Digital Signature & Encryption of an output file

Hi to all,
I have the following requirement:
I need to digitally sign and encrypt a file generated by SAP. The receiver needs that the digital sign has been made with SHA1withRSA algorithms and the envelope with PKCS#7.
I read many articles about it, but still have a lot of doubts on what really I'm needing to perform the requirement. I already read all the threads in SDN.
My client gave me a .cer file.
I try to run the program SSF01, but i don't know how i have to use it.
My questions are:
1.- Do any have an example of the utilization of function's modules (function group SSFG)?
2.- How do i have to use the .cer file? Do I have to run transaction STRUST?
3.- Who must give me the public and private key?
Many thanks to all, any help or comment will be apreciated.
Regards,
Andrew83.
Moderator message - Moved to the correct forum
Edited by: Rob Burbank on Nov 16, 2010 10:29 AM

Taking up the requirement again (I had to resolved some production issues), I return to perform the test programs to get encrypted and digitally signed.
I'll comment you the news, so finally I'll can give thanks to whom corresponds. I would be glad, if i could mark this thread as "Answered" at the end.
Regards,
News:
OK, now I'm stuck. I'll give you a list of all the things (files, keys, certificates...) I have, and what I need to do.
Version of SAP 4.7 with SAP_BASIS and SAP_ABA Release 620.
Requirement:
1.- Sign an output file for payments with SHA1withRSA.
2.- Envelope with PKCS#7.
3.- This must be done in background mode, so the user doesn't interact with the signing. So I need to perform this in the application server. The problematic of including this on an exit, it's not a big deal, so i only wanted to create some test programs in the first place. 
The customer gave to me in order to perform this, the followings files:
1.- File "AAAA.cer" from the receiver, in order to envelope the output file. This I think is the public key of the receiver.
2.- Files "BBBB.crt", "BBBB.key" and "CCCC.pem" from the customer,
in order to sign the output file. This seems to be the private key of the customer.
Now, the questions I have are:
1.- Is there anything missing to perform the encrypt and the file signing?
2.- Do I have to use STRUST,  and How? I have already used it, but i think that in the wrong way. Do I have to create 2 PSE files, one for the signing and another for the encrypting?
3.- I read the help.sap, and found in some cases that the SAPSECULIB only works for signing, and not for encrypting. To Encrypt, do I need to install SAP Cryptographic Library?
4.- I cannot run report SSF01 succesfully.
5.- Do I Have to create a SSF Profile?
I'll really appreciate your help. I have been working with abap, since 2005, but this is driving me crazy.
Merry christmas for everyone who read my threads!
Regards,
Andrew83.
Edited by: Andrew83 on Dec 21, 2010 10:12 PM
Edited by: Andrew83 on Dec 21, 2010 10:21 PM

Similar Messages

  • SAP Digital signature solution in Invoice output PDF document

    Hi,
    We are trying to POC SAP Digital signature solution for Invoice output pdf document based on the OSS note 700495 implemengtation guide.
    - Defining the log structure and database table.
    - Defining signature single step and authorization group and assignment.
    - Completed the configuration steps including system signature with authorization by SAP user id and password.
    - Release strategy and Archiving NOT implemented for this solution as they are not required as of now.
    Checked the above settings using DSIG_BOOKING_EX sample program and the same executed successfully without any errors and we can see the result 'Signature process was successfully completed by user XXXXXX'. Also we can view the signature log in DSAL Transaction.
    Similar to the sample program code, Implemented the signature call in user exit ZXMCVU05(EXIT_SAPLMCS6_001) for Invoice output digital signature during VF01 create transaction.
    In the process signature call processed successfully but the output PDF document does not have any signature.
    Please let me know why digital signature NOT applied to invoice output pdf file. Is there any other process that need to be done?
    Also if you have implemented any similar solution, please provide me the details on the same.
    Thanks!

