and key management operations using CipherTrust Manager.

Release Description

This release of CADP for .NET Core includes new features and enhancements.

Features and Enhancements

  • Support for FPE/AES/Card10 in local mode.

  • Support for FPE/AES/Card26 in local mode.

  • Support for Credential and Passphrase Encryption.

  • Support for the NuGet Package (CipherTrust.CADP.NETCore).

  • Samples are moved to GitHub.

  • Added domain support.

  • Removed username entries from logs.

  • Added CADP.NETCore_Properties.xml in the installation directory of the NuGet package.

  • Password masking on console while running samples.

Deprecated Support

  • The Host property is no longer required and will be deprecated in future release.

  • The old log levels (LOW, MEDIUM, HIGH) are deprecated.

  • ProtectApp .NETCore 8.9 and earlier versions are now end of development.

Advisory Notes

  • It is recommended not to use the Host property; as this property will be deprecated in future release.

  • Use the new log levels named NONE, ERROR, WARN (default), INFO, and DEBUG. If old log levels are used, they will be automatically set to WARN state.

  • The FPE/AES/CARD10 and FPE/AES/CARD26 algorithms are only applicable for non-versioned keys.

Permissions

To run the CADP for .NET Core, it is important that users have the necessary read and write permissions for log files.

If users do not have appropriate permissions, the CADP for .NET Core will return an error.

.NET Standard

CADP for .NET Core version 8.11.0 is supported on .NET Standard 2.1.

Multi-threaded Application with Large Number of Threads and Sessions

When spawning a high number of threads with each thread opening a new session, and all threads getting spawned with a delay in milliseconds, the code takes few seconds to process SSL client certificates. On the other hand if the threads can share the session the delay in SSL Client Certificate processing can be avoided.

Known Issues

This section lists the issues known to exist in the product at the time of release.

IssueSynopsis
PAN-3064Problem: The HMAC ComputeHash API throws an error when data is more than 4096 bytes in remote mode.
Workaround: Use the GenerateMac API.
PAN-4618Problem: While getting/retrieving connection, the following error is encountered Intermittently:
"The buffers supplied to a function was too small".
CADP-9017Problem: While performing encryption using FPE/AES/CARD10 in remote mode, incorrect logs are generated if input data is more than 3500 bytes.
CADP-24383Problem: In case of Versioned key, while using the AES/GCM algorithm, the auth tag generated for local mode and remote mode are different. Data encrypted through local mode can be decrypted through local mode only.
Workaround: To resolve this issue, data encrypted through any other connector can be decrypted through CADP for .NET Core remote mode only.

Limitations

For SSL connection, if multiple NAE servers are specified in the properties file, the Common Name/SAN must be same for all the server certificates. The Host property in the properties file only supports single value.

Compatibility Information

This release is compatible with the CipherTrust Manager 2.2 and higher versions.

Supported Platforms

CADP for .NET Core is tested on the following platforms:

  • Windows Server 2016 Datacenter

  • RHEL Server 7.0 (Maipo)

  • macOS 12.5

  • Ubuntu 20.04

On this page