ECC Assymetric encryption

Hi friends.
I want to perform assymetic encryption using ECC.
does any one have any link for any ECC Provider
or any ecc java implementation ?

Thanks euxx.
But there is only ECIES which is a symmetric one.
Can you help me out how can i perform asymetric encryption using it ?
Please..

Similar Messages

Applets, JCE + bouncycastle

Hi all,
This post is concerned with whether it is possible for an applet to use the jce.jar file and bouncycastle.jar files so it can perform assymetric encryption using the algorithims they provide.
For an application its possible to place them in the lib/ext/ dir of the JRE, or place them on the classpath.
I felt this forum was the best place to post this query in hope of an answer
Thanking you in advance
the olde wizard

Okay maybe i'm being a bit dumb, here. its been a long day. But say I'm using IE on win98, where is its library? I've found its directory location C:\Program Files\Internet Explorer. But couldn't find any directory that resemblede a library, lib or java.
Thanks again for your help

Damn this cipher!!!

I first tried public/private keys generated by DSA for assymetric encryption buy using Cipher class. But that didn't work out and ghstark pointed out that sun doesn't support encryption with DSA and adviced me to try out RSA.
So I tried RSA and everything is woking out fine. But now i want to encrypt a key that is created by DH alogrithm. They ofcourse only create keys of size in the multiples of 64 from 512 onwards (duh!!). But this godforsaken RSA algorithm only accepts a maximum data size of 117 for encryption.
So wht do i do now???????
Is there any way to break up the key into blocks encrypt each block seperately and then decrypt and reattach all the blocks using the api( just a thought). or is there some other way.
confused and tired

ok i think i got it...
It should have been done earlier but i had a party to attend to.
What i did was take 112 bytes of the 226 byte DH public key and encrypt it with the RSA public Key. I did the same for the next 112 bytes and so on till i encrypted the entire 226 bytes and appended each encrypted block into an byte array.
For decryption i did the same but I used 128 bytes instead of 112 bytes block and decrypted with the RSA private key.
but i have a problem the resulting decrypted key is appended with zeros because of the encryption algoritm. The only way to get the completely correct key is to use the length of the original DH public key. Is there any way to solve this small problem...
Here is the code hope it helps someone....
plz test it too...
thnks
public byte[] encryptDecrypt(String type,byte[] data,Key secretKey) throws EncryptDecryptException
 byte cryptedCipherText[] = null ;
 BufferedReader read;
 try {
 Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
 System.out.println("Provider is-->" + cipher.getProvider().getInfo());
 int j = 0;
 int k=0;
 boolean flag = false;
 byte[] bufferedEncryption = null;
 if(type.equals("ENCRYPT"))
 cipher.init(Cipher.ENCRYPT_MODE,secretKey);
 j = 112;
 k=112;
 bufferedEncryption = new byte[k];
 else
 cipher.init(Cipher.DECRYPT_MODE,secretKey);
 j = 128;
 k=128;
 bufferedEncryption = new byte[k];
 int cipherlength = cipher.getOutputSize(data.length);
 System.out.println("data size-->" + data.length);
 System.out.println("cipher size-->" + cipherlength);
 cryptedCipherText= new byte[cipherlength];
 ByteArrayOutputStream cryptedTextBuffer = new ByteArrayOutputStream();
 int count =0;
 int i = 0;
 while( i< data.length)
 System.arraycopy(data,i,bufferedEncryption,0,j);
 System.out.println("sizeof bufferedencryption-->"+bufferedEncryption.length);
 cryptedCipherText = cipher.doFinal(bufferedEncryption);
 count+=cryptedCipherText.length;
 System.out.println("Length-->"+count);
 cryptedTextBuffer.write(cryptedCipherText);
 System.out.println("i-->"+i);
 i+=k;
 bufferedEncryption = new byte[k];
 if(flag == true)
 break;
 if(i+k > data.length)
 j = data.length - i;
 flag = true;
 cryptedCipherText = cryptedTextBuffer.toByteArray();
 //cryptedCipherText = cipher.doFinal(data);
 } catch (InvalidKeyException e) {
 // TODO Auto-generated catch block
 e.printStackTrace();
 //throw new EncryptDecryptException("Invalid Key in encrypt/decrypt");
 } catch (NoSuchAlgorithmException e) {
 // TODO Auto-generated catch block
 e.printStackTrace();
 //throw new EncryptDecryptException("No such algorithm in encrypt/decrypt");
 } catch (NoSuchPaddingException e) {
 // TODO Auto-generated catch block
 e.printStackTrace();
 //throw new EncryptDecryptException("No such padding in encrypt/decrypt");
 } catch (IllegalBlockSizeException e) {
 // TODO Auto-generated catch block
 e.printStackTrace();
 } catch (BadPaddingException e) {
 // TODO Auto-generated catch block
 e.printStackTrace();
 } catch (IOException e) {
 // TODO Auto-generated catch block
 e.printStackTrace();
 return cryptedCipherText;
}just give the inputs as "ENCRYPT"/"DECRYPT", your data and the public key for encryption and privatekey for decryption.

