cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

PGP encryption: Private and public key

Go to solution
former_member232455
Participant

on ‎08-25-2015 5:39 PM

0 Kudos

Hello Friends,

I have one new requirement,file will get triggered from SAP and it is placing in PI NFS location. while picking, the file should be encrypt and it has to be reach receiver SFTP location,from there they(receiver is bank system)will use the PI generated decryption and send receiver will use that to decry-pt.

Quires:

1. In sender side for encryption  we need to write a module, for that from where we have to get that public key and private key?

2. for sender side encryption which key we need to use?

3. In my case receiver is bank system,so which key i need to provide them for decryption from their end?

Thanks,

Janardhan

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

former_member232455
Participant
‎08-26-2015 8:18 AM

Hi,

Thank you so much for your explaination, I have 2 more quiries.

1.If we use the bank pubilc key for encryption at sender side, we need to share our PI public key also to bank system? correct me if i am wrong.

2.in receiver SFTP adapter if we use Authentication method as private key, those details we need to mention our PI private key details?

Thanks,

Janardhan

Show replies
Show replies
former_member203641
Participant
‎08-26-2015 8:59 AM
0 Kudos

Hi Janardhan,

    

  1. If we use the bank pubilc key for encryption at sender side, we need to share our PI public key also to bank system? correct me if i am wrong.
    2.

          You are right



in receiver SFTP adapter if we use Authentication method as private key, those details we need to mention our PI private key details?

PGP is not related to that SFTP authentication method you are refering to. If you are using SFTP adapter then you would have to create ssh key-pair and you would have to convert that in certificate and upload it in NWA which you would refer in authentication method of SFTP adapter. Also, for using SFTP key based authentication method you also have to share public ssh key with receiver system so that they can authorise it on their end.

Thanks,

Amit

Answers (3)

Answers (3)

former_member232455
Participant
‎08-28-2015 10:18 AM
0 Kudos

Hi All,

I have asked the receiver system to provide the pubilc key,but they have provided in HEX ID format,As per my understadning this format will not use in sender channel module.how can we get the exact pubilc key name for the HEX ID format?

Show replies
Show replies
former_member200386
Active Participant
‎08-28-2015 11:16 AM
0 Kudos

HI Janardhan,

You need to use PGP encryption module at receiver SFTP channel, AFIK standard SAP PGP module bean doesn't support HEXA ID format.Please refer below link.

Configuring the Encryption PGP Module - SAP NetWeaver Process Integration, secure connectivity add-o...

Thanks,

Pavan T

Former Member
‎08-28-2015 4:16 PM
0 Kudos

Yes, you can!

Just download a PGP program like GNUPG (http://www.gpg4win.de)

With the supplied windows tool called "Kleopatra" you can import the public key and export it in ASCII armored mode.

Of course there's also a command line tool and distributions also exist for linux - but that's the easiest way.

Former Member
‎08-25-2015 6:40 PM
0 Kudos

Hi Janardhan,

to use PGP functions, you can use SAP's secure connectivity add-on: http://help.sap.com/nw-secure-connect104

If you have the standard SFTP-Adapter installed, you already got this module as well.

Then, you can use the module localejbs/PGPEncryption to encrypt your file.


There are several parameters that you can use explained here: Configuring the Encryption PGP Module - SAP Process Integration, secure connectivity add-on Configur...


You can read a long description here: http://scn.sap.com/community/pi-and-soa-middleware/blog/2013/03/27/pgp-and-sftp-faq-sheet


Simple PGP-Encryption works like this:

  • The receiver generates a key pair (that would be your bank system)
  • The private key is secured with a password, stays on the receiver system and is used for decryption - Parameter "Own private Key" when decrypting
  • The public key is passed to the sender system and used for encryption - Parameter "partner public key" when encrypting


The other parameters are described quite well in the SAP documentation above.


Optionally, you can and should "sign" your file.

That makes sure, that the encrypted file really comes from the dedicated sender.

  • For this, you need another key pair generated on the sender system
  • The private stays on the sender and is configured as "own private Key" when encrypting
  • The public key is copied to the receiver and used as "partner public key" when decrypting


Regards, Heiko

Show replies
Show replies
asdasd_asdasd
Active Participant
‎08-25-2015 6:28 PM
0 Kudos

1. In sender side for encryption  we need to write a module, for that from where we have to get that public key and private key?

You can use the standard module


2. for sender side encryption which key we need to use?

Public key of bank system ( in this way, he will be the only one who can decrypt the data )


3. In my case receiver is bank system,so which key i need to provide them for decryption from their end?

The bank must generate a public and private key, they must save the private and the public to send you


Please check this How PGP works

Show replies
Show replies
Ask a Question