    Ritwika,
    Are the User Name and Password correct?  Is the User assigned to the SAP_XMII_User role in Netweaver?  On the iCommand's Security screen, is the SAP_XMII_User assigned as a Reader role?
    Have you checked the Netweaver log?  There may be more detailed information there.
    Kind Regards,
    Diana
    Edited by: Diana Hoppe on Mar 3, 2011 9:50 AM

  • How to go about Digital Signature/Encryption for Purchase Orders

    Hi
    We would like to send the Purchase Orders through E-Mail to suppliers in SAP. As per our legal department recommendations, we must implement the digital signature/Encryption mechanism in SAP prior to send the PO's through email.
    I have no knowledge about available features, configuration requirements in SAP and required decryption machanism from Supplier side.
    Appreciate, if you could share your expertise on the above requirements.
    System details:
    SAP : 4.7 (MySAP ERP)
    WAS: 6:20 (Netweaver 2003 Oct)
    Regards
    Kumar

    Guess these documents will be very helpfull..
    https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/55ba9790-0201-0010-aa98-ce8f51ea93cd
    https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/7f52fd28-0b01-0010-afb0-cc70884fa369
    https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/a09f3d8e-d478-2910-9eb8-caa6516dd7d9
    https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/1c51c590-0201-0010-ffbc-b2bef1c57385
    https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/1c51c590-0201-0010-ffbc-b2bef1c57385
    Reward points if found helpfull.........

  • How to add digital Signature Field in cfdocument pdf files?

    Hi,
    We are generating pdf files using cfdocument to populate values and wondering how we can add digital signature field in those pdf files. Any help or comments would be deeply appreciated.
    Thanks,
    hismail786

    Hi,
    Yes, we have options to add digital signature to the pdf. We have one attribute called "Permissions" in "cfpdf" tag. If we provide permissions = 'AllowSecure', then system would allow digital signature for that pdf.
    Please go though the docs for details info. I will post in details next.
    Thanks
    Chandrakant

  • Does LiveCycle Digital Signatures support unicode pkcs #12 file?

    I used Adobe Acrobat and OpenSSL to generated a unicode pkcs#12 file. Import to the Windows are all correct. But when I used for LiveCycle Digital Signatures, after signed, the one use Acrobat generated pkcs12 file signed only can show ASCII character,and other one used OpenSSL pkcs12 file to signed,signature character changed to  irrecognizable.

    These are two unicode pkcs #12 files. one created by openssl, another one created by Acrobat.
    I used this code to sign to the PDF file.
            try    {
                // This example will upload an XDP file to the LiveCycle Repository
                ServiceClientFactory myFactory = ServiceClientFactory.createInstance(LCCommonUtil.getConnectionProps());
                // Create a SignatureServiceClient object
                SignatureServiceClient signClient = new SignatureServiceClient(myFactory);
                // Specify a PDF document to sign
                FileInputStream fileInputStream = new FileInputStream(
                        "C:\\Applications\\pdfForms\\TestDigitalSign\\ConferenceReg_flatten_sf_added.pdf");
                Document credDoc = new Document(fileInputStream);
                // Specify the name of the signature field
                String fieldName = "SignatureField1";
                // Create a Credential object
                Credential myCred = Credential.getInstance("BLC_CHINA"); // LC Server: Local Credentials
                 System.out.println("******"+myCred.getSpiName());
                // Specify the reason to sign the document
                String reason = "The document was reviewed";
                // Specify the location of the signer
                String location = "New York HQ";
                // Specify contact information
                String contactInfo = "Tony Blue";
                // Create a PDFSignatureAppearanceOptions object and show date information
                PDFSignatureAppearanceOptionSpec appear = new PDFSignatureAppearanceOptionSpec();
                appear.setShowDate(true);
                appear.setShowReason(true);
                // Set revocation checking to false
                java.lang.Boolean revCheck = new Boolean(false);
                // Create objects to pass to the sign method
                OCSPOptionSpec ocspSpec = new OCSPOptionSpec();
                CRLOptionSpec crlSpec = new CRLOptionSpec();
                TSPOptionSpec tspSpec = new TSPOptionSpec();
                // Sign the PDF document
                Document signedDoc = signClient.sign(
                    credDoc,
                    fieldName,
                    myCred,
                    HashAlgorithm.SHA1,
                    reason,
                    location,
                    contactInfo,
                    appear,
                    revCheck,
                    ocspSpec,
                    crlSpec,
                    tspSpec);
                // Save the signed PDF document
                File outFile = new File("C:\\ConferenceReg_flatten_signed.pdf");
                signedDoc.copyToFile(outFile);
            catch (Exception ee) {
                ee.printStackTrace();

