Skip to Content
1
Former Member
Jul 15, 2014 at 03:19 PM

How to encrypt documents in ABAP

2400 Views

Hello, I hope someone can help me out (or at least give me a hint) with this problem.

I have a requirement to encrypt files to send them to an external application. This is the schema of my problem:

1- The envelop/encryption of the file consists of a symmetric algorithm, using a generated key

2- This generated key is encrypted with the public key(Asymmetric algorithm) of this external application (I have the respective certificate to do this).

3- All this information is sent respecting the PKCS#7 format. This means that I can use any algorithm for the encryption that is supported by this format, like AES-256-CBC, AES-128-CBC, etc...

Also, I was supplied with a sample code of this process. Is written in java, using bouncy castle:

public byte[] envelop(InputStream inputFile, InputStream certif)
throws IOException, CertificateException, NoSuchAlgorithmException, NoSuchProviderException, CMSException {

X509Certificate cert = null;

//obtiene los datos del archivo a encriptar 
int sizecontent = inputFile.available();
byte[] contentbytes = new byte[sizecontent];

inputFile.read(contentbytes, 0, sizecontent);
inputFile.close(); 

//obtiene el certificado de IB CertificateFactory cf = CertificateFactory.getInstance("X.509"); cert = (X509Certificate) cf.generateCertificate(certif); certif.close();
//Ensobra el archivo utilizando AES256_CBC con 128 bits String algorithm = CMSEnvelopedDataGenerator.AES256_CBC; int keysize = 128; // bits CMSEnvelopedDataGenerator fact = new CMSEnvelopedDataGenerator();
//agrega el certificado al sobre fact.addKeyTransRecipient(cert); CMSProcessableByteArray content = new CMSProcessableByteArray(contentbytes);
//encripta CMSEnvelopedData envdata = fact.generate(content, algorithm, keysize, "BC");
//devuelve el resultado byte[] enveloped = envdata.getEncoded();
return enveloped;
}

I found some information about the CMSEnvelopedDataGenerator.generate(), and effectively, it generates a random key.

Also, I found this link where it explains how to do this with OpenSSL. (search "CMS (RSA + AES)").

Is it possible to achive this with ABAP?

I had tried with the FM SSF_KRN_ENVELOPE, but it seems to not resolve my problem.

Thank you in advance.

Regards.

--

German Guzelj