Release Notes
| Product Version | GA Date |
|---|---|
| 8.15.0 | September 05, 2025 |
Product Description
CipherTrust Application Data Protection for .NET Core provides APIs for performing cryptographic and key management operations using CipherTrust Manager.
Release Description
This release includes new features and enhancements.
Features and Enhancements
Added support for GetKeyNames
Added support for Auto Refresh
Added support Microsoft Cert Store on Windows for Local Machine by finding Common Name
Deprecated Support
The
Hostproperty is no longer required and will be deprecated in future release.The old log levels (LOW, MEDIUM, HIGH) are deprecated.
ProtectApp .NETCore 8.9 and earlier versions are now end of development.
Advisory Notes
It is recommended not to use the
Hostproperty; as this property will be deprecated in future release.Use the new log levels named NONE, ERROR, WARN (default), INFO, and DEBUG. If old log levels are used, they will be automatically set to WARN state.
Permissions
To run the CADP for .NET Core, it is important that users have the necessary read and write permissions for log files.
If users do not have appropriate permissions, the CADP for .NET Core will return an error.
.NET Standard
CADP for .NET Core version 8.15.0 is supported on .NET Standard 2.1.
Multi-threaded Application with Large Number of Threads and Sessions
When spawning a high number of threads with each thread opening a new session, and all threads getting spawned with a delay in milliseconds, the code takes few seconds to process SSL client certificates. On the other hand if the threads can share the session the delay in SSL Client Certificate processing can be avoided.
Resolved and Known Issues
This section lists the issues fixed in this release. Also, this section lists the issues known to exist in the product at the time of release. The following table defines the severity of the issues listed in this section.
| Severity | Classification | Definition |
|---|---|---|
| C | Critical | No reasonable workaround exists. |
| H | High | Reasonable workaround exists. |
| M | Medium | Medium level priority problems. |
| L | Low | Lowest level priority problems. |
Resolved Issues
| Issue | Severity | Synopsis |
|---|---|---|
| CADP-24383 | M | Problem: In case of Versioned key, while using the AES/GCM algorithm, the auth tag generated for local mode and remote mode are different. Data encrypted through local mode can be decrypted through local mode only. |
| CADP-26826 | H | Problem: CADP for .NET Core will not switch over to the next CipherTrust Manager when the CipherTrust Manager for the session in ConnectionPool is unreachable (fixed for NAE Key Management APIs). |
| CADP-17523 | C | Problem: FF3-1/Card10 remote mode, the crypto operations don't work outside cardinality data provided in the input (fixed on CipherTrust Manager version 2.20). |
| CADP-23853 | H | Problem: User Group Permission - Remote Mode should not check the group permissions. |
| CADP-17595 | H | Problem: Difference in client certificate identification between .NET Framework and .NET Core. While .NET Framework supports both Common Name and Thumbprint, .NET Core supports only Thumbprint. |
| CADP-27163 | H | Problem: The CADP for .NET Core SDK does not support tiers with duplicate NAE_IP addresses, the process fails with an exception 'An item with the same key has already been added'. |
| CADP-27094 | H | Problem: CADP for .NET Core High Availability does not support automatic failover if the primary server is unreachable. |
Known Issues
| Issue | Severity | Synopsis |
|---|---|---|
| PAN-3064 | L | Problem: The HMAC ComputeHash API throws an error when data is more than 4096 bytes in remote mode. Workaround: Use the GenerateMac API. |
| CADP-11503 | M | Problem: The Special characters '&' and '<' are not supported in the Passphrase property.Workaround: Encrypt the Passphrase using PassphraseUtility and set the Passphrase Encrypted property to yes. |
| CADP-14766 | M | Problem: Decryption of remote encrypted bytes fails on local mode for AES/GCM versioned keys. Workaround: To resolve this issue, you can use interOp parameter in the API. |
| CADP-15995 | M | Problem: Special Character '&', '<' , and '>' are not supported in AAD data in AES/GCM. Workaround: To resolve this issue, data encrypted through any other connector can be decrypted through CADP for .NET Core remote mode only. |
| CADP-14335 | M | Problem: Data mismatch occurs when running the sample application in Remote Mode on KeySecure with PA.Net and on CipherTrust Manager with CADP for .NetCore Workaround: To resolve this issue, run the sample application in Local Mode. |
| CADP-27133 | H | Problem: CADP for .NET Core will not switch over to the next CipherTrust Manager when the CipherTrust Manager for the session in ConnectionPool is unreachable for Crypto Operations. |
| CADP-27270 | M | Problem: Incorrect plaintext data while performing Decryption after Encryption with FPE/FF3-1 Card-10 Algorithm. |
Limitations
- For SSL connection, if multiple NAE servers are specified in the properties file, the Common Name/SAN must be same for all the server certificates. The
Hostproperty in the properties file only supports single value.
Compatibility Information
Supported Target Frameworks
- .NET 8.0
Supported Platforms
CADP for .NET Core is tested on the following platforms:
Windows Server 2022
Red Hat Enterprise Linux 8.0
macOS 13.3
Ubuntu 22.04
Key Manager
CipherTrust Manager LTS 2.11.x and higher versions.
Deliverables
This release includes the following components:
NuGet Package (CipherTrust.CADP.NETCore)
CADP for .NET Core samples are available on GitHub