  • EDI - Digital Signature & Encryption (EDI-INT S/MIME)

    Colleagues,
    I need to transmit a formatted text file to a government agency using HTTP protocol (SMTP is not permitted) and for the life of me I cannot get this to work ... I can transmit fine but their server cannot decrypt my files. I must use multipart/signed with a syntax similar to this:
    Content-type: multipart/signed;
    protocol="application/pkcs7-signature";
    micalg=<hash symbol>;
    boundary="---------------------------9723347566394"
    ---------------------------9723347566394
    Content-Type: Application/edi-consent
    +<Formatted Text File/Object>+
    -----------------------------9723347566394
    Content-Type: application/pkcs7-signature
    Cryptographic signature of EDI Object and associated headers+
    -----------------------------9723347566394--
    I need to digitally sign the Format Text/Object with PKCS#7 and put the output of that in the section of "*Cryptographic signature of EDI Object and associated headers*". How can I do that? Digitally Sign the file and then open it in a text editor and cut and paste the ASCII text?
    Once I populate "*Cryptographic signature of EDI Object and associated headers*", I am then suppose the encrypt the whole file (headers and message body parts one & two) and then send it off via HTTP .
    Can anyone point me to a working example of this? Or shed some light on how to accomplish this. The technical document that they gave me is useless.
    Thanks in advance

    yvrMarc wrote:
    Thanks for your reply ... here is the technical document - starting at page 30
    [http://www.cbsa-asfc.gc.ca/eservices/cig-pid/cig-pid-eng.pdf]
    Sorry but I can't help. Though I could be wrong, this looks to be far too big a task to be handled through a forum. I think you need to hire a local consultant who has dealt with this gateway before.
    Since it contains a load of code to help with SMIME and PKCS7, a resource that might be useful to you is [http://www.bouncycastle.org/|http://www.bouncycastle.org/].
    Best of luck.

  • Digital Signature & Encryption for PDF

    Irrelevant Links. Please provide answer specific to question asked.
    Edited by: Bhavesh Kantilal on Feb 27, 2009 3:56 AM

    Hi,
    If the pdf documents have already been taken care by ABAP then let abap only take care of digitally signing it. Because i once a had a requirement of having to generate pdf as an output of XI and that involved ADS configuration and installation of sap self extractor for MFC application.Big headache...
    Digital signing and encryption of files from ABAP
    http://help.sap.com/saphelp_erp2004/helpdata/en/53/251a355d0c4d78e10000009b38f83b/frameset.htm
    Rgds
    joel

  • Digital Signature verification of a P7M file

    Hello folks,
    How do you guys verify the signature of such a file?
    thank you.

    Hello folks,
    How do you guys verify the signature of such a file?
    thank you.

