Application Development Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Archivelink Signature Public Exponent

Go to solution
former_member400810
Explorer

‎04-10-2015 10:16 AM

0 Kudos

Hi guys,

I am trying to generate a certificate for signing the URL for the Archivelink interface.

The documentation stated that the public exponent has to be equal to (2^16)+1.

Does anybody know how important that condition is? The reason I am asking is that it is easy to create an RSA key with a given exponent but it is either not possible or not that simple in case of DSA key.

I haven't explored all the possibilities for this but my preliminary attempts at it were producing invalid keys that failed during signing or verification.

Is it a requirement that the 'y' value (public key exponent) of DSA parameters must be equal to 2^16 + 1, and if so are there any inputs for the other DSA parameters like 'p', 'q', and 'g'?

kind regards

1 ACCEPTED SOLUTION

Go to solution
mvoros
Active Contributor

‎04-12-2015 12:43 PM

0 Kudos

Hi,

it seems to me that the documentation is misleading. There is no parameter in DSA called public exponent. I believe that 2^16 + 1 is a prime number so I guess that they are talking about parameter q. You could verify this generating a private key in Archivelink and exporting it. Inspecting the file should give you an answer for your question. Anyway, seeing key length 1024 and MD5 does not radiate confidence.

Cheers

5 REPLIES 5

Go to solution
mvoros
Active Contributor

‎04-12-2015 12:43 PM

0 Kudos

Hi,

it seems to me that the documentation is misleading. There is no parameter in DSA called public exponent. I believe that 2^16 + 1 is a prime number so I guess that they are talking about parameter q. You could verify this generating a private key in Archivelink and exporting it. Inspecting the file should give you an answer for your question. Anyway, seeing key length 1024 and MD5 does not radiate confidence.

Cheers

Go to solution
former_member400810
Explorer
In response to mvoros

‎04-13-2015 9:58 AM

0 Kudos

Hi,

thanks for your answer.

I am trying to export the private key in SAP GUI. Can you please explain how I can export the private key? I found the transaction STRUST, but didn't see any possibility to export the key.

Cheers

Go to solution
mvoros
Active Contributor
In response to mvoros

‎04-14-2015 6:57 AM

0 Kudos

I do not have access to any system at the moment but if you see a cert that is used for signing by Archivelink then you should be able to export it from STRUST. Please check SAP doco.

Cheers

Go to solution
MichaelShea
Product and Topic Expert
Product and Topic Expert
In response to mvoros

‎04-15-2015 9:09 AM

0 Kudos

This procedure explains how to selet a certificate:

Selecting Certificates - System Security - SAP Library

After selecting you can export it. The following procedure explains how to import a certificate, select it, and export it to the database, for example:

Adding a Certificate to the Database - System Security - SAP Library

Go to solution
former_member400810
Explorer
In response to mvoros

‎04-15-2015 2:51 PM

0 Kudos

Thanks, I managed to export the certificate.

I am trying to extract some information from the certificate.