How to handle HTTP-POST encrypted data for ECC Using proxy or RFC

I have a scenario HTTP-POST ->PI->ECC.sender is HTTP Post send encrypted data i need to handle the data and stored in to SAP ECC with out decrypt using PI .what should i take for receiver can i use inbound proxy or RFC and how can handle the encrypted data for decrypt.
Regards
Ravi

1. my sender is HTTP POST . what should i configure in sender communication channel in SAP PI .like SOAP or HTTP .What are the parameters i need to pass .
>>>
If you are on PI 7.3 and above, configure the HTTP AAE adapter - Configuring the Java HTTP Adapter on the Sender Channel - Advanced Adapter Engine - SAP Library
2.while using inbound proxy for encrypted data i need store the data in to table , the same proxy can i call another outbound service for decrypt same data.
>>>>
Yes you can always a proxy within a proxy.

Establishing ELSTER encryption in ECC 6.0

Hello!
I would like to set up the ELSTER encryption functionality in ECC 6.0.
Has some one experience, helpful information, technical steps (Tcodes), SAP notes for the following operations:
- establish ELSTER encryption
- establish Business Connector
- establish RFC-Verbindung
- establish electronic agency comunication
- to store settings for electronic agency comunication
- authorization
Thank you very much indeed!
Regards
Thom

Hi Thom,
Regarding establish RFC-Verbindung
http://help.sap.com/printdocu/core/Print46c/de/data/pdf/BCMIDAPIINTRO/CABFAAPIINTRO.pdf
establish Business Connector
http://www.thespot4sap.com/articles/SAP_XML_BC_Integration_Benefits.asp
For Tcodes
http://www.saptransactioncodes.com/l.html
Regards,
Kumar.

Encrypt data send from a non-SAP system to ECC.

Hi,
We are tryign to encrypt the credit card details send from web (non-sap system) via a xml file to ECC.
From Basis side, I have exported the public key from the ECC for the web server to encrypt the CC details while sending via xml.
The external web consultants encrypted the cc detail with the public key and send it via xml but that was not able to decrypt at the ECC side.
The developers were using the FM 'CCARD_DEVELOPE'at ECC to decrypt the data in the xml file. It was saying SSF error: No data transfered.
Meanwhile SAP CryptoLib is installed and credit card encryption/decryption is working fine for CC details entered via GUI interface.
Is there anything I am missing out here to encrypt CC details send from a Non-SAP system to ECC.? Do we need to load the SAP cryptolib in the non-SAP system to ecrypt this data at the senders end. Or is there a alternate solution for this ?
We are in ECC6.0/RHEL/Oracle10204.
Appreciate your help.
Thanks

Hi Nelis,
Thanks for your reply.
This note does not get any information regarding encrypting data from a non-SAP system to SAp system.
I am looking setup/information for encrypting data from a non-SAP system to SAP system.
Thanks

Does JCE support the 163 bit ECC (Eliptic Curve) algo for the encryption

Hi,
I would like to know if SUN JCE package supports 163 bit ECC (Eliptycal Curve) encryption scheme for encryption/decryption using cipher class?
Thanks,
Shirish

AFAIK, no, it is not supported. Could be supported by one of the other encryption packages though.
- Daniel

SAP Personas using SSO to connect SAP ECC

Hi,
We configured SAP Screen Personas test landscape.
When I launch the mainapp page, the system is prompting for user credentials.
Then I get "System Selection" screen where the system I have configured (SAP ECC).
When I click on system backend, an new popup ask for user and password (SAP ECC credentials).
We are trying to understand if it is possible configure SSO to access ECC backend.
So, the ECC backend credentials will not be required anymore.
I am not sure if it is possible this configuration.
According SAP note 1684886 - License conditions of SNC Client Encryption, I think this scenario requires additional license.
Any help to resolve this is highly appreciated.
Best Regards,
Leonardo.

The project requirement is avoid the user can log in with SAPGUI and run the standard transaction.
So, the user can log in only with SAP personas user/password and run the transaction on backend with a modified screen with the restrictions of authorization roles.
Regards,

Active Hardware Key is missing in ECC 6.0

Hi All,
I have an issues with my ECC 6.0 system. Once I restart my application server due to hardware maintenance. Since that time, I can't logon to my ECC 6.0 except in client 001 with user SAP*. I found in transaction SLICENSE that my active hardware key is missing...
Could anyone help me with this problem ??
Rewards points will be give to you who could solve this problem.
Thank you..