  • Digital signature: How to sign a file ( algorithm SHA1withRSA )

    Hi
    I need create and sign a File. I need some example how to do that.
    I Found this functions:
    ssfSign ( to sign )
    ssfEnvelop ( to encrypt )
    Thanks a lot!
    Mariano

    check program SSF01
    regards
    Prabhu

  • Digital Signature in PDF output

    Hi
    When output issued in medium 5, output will be converted to pdf and send as an email attachment to the customer.
    This is the standard functionality.
    Can we add digital signature to the attached pdf file?
    Regards
    Uma

    Hi,
    Digital signature functionality is availble in ADOBE FORM and not in SMARTFORMS & SAPSCRIPTS.
    please cehck the link
    http://www.saptechies.com/digital-signature-for-form-16/
    thanks,
    santosh

  • Securing pdf document with digital signatures

    I have a pdf document that has digital signatures. We need to secure it so no one who has input their digital signature can go back in later, delete their signature and then 're-sign' it. But I get an error message telling me I can't secure the document because it has digital signatures.
    Is there any way to secure the document so only I can secure/unsecure it after digital signatures have been input?
    Thanks!

    You don't need to use document encryption to lock the PDF file. You can set the signature field properties to mark all fields as read-only at signature creation. Try this:
    Select the Tools > Toolbars > Advanced Editing menu item
    Click the Select Object tool on the Advanced editing toolbar (it's the arrow icon)
    Right mouse click on the signature field and select Properties from the pop-up menu
    Select the Signed tab on the Digital Signature Properties dialog
    Select the Mark as read-only radio button and All fields from the corresponding drop-down list
    Click the Close button on the Digital Signature Properties dialog
    Select the File > Save As menu item and save a copy (in other words, leave the original copy as is in case you find you locked yourself out of the document, that way you'll have a fall-back recovery option)
    Good luck,
    Steve

  • Excel 2013 crash - related to digital signature?

    This is a cross-posting of a thread originally started in Microsoft Answers (Office- Excel) forum, advised to post in this forum by MS support engineer Mohan Suryanarayan (link to other forum: here).
    I have a VB macro in file A (which otherwise contains only several Excel Tables with named ranges). My digital signature (for signing code) is attached to file A.
    As the macro executes, the Open file dialog is called up so that the User can select a secondary file to open (file B or C).
    Files B and C contain several sheets with formulas and Excel Tables, and also their own extensive VB macros. My digital signature is also attached to files B & C.
    The remainder of the macro in file A simply executes an update of the Excel Tables in the secondary file, before saving & closing it.
    I have been finding that during execution of the file A macro, Excel crashes and closes all open Excel files.
    If I remove the digital signature from the secondary files then the macro in file A executes with no problem.
    The macro was written in Excel 2007 and on a different laptop, with different digital signature, and used to have no problem at all. When a new laptop was purchased a new digital signature was obtained and placed into all of the files.
    Execution of file A is a critical process - I need help with stopping the crash, while maintaining a digital signature in the secondary files (so that their own macros can execute).
    Event Viewer error shows the following:
    Faulting application name: EXCEL.EXE, version: 15.0.4667.1000, time stamp: 0x543d366c
    Faulting module name: mso.dll, version: 0.0.0.0, time stamp: 0x5447696f
    Exception code: 0xc0000602
    Fault offset: 0x011aafdd
    Faulting process id: 0x2d58
    Faulting application start time: 0x01d01e17eafcd0bb
    Faulting application path: C:\Program Files\Microsoft Office 15\root\office15\EXCEL.EXE
    Faulting module path: C:\Program Files (x86)\Common Files\Microsoft Shared\Office15\mso.dll
    JL Latham replied:
    Tom, all I can give you is relatively non-information.  I haven't experienced that type of behavior even in Excel 2013 with digitally signed macros in multiple workbooks.  But my digital signature is a commercial one from DigiCert, not
    self-cert.  I'm not even sure what piece of Excel or Office processes the digital signature (that is, whether it is mso.dll or not).  But your whole process has more moving parts than most of mine involving multiple workbooks do - I quite often turn
    off .EnableEvents when doing things like that just so event driven macros in the other workbook(s) do not execute.
    Do the macros in the 'B files' have to execute during all of this processing in file A?  If not, have you tried turning interrupts off:
    Application.EnableEvents = False
    before starting to work with the B-files?  Maybe something in them, such as a Worksheet_Change() or other event triggered process is messing things up?
    If you do use  Application.EnableEvents=False, remember that you MUST re-enable that later in the code with Application.EnableEvents=True to get responses to things like button clicks, changes in a worksheet or other event driven processes
    to run 'normally' again.
    Have you looked at this discussion:
    http://answers.microsoft.com/en-us/office/forum/office_2013_release-excel/excel-2013-crashing-immediately-when-attempting-to/ea2ab100-5525-4a0d-a3cf-6977319f954f
    Sounds very similar to yours - original signature created in 2007, and crashing in 2013.  Some suggestions were made, but whether they fixed the issue or not is unknown: OP never came back and said "fixed it" or "didn't fix it".
    I replied:
    In answer, the secondary B files don't execute any part of their macros during the A file process, and I hadn't included an EnableEvents = False within the file A code. However, I have just tried it to check if it made any difference and unfortunately it didn't.
    I had read the thread you gave a link to before posting, and also the sub threads given within that one, but didn't see anything I thought of immediate parallel other than an Excel 2013 crash.
    The way I read the linked thread was that a User added a signature in Excel 2007 and when they tried to open the file Excel (2007?) crashes, although other people using Excel 2013 can open it (not clear whether it means others can open the one with
    the 2007 signature or without it).
    Anyway, the differences in my situation are that:
    (1) my B-files were originally created in Excel 2007 on a different laptop to current and had their own signature attached. I maintain a 'stock' of B-file versions, some of which have the old signature and some the new. If I run the A-file macro
    on one of the B-files with the old signature then it executes ok;
    (2) I am able to open the B-files ok, no matter whether the signature in them derives from the old laptop with Excel 2007 or the new laptop with Excel 2013;
    (3) the macros within the B-files execute ok (this includes any versions of the B-files which still have an old signature attached, by removing the old signature and replacing with the new and executing on the new laptop);
    (4) the offending operation which triggers the crash (when the B-files have the new signature attached) is a Resize of the Excel Tables within the B-file. I understand that I may eventually have to find a workaround for this operation but initially
    I want to sort out the signature issue (I'm reasonably sure the signature issue is not a red herring where the Resize is the 'real' problem).
    Regards, Tom

