Integrating PGP encryption in SAP

Former Member · ‎10-06-2010

Hey Friends,

I am working on a banking project.

The requirement of this project is tht i have to extract contents from different table into a notepad file and store it into a server depending on certain selection criteria.

i am able to do tht. Bt as it is related to bank v hav to encrypt this file after it is extracted using PGP encryption and keep it in the server itself.

v hav the code ready for doin PGP encryption and v hav verified doin it through cmd prompt.

bt there is an issue of integratin it wit SAP.

v know tht v hav to use sm69 . bt in tht wht

'operating system command' , 'parameters' , 'additional parameters' values has to provided is an issue.

the value that v have provided in

'operating system command' - path where .pgp file resides (which is used to encrypt)

'parameters' , 'additional parameters' -> v hav kept blank.

IT gives us an error:

Can't exec external program (Unknown error)

WaitForSingleObject failedwith %d (No such device or address)

v r usin the function module 'SXPG_COMMAND_EXECUTE' in our ABAP code

Can anyone help?

Former Member · ‎10-06-2010

I had a similar requirement where the PGP software was installed on UNIX server. I did an OS command call from ABAP and it works fine. I used the below PGP command to encrypt the raw file.

CONCATENATE '/opt/pgp/bin/pgp -ea --input' v_name '-r' v_key '-o' v_filename

'--input-cleanup wipe'

'--encrypt-to-self'

INTO v_unixcmd

SEPARATED BY space.

CALL 'SYSTEM' ID 'COMMAND' FIELD v_unixcmd

ID 'TAB' FIELD t_sys_tab-SYS.

Here v_key is the encryption key for PGP. v_filename is the output filename, v_name is source file name. The parameter '--input-cleanup wipe' removes the source file after the encryption is successful and it is optional. The parameter 'encrypt-to-self' is also optional.

I hope this helps.

Former Member · ‎01-23-2013

Hi

I am having similar kind of requirement.

I want to encrypt the .txt then write encrypt file in unix folder.

So this PGP software which used is third party/ by default we get in ECC 6.0 ??

and after installing the PGP s/w when ever creating command in SM69 what is the command we have to use.

Can you please explain.

Thanks inadvance for your valuable time.

Thanks,

Santhoshi.

Former Member · ‎01-24-2013

Hi Santhosh,

In the below code 'COMMAND' is created by using SM69 ??

If yes what is the external command you are passing in the SM69 and also

t_sys_tab-SYS means ?

CALL 'SYSTEM' ID 'COMMAND' FIELD v_unixcmd

ID 'TAB' FIELD t_sys_tab-SYS.

can you please help me in understanding this.

Thanks for your time.

Regards,

Santhoshi.

Former Member · ‎12-18-2013

Hi Ankit,

We have similar requirement in which we need to encrypt an txt file (PGP encryption).

I have written an ABAP program
which fetches data from R/3 (PA, OM and Payroll data) and creates a semicolon
(;) separated text file on application server. As the data in text file is
confidential, user wants PGP (Pretty Good Privacy) encrypted file on
application server.

As I have not done this before,
could you please help me on this??

Appreciated if you tell me step
by step procedure after fetching data from R/3 system.

Former Member · ‎12-18-2013

Hello Ronak,

I was able to encrypt the .txt file.

we have to do below steps to encrypt the file.

I.Basis team has to Install PGP s/w on UNIX server

2.Create OS commnads encrypt/decrypt from SM59

3.Call encrypt command from using the FM

concatenate 'filename' '-r' 'publickey of ur vendor to whom u want to send the file' into v_input separated by space.

*Encrypt File with TMO Public Key.

call function 'SXPG_COMMAND_EXECUTE'

exporting

commandname = 'ZUNIX_COMMAND_EN' "SM69 Unix command"

additional_parameters = v_input

operatingsystem = c_os

importing

status = e_status

exitcode = e_exitcode

tables

exec_protocol = t_result.

I hope this will help you. Let me know if you need more info.I will be more happy help you.

Former Member · ‎12-19-2013

Hi Santoshi,

Thank you so much for helping me out. I have more doubts in PGP encryption. I hope you will help me on this.

End user has shared a encryption key with me.. I am not sure how to use that key (its a MS publisher file) to encrypt the file.

Could you Please please help me? Appriciated if you could share the step by step procedure for PGP encryption of a flat file (After fetching data from R/3)

Thank You.

Kind Regards,

Ronak.

Former Member · ‎12-20-2013

Hi Ronak,

Yes you can encrypt the file using enduser public key.

As I mentioned earlier.

Step1: Install the PGP S/W R/3 Application server

Generally this step done by Basis team

Step2:Then they has to maintain the Key Ring(with Enduser Public key)this step also done by basis team.

Step3: Create OS command for the Encryption from SM69

How to create SM69 commands can follow below link

PGP File Encryption, Decreption using SM 69 in ABAP

Step4: After execution of your program you can download the flat file in UNIX folder

transaction AL11 ex folder:usr /sap/tmp....

code for download file unix folder

OPEN DATASET filename FOR OUTPUT IN TEXT MODE ENCODING

                                   DEFAULT.

IF sy-subrc <> 0.

    RAISE FILE_NOT_FOUND.

    EXIT.

ELSE.
    LOOP AT data_tab.(This internal table has all the data you want to send it to enduser)

      TRANSFER data_tab TO filename.

      IF sy-subrc NE 0.

        RAISE TRANSFER_FAILED.

      ENDIF.

    ENDLOOP.

ENDIF.

CLOSE DATASET filename.

step5: then end of the program call FM SXPG_COMMAND_EXECUTE with the Encrypt command you created in SM 69

Sample code

concatenate '/usr/sap/tmp/samplefile.txt''-r' 'enduser public key' '-o' 'unix file path where you want to encrypt file '/usr/sap/tm1' into v_input separated by space.

into v_input separated by space.

      call function 'SXPG_COMMAND_EXECUTE'

        exporting

          commandname           = 'ZUNIX_COMMAND_EN'   "unix command created in SM69

          additional_parameters = v_input

          operatingsystem       = c_os

        importing

          status                = e_status

          exitcode              = e_exitcode

        tables

          exec_protocol         = t_result.

if e_status eq 'O' and e_exitcode EQ 0.

write 'File encryption success'

else.

write'file Encryption Failed'.

endif

Step6: If you don't give any encrypt file explictly in your path.It will create encrypt like this

/usr/sap/tm1/sample.txt.pgp

Step7: From the unix folder you can send the file to end user.

This is approach I have followed in my scenario. I hope this will help you at some extend.

Let me know if you are not clear at any point.I will be very happy to help you.

Regards,

Santhoshi.

Former Member · ‎04-28-2014

r u solved the issue ,i am also facing same issue,please help me and share help full coding

Former Member · ‎04-28-2014

Hi Ronak,

command line in sm69

i am getting error message from finction module 'SXPG_COMMAND_EXECUTE'

Can't exec external program (No such file or directory) External program terminated with exit code 1

External program terminated with exit code 1