Release Notes
Product Description
CipherTrust RESTful Data Protection (CRDP) solution provides RESTful webservices to protect sensitive data via wide range of data protection methods. CRDP is designed from the ground up to seamlessly fit with existing cloud-ready applications. It can be deployed as a docker container and performs wide range of cryptographic operations. It is easy to deploy, configure, manage, and migrate. CRDP allows enterprises to centrally configure their data-centric cryptographic policies in a reusable, human-readable way on the key manager, and to deploy data protection that fits within their native cloud deployment.
Release Description
CRDP is delivered as a standard Docker image and can be deployed in any Kubernetes environments or as a standalone Docker Container. This release includes support for new features.
Features
The following table lists the features introduced in this release and their compatible CipherTrust Manager versions:
Note
Features with a compatible CipherTrust Manager version of "Future" are already supported in CRDP but require a future release of CipherTrust Manager. The specific version requirement will be documented here and in the official CipherTrust Manager release notes upon its release.
| Feature Description | Compatible CipherTrust Manager Version |
|---|---|
| Added support for AES/GCM algorithm in protection policy. | Future |
| Added an option to generate irreversible tokens; these tokens can't be converted back to their original value. | Future |
| Added provision to use randomly generated nonce in cryptographic operations. | Future |
| Added support to handle small input value in format preserving algorithms. | Future |
| Added support for DPoP bound access token in CRDP to authenticate client and securely access CRDP resources. | Future |
| Added provision to specify multiple protection polices in bulk protect and reveal. Follow the Bulk protect and Bulk reveal examples for details. | 2.14 and higher versions |
| CRDP can now listen to healthz/liveness probes and metrics on HTTP port (8080). Follow the below links for details: — Monitoring CRDP health — Performance Metrics | 2.14 and higher versions |
| Added support for all standard asymmetric JWT signing algorithms. | 2.14 and higher versions |
| Provision added to auto clean stale clients from single pane of glass. | 2.19 and higher versions. |
Compatibility Information
CRDP 1.2.0 is compatible with the CipherTrust Manager 2.14 and higher versions.
Known Issues
| Issue | Severity | Synopsis |
|---|---|---|
| CADP-16533 | M | Protect operation performed using FPE/AES fails for Chinese character set 4E00 - 9FFF. |
| CADP-20338 | L | Protect operation fails with no specific error message and returns a 404 HTTP status code if the key access is not provided to application data protection clients. For more details on key access, refer to Supported key types. |