    Hi,
    According to your description, this issue occurred with some particular files that stored in SharePoint site. Did the user  download the file to local disk to print?
    Based on the event log >>Faulting module name: EXCEL.EXE<<, it does not show the root Faulting module. Thus, please try to follow this KB to do general troubleshooting:
    https://support.microsoft.com/en-us/kb/2758592
    Then, if you have used "printer status application", please go to Device settings -> Installable options -> Printer Status notification and select disable.
    If this issue still exists, we may need to collect the App crash dump file:
    https://technet.microsoft.com/en-us/sysinternals/dd996900.aspx
    You can try to analyze dump by yourself if you would like to:
    How to analyze app crash dump file:
    http://blogs.technet.com/b/askperf/archive/2007/05/29/basic-debugging-of-an-application-crash.aspx
    Regards,
    George Zhao
    TechNet Community Support
    It's recommended to download and install
    Configuration Analyzer Tool (OffCAT), which is developed by Microsoft Support teams. Once the tool is installed, you can run it at any time to scan for hundreds of known issues in Office
    programs.
    Please remember to mark the replies as answers if they help, and unmark the answers if they provide no help. If you have feedback for TechNet Support, contact [email protected]

  • Pro or Standard for digital signatures

    Do I need Adobe Acrobat Pro or can I use Adobe Acrobat Standard X to have digital signatures enabled for Adobe Reader file users.  So far, Standard X isn't working for the Reader files.

    You need Pro.

  • Digital signature help

    I have a created a PDF in Acrobat 8.0 that requires multiple digital signatures. I am emailing the file to the people and asking for their digital signature.  When I try to save the file with Person1's signature to a file with Person's2 digital signature, it deletes Person's1 signature and inserts Person2's signature. How can I save the file so both signatures are retained?
    I need help ASAP. It is driving me crazy.