Dear,
Do you have a license installed ? (check the slicense status)
You may request a new license in SAP Service Marketplace at http://service.sap.com/licensekey
Please note that as of Web Application Server ABAP 7.0 the license keys are digitally encrypted. Therefore you must request a new license key for your existing or new system if you are using a SAP product based on Web AS 7.0. Request your digital encrypted license key with license type standard and install it as described in SAP note 870871.
I hope this helps,
Lucio Rodrigues

SAP ECC 6.0 / Active Directory Password synchronization

Hello,
We have a need to synchronize our users Windows passwords (AD) to our SAP systems (ECC 6.0, BW 3.5, and SCM 5.0). We do not use CUA and currently do not use a Portal and are not looking at doing SSO. We simply want to have one repository (AD) that will manage passwords for our Windows apps as well as our SAP systems. So far, we have not found a way to do this. SAP Note 603208 says this kind of synchronizing is not possible due to encryptions, among other things. However, we did find a white paper that stated the following:
~snip
The Management Agents delivered with MIIS generally support password management: they can take a password from some source (either from a user password change from the Windows interface, or from a self-service web-based password reset interface) and can set the same password in the various connected systems. The Management Agent developed by Oxford is no exception. To change a password in an R/3 System the Susr_User_Change_Password_Rfc function can be used, but this is only possible if the old password is known and the SAP system allows the password change for this user. In cases where the old password is not known (for example the setting of an initial password) the password can be reset using the BAPI_User_change function.~snip
Does anyone have any information on how we can achieve the password synchronization between Active Directory and Abap-based SAP Systems?
I very much appreciate your time and help.
Paul

Paul,
You can achieve this using "common authentication". Since Active Directory uses Kerberos, if you allow your SAP systems to support Kerberos authentication as well, then you will be able to logon to Windows workstation, and use the Kerberos credentials issued by Active Directory during this logon to log the user onto SAP.
This is common, and easy to acheive. You need to use the SNC capability which is provided in SAP GUI and also in SAP ABAP engine, and you also need a GSS-API library for both workstations and for the SAP servers that implements the Kerberos protocol. If your SAP server is running on Windows Servers then you can get this GSS-API library from SAP, but if (like many companies) you are running SAP ECC, BW, SCM etc. on UNIX or Linux servers then you need to license a third-party product which provides the GSS-API library etc. I represent a vendor (CyberSafe) that provides this exact product, but you can also find other vendors by looking on SAP partner website, under SNC certified products list. If you want to find out more about our product, please ask me offline by getting my email address from my business card.
I hope this helps. Of course, if there are any questions for me related to this which are appropriate for public viewing then please ask them via this forum instead of via email.
Regards,
Tim

How to encrypt/decrypt 4 character field in ABAP?

Hello SDN Community,
I have done extensive searches before posting this. Have even explored fuction modules FIEB_PASSWD_ENCRYPT/DECRYPT. Even looked at SSF Developers Guide - chapter 4. The FIEB function modules were dead-end. SSF looks like it concerns securing of documents or files. Talks about certificates.
I also looked at the SSF_BASE64_ENCRYPT/DECRYPT function modules on my system, which is ECC 6.0. Wasn't sure if they could be used on a stand-alone basis, plus I couldn't find any documentation about them.
I only want to encrypt, and then decrypt, the values in a 4 character field.
 eg- DATA: MYFIELD(4) TYPE C.
Is there an ABAP function module, or coding example, that would demonstrate this?
Or possibly I overlooked something in the information that I have already found?
Thank you,
Dean Atteberry.

Hi Morten,
I would recommend reading the comments to the blog as well, as there would not be much difference between a 4 char field and...
*-- check string-to-string algorithms
string_in = 'Au weia, der Hahn legt keine Eier'. "#EC NOTEXT
string_out = test_object->encrypt_string2string( string_in ).
string_expected = 'AQYRHTFUERodER9UABMRGFQaHBU8VAYREFRYFR0RA1QBNQ=='.
if string_out <> string_expected.
 result = abap_false.
 return.
endif.
...if the result can be expected (in any SAP system) or easily reversed.
But it might fullfill a requirement for obfuscation, which is what I was asking as well.
Cheers,
Julius

SRM SUS to ECC throgh PI

Hi Experts,
I need to develop a scenarion from SRM SUS to ECC through PI.My Requirement is From SUS the invoice is encrypted in a PDF format, PI will decrypt that and pass the data to ECC.(This is the reqirment).
MY concerns are: 1. Which scenario i need to develop in pi.
2. Is there any configuration settings are required in pi to convert encrypt to decry pt.
3. PDF to PDF scenario?
Can you please suggest me on this above requirements
Warm Regards,
Bala.

