Voltage SecureData Simple API 6.20 Released

3 months ago

Original Question: Voltage SecureData Simple API 6.20 Released by COEST

  SecureData Simple API 6.20 -- May 13, 2021

Features and Benefits:

Voltage is pleased to announce the release of Voltage SecureData Simple API 6.20. This incremental update adds several important new features, as well as bug and stability fixes. In addition, a security improvement adds a minor change to the Java interface.


Local Usage Data:

  • This release introduces an API that reports local usage data for Protect and Access operations performed by that application.

Enable/Disable CRL Checking:

  • Windows applications can now explicitly disable Certificate Revocation List checking. This is appropriate when an environment is unable to reach the CRL Distribution Point specified in the certificate. The default behavior (CRL checking enabled) is unchanged.

New Predefined Format:

  • A new built-in format, PREDEFINED::AUTO_FPE2, has been added. This is the FPE2 equivalent of the FPE1 predefined format AUTO: both formats create ciphertext that converts alpha characters to alpha characters (preserving case) and digits to digits, with all other characters from the plaintext passing through unchanged.

Java (JNI) interface change:

  • The data type of sensitive data passed to its methods has changed. In previous versions, authentication credentials and data to be protected were passed using the String class. Data stored using this class is immutable, increasing exposure to possible memory-scraping vulnerabilities. The JNI now uses the char[] class instead, allowing applications to explicitly overwrite the data once no longer needed.

Operational Details:

The Standard Delivery method for our software is electronic. New orders receive a link via email where the software can be downloaded, which is specific to the order.

Comment List
Related Discussions