    Hi,
    You can't merge signed files because it modifies the PDF layer which would break the signature. One of the limitations of digital signatures is they are serial operations, that is one signature follows the previous signature. You cannot do this in parallel and merger the contents into one file. You could put the multiple files into a single Package (later renamed to Portfolio in Acrobat 9) file, but each signed copy would still be a stand alone file attachment within the Package.
    The bottom line is, if you really need all of the different digital signatures in the same PDF file you need to send it to the first recipient, have them sign it, and then forward the file to the next recipient (or back to you).
    Steve

  • Unable to add digital signatures using Adobe LCES Digital Security

    I have tried running the Sample Java code to add digital signature fields and add signatures. I am getting errors. The log file shows:
    com/adobe/idp/Context
    Jan 2, 2009 4:00:14 PM com.adobe.livecycle.signatures.common.CommonBaseException logException
    SEVERE: ALC-DSS-300-000 Generic SignaturesBaseException (in the operation : addSignatureField)
    Caused By: com/adobe/idp/Context(EjbMessageDispatcher.java163)
    Caused By: com/adobe/idp/Context(Class.java-2)
    ALC-DSS-300-000 Generic SignaturesBaseException (in the operation : addSignatureField)
    Caused By: com/adobe/idp/Context(EjbMessageDispatcher.java163)
    Caused By: com/adobe/idp/Context(Class.java-2)
    com.adobe.livecycle.signatures.client.SignatureServiceClient.addSignatureField(SignatureSe rviceClient.java:342)
    apple.AddSignatureField.main(AddSignatureField.java:53)
    Caused By: com.adobe.idp.dsc.DSCException
    com.adobe.idp.dsc.provider.impl.ejb.EjbMessageDispatcher.doSend(EjbMessageDispatcher.java: 163)
    com.adobe.idp.dsc.provider.impl.base.AbstractMessageDispatcher.send(AbstractMessageDispatc her.java:57)
    com.adobe.idp.dsc.clientsdk.ServiceClient.invoke(ServiceClient.java:208)
    com.adobe.livecycle.signatures.client.SignatureServiceClient.addSignatureField(SignatureSe rviceClient.java:324)
    apple.AddSignatureField.main(AddSignatureField.java:53)
    Has anyone worked with the JAVA API to add digital signatures on to a PDF file using Adobe LiveCycle ES 8.2? If yes please let me know.
    - Ragha

    This was traced back to one of the ini files still having a folder name from the last instance installed (i.e. SERVER6).
    So it is fixed

Maybe you are looking for

  • HT1338 I updated my Mac computer, and now it wont let me open my mail.

    I downloaded the latest software for my computer, and now I have no access to any of my email accounts. Any suggestions?                                                               Keith

  • Miix 2 8 - Blue Screen of Death when accessing webcam(s)

    Hi Lenovo! I have a Miix 2 8". When I open one of the camera apps, the device can lock up and bluescreen, with the BAD_POOL_HEADER error. This happens once in a while. I have the automatic mini memory dump (C:\Windows\minidump) when it happened, I ca

  • Bluetooth paired and connected, but not showing up in device list

    I have a iphone 4s and a plantronics discovery 975.  It was working fine, I don't recall doing any updates...  But now, it's showing paired and connected, but when I make a call, it's not connecting and doesn't sho up in the the device options - only

  • Problems Configuring Application Server 10g R2

    Í'm trying OAS 10gR2 and came upon what I believe is a configuration error, when I try to run a form that uses webutil and jacob to read a file, I get the following message in the java console: 2006-ago-02 15:40:10.312 ERROR>WUO-714 [OleFunctions.set

  • C project in labview

    Hello, i have one project developped using c code, this project is composed with 4  .c files ( each one with its .h file), in the 5th file i have the main()  function with other functions, before asking here , i have been reading this http://www.ni.c