Application Development Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Showing results for 
Search instead for 
Did you mean: 

Decrypting XML Data By Standard SAP ABAP Module

Former Member
0 Kudos

Encrypting / Decrypting XML Document by DES Symmetric Crypt algorithm.

Logic : PI server will receive the Information ,Encrypt the Data and send the Data to ERP . From ABAP we have to Decrypt the XML Data and store it. This Decrypt should take place with the Standard ABAP program.

The Following Steps been carried out .

1.SAP CRYPTOGRAPHY Library Installed in the ERP .And all of the parameters been set.

2.Credit Card SSF Application been Created and DES-CBC algorithm been specified in the Encrypt Algorithm Field in SSFA transaction.

3.Private Address Book : .PSE file been created for the Credit card thru the STRUST Transaction.

4.For Credit Card , DES-CBC Encrypt algorithm been specified in the Maintenance of SSFVARGS table.

Open Questions :

1.While Running the SSF01 / SSF02 Programs , there is no field to specify or shows what algorithm been used for Encryption or Decryption.

2.The Output of the Envelope is Completely different than the output from Java Encrypt Program .

3.There is no field where we can specify the Private Key which will be used for Encrypt and Decrypt.

Required Information :

1.Where to specify the Keys for Encrypt and Decrypt.

2.How to Confirm that the SAP Standard Program uses the DES algorithm to Encrypt / Decrypt.

3.What is the Default algorithm been used by SAP Standards.

4.What is the Standard SAP ABAP Function to be used in order to Decrypt / Encrypt by the DES algorithm or any Symmetric Algorithm.

1 ACCEPTED SOLUTION

martin_voros
Active Contributor
0 Kudos

Hi,

SSF uses [PKCS7|http://tools.ietf.org/html/rfc2315] format to encrypt data. This format generates a random content key which is used to encrypt content and then it encrypt this key using public key of recipient. The recipient decrypts content key using her private key and then uses this key to decrypt content. Therefore the answer for the first question is you can't specify keys used by symmetric cipher. You can't see from the encrypted text what algorithm was used but the default symmetric encryption algorithm used by SAP should be DES in CBC mode.

I would suggest you to use PKCS#7. Implementing crypto is really hard so I don't suggest to simply use DES and encrypt content. One of the hardest part is key management. PKCS#7 solves this issue for you for free. So you need to find a Java library which can generate PKCS7 envelope (look for Bouncy Castle). The only input will be public key of your SAP system. How to decrypt PKCS7 in ABAP can be seen in FM CCARD_DEVELOPE.

Cheers

1 REPLY 1

martin_voros
Active Contributor
0 Kudos

Hi,

SSF uses [PKCS7|http://tools.ietf.org/html/rfc2315] format to encrypt data. This format generates a random content key which is used to encrypt content and then it encrypt this key using public key of recipient. The recipient decrypts content key using her private key and then uses this key to decrypt content. Therefore the answer for the first question is you can't specify keys used by symmetric cipher. You can't see from the encrypted text what algorithm was used but the default symmetric encryption algorithm used by SAP should be DES in CBC mode.

I would suggest you to use PKCS#7. Implementing crypto is really hard so I don't suggest to simply use DES and encrypt content. One of the hardest part is key management. PKCS#7 solves this issue for you for free. So you need to find a Java library which can generate PKCS7 envelope (look for Bouncy Castle). The only input will be public key of your SAP system. How to decrypt PKCS7 in ABAP can be seen in FM CCARD_DEVELOPE.

Cheers