Community
Application Development and Automation Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Read only

encrypt file on application server

Go to solution
Former Member

‎2006 Sep 15 7:31 AM

0 Likes
2,157

Hello,

we have several programs/transactions, which write plain text files in the filesystem of the application server. These files are transferred afterwards via ftp etc.

Now we want to encrypt these files with public key of the receiver before they leave the operating system. Is there a simple way to do this with SSF?

Thanks in advance for any input.

Richard

1 ACCEPTED SOLUTION
Read only

Go to solution
Wolfgang_Janzen
Product and Topic Expert
Product and Topic Expert

‎2006 Sep 15 8:04 AM

0 Likes
1,230

A similiar requirement was imposed by the German tax law (=> http://www.elster.de): encrypted transmission of (tax) data.

But: due to German export control regulations SAP is not permitted to ship cryptographic software with its products. However, once you've "promised" to comply with those regulations (=> you need to contact the SAP contract department via your local subsidiary) you will be enabled to download the SAPCRYPTOLIB (without any extra charges).

The SAPSECULIB (part of the shipment) allows only "harmless" cryptographic operations, such as digital signatures.

The SAPCRYPTOLIB (subject of export control, see above) offers a superset of functionality (compared with SAPSECULIB), particularly the capability to encrypt data.

The challenging part is the (public) key management. If you only have one single intended recipient (like in the ELSTER scnenario) the configuration is comparably simple. However if you have many potential recipients you need a more sophisticated PKI.

Regards, Wolfgang

5 REPLIES 5
Read only

Go to solution
Wolfgang_Janzen
Product and Topic Expert
Product and Topic Expert

‎2006 Sep 15 8:04 AM

0 Likes
1,231

A similiar requirement was imposed by the German tax law (=> http://www.elster.de): encrypted transmission of (tax) data.

But: due to German export control regulations SAP is not permitted to ship cryptographic software with its products. However, once you've "promised" to comply with those regulations (=> you need to contact the SAP contract department via your local subsidiary) you will be enabled to download the SAPCRYPTOLIB (without any extra charges).

The SAPSECULIB (part of the shipment) allows only "harmless" cryptographic operations, such as digital signatures.

The SAPCRYPTOLIB (subject of export control, see above) offers a superset of functionality (compared with SAPSECULIB), particularly the capability to encrypt data.

The challenging part is the (public) key management. If you only have one single intended recipient (like in the ELSTER scnenario) the configuration is comparably simple. However if you have many potential recipients you need a more sophisticated PKI.

Regards, Wolfgang

Read only

Go to solution
Frank_Buchholz
Product and Topic Expert
Product and Topic Expert

‎2006 Sep 18 8:39 AM

0 Likes
1,230

A simple way to encrypt files? Well, after solving the organizations aspects (getting the crypto toolkit, key exchange, SSF configuration) as described in Wolfgangs reply, you can use the SSF API to encrypt the data which you then store into the files. Use function SSF_KRN_ENVELOPE as described in the Online Documentation

<a href="http://help.sap.com/saphelp_nw2004s/helpdata/en/4d/bf6f77a2c5446a86e0152f1b309db6/frameset.htm">Secure Store and Forward Mechanism (SSF)</a>

and the

<a href="https://service.sap.com/~sapdownload/011000358700003611992003E/SSFProgrammersGuide.pdf">Secure Storage and Forward (SSF) Programmers’ Guide</a>

Kind Regards

Frank Buchholz

Read only

Go to solution
Former Member

‎2006 Sep 18 9:06 AM

0 Likes
1,230

Look at program "SSF02". There is encryption of files implemented. You could use this for your basis of development.

Please be aware to export your files in UTF-8 !!! That prevents a lot of trouble when transferring files afterwards

Read only

Go to solution
Former Member
In response to Former Member

‎2006 Dec 26 12:17 PM

0 Likes
1,230

Thanks for the tip about SSF02, Mumba Hasa!

Read only

Go to solution
Former Member

‎2015 Jul 23 10:57 AM

0 Likes
1,230

have any one worked on this in the recent times, I got a requirement to encrypt a interface file generated by a custom program before downloading it to the application server. Similarly need to

DE-crypt  a file before we load it to SAP.

Please suggest a way to do this