Hi Ranjan,
As of now without Ehp1, vendors are replicated to backend MM systems using a PI scenario "Supply_base_management".
And you are right, from Ehp1 vendor replication will be handled as you mentioned and ECC Ehp4 will support that.
Nikhil

Determining HOOK_URL for ECC 6.0

Hi Experts -- I am on ECC 6.0, we do not have SRM, etc. How do I determine what the value should be for the Hook_URL? I saw some SAP documentation that suggested leaving it blank but that seemed to be for SRM and does not work in my case.
Thanks
Doug

Hi Doug,
The value of HOOK_URL should be kept as Blank and the Type should be 4-Return URL.
Below is the help text of field Type.
Type 4 (return URL)
The name of the return URL is dependent on the catalog. You must not fill the Contents field since this field is determined dynamically and transferred when the catalog is called.
Note
You have to maintain all catalog-specific call parameters before the
entry with type 4. The four named SAP internal parameters have to follow the
entry with type 4:
Name
Contents
Type
HOOK_URL
4
~OkCode
ADDI
2
~Target
_top
2
~ForceTarget
Yes
2
~caller
CTLG
2
The return URL is transferred in encrypted form.
Best Regards,
Anil

Encrypting SSN Field as part of Legal Requirement

Hi Members
There are 2 legislations that govern Encrypting of Personal Information data especially SSN Numbers : 1) Sarbanes-Oxley, Section 404 & 2) SB 1386 of California. Both of these are focused on ensuring that the confidentiality of customer information is preserved. To comply with these regulations the SSN information being stored in vendor Master and other system areas in SAP needs to be encrypted . Around this requirements I have few questions
Has SAP has solution for this?
Has anyone developed any Custom Solutions implemented to comply with these Regulations of Personal data ?
If you go about doing Encryption similar to the one used for Credit Cards ( PCI Standards) for the Vendor master Field LFA1-STCD1, this field length needs to be increased from 16 to 26 or more. Has some one has experiences or faced issues while implementing this change ?
Would appreciate if some one could share their Expertise / experience around these requirements and how they have handled that in their SAP Systems
Thanks

hi,
According to me you can enhance the 0Material_attr to bring the required information from ECC.
But before enhancing anything ask func consultant or business below ques.
1) will these unit entry will get created in MARM for any material at the creation of material or it will get updated later on
2) will this unit value get change for any material during its entire life
If any of above que ans is yes then how wud u manage in transaction data if unit get changed.
For that u need to apply feedback concept in transaction dso.
Regards,
Ashish

PGP encryption and moving of a file from one system to another

Hi All,
Could you please provide me the necessary information in setting up the below jobs in Redwood CPS.
a) How can i do pgp encryption to a file in a SAP system?. Could you please provide me the necessary steps.
b) How can i do pgp encryption to a file in a non SAP system?. Could you please provide me the necessary steps.
b) Can i move a file from one SAP system to another SAP system(example ECC to BI)?. If so, could you please provide me the necessary steps.
c) Can i move a file from a SAP system to a Non- SAP system?. If so, could you please provide me the necessary steps.
d) Can i move a file from a Non-SAP system to another Non- SAP system?. If so, could you please provide me the necessary steps.
e)How can i ftp a file and move it to a different network?. Could you please provide me the necessary steps.
Thank you in advance.
Thanks and Regards,
Ramana

Hi Ramana,
a) You have a file in an SAP system that you want to encrypt, I you have the full path to the file, you can create and use an appropriate external command to perform the encryption, unless you know of an ABAP program to do that. Once you know which option you have, you can either schedule SAP_AbapRun to run the ABAP to encrypt the file, or SAP_ExternalCommandRun if you have an external command defined for the process.
b) On the target system, you install a platform agent (license required) and check which command you have for pgp encryption. On Unix, you would use gpg. Simply create a BASH job definition with a String parameter named File and fill the following source: gpg -e -u `whoami` -r [email protected] <${File} > $File"_encrypted"
b2) Talk to your SAP Basis team, you could use SAP CTS/STMS for that, you could integrate that into CPS
c)I imaging the file is an output of an ABAP program ? Run the ABAP program from within CPS with SAP_AbapRun, then the file will be on the CPS server, you can then copy the file to the target host, again, platform agents required on CPS system. You can use FTP, sFTP, SCP, NFS, CIFS (Windows share) whatever your platform requires.
d) Platform agents required on source system. Target system must have windows share/NFS/SSHD/FTP or whatever you could use for file transfers
e)Please see the documentation on jftp.
Regards,
HP

ECC Assymetric encryption

Similar Messages

Maybe you are looking for