Release Notes
Product Description
CipherTrust RESTful Data Protection (CRDP) solution provides RESTful webservices to protect sensitive data via wide range of data protection methods. CRDP is designed from the ground up to seamlessly fit with existing cloud-ready applications. It can be deployed as a docker container and performs wide range of cryptographic operations. It is easy to deploy, configure, manage, and migrate. CRDP allows enterprises to centrally configure their data-centric cryptographic policies in a reusable, human-readable way on the key manager, and to deploy data protection that fits within their native cloud deployment.
Release Description
CRDP is delivered as a standard Docker image and can be deployed in any Kubernetes environments or as a standalone Docker Container. This release includes support for new features.
Features
The following table lists the features introduced in this release and their compatible CipherTrust Manager versions:
| Feature | Description | Compatible CM Version |
|---|---|---|
| Luhn check | Enable the Luhn toggle to set the data format to Luhn. Refer to Creating Protection Policy for details. | 2.19 and higher |
| Metrics Labels in Performance Metrics | Metrics Labels allows you to filter by specific clients and applications. Refer to Performance Metrics for details. | 2.17 and higher |
| FF3-1 Algorithm | Provides support for FF3-1 algorithm. Refer to Supported protection methods and their specifications for details. | 2.17 and higher |
| Random2 Algorithm | Provides support for Random2 algorithm. Refer to Supported protection methods and their specifications for details. | 2.20 and higher |
| JWKS URL | CRDP supports JWKS, which means administrator can provide the JWKS URL through which the JWKS can be fetched and used for validation of the JWT. Provide the JWKS URL, Duration, Issuer, and Username location in JWT. Refer to JWKS URL for details. | 2.18 and higher |
| Username location in JWT | Specify the location of username in the JWT. Access Policy will be applied based on username in this location. Refer to JWT Verification for details. | 2.18 and higher |
| Prefix to identify the type of data being protected | Specify a user friendly name to help user identify the type of data being protected. Refer to Creating Protection Policy for details. | 2.16 and higher |
| Update in container behavior on graceful shutdown | When CRDP receives graceful shutdown signal: • The CRDP client will immediately stop listening to new requests and will be deleted from the single pane of glass in the CipherTrust Manager. • The CRDP server will shutdown and container will be terminated. Refer to Behavior on Container Shutdown for details. | 2.14 and higher |
Compatibility Information
CRDP 1.1.0 is compatible with the CipherTrust Manager 2.14 and higher versions.
Resolved Issues
There are no resolved issues in this release.
Known Issues
| Issue | Severity | Synopsis |
|---|---|---|
| CADP-16533 | M | Protect operation performed using FPE/AES fails for Chinese character set 4E00 - 9FFF. |
| CADP-20338 | L | Protect operation fails with no specific error message and returns a 404 HTTP status code if the key access is not provided to application data protection clients. |
