Encrypt target file with GPG
Hi,
I need to encrypt a target ftp file with GPG and i think that calling an os script (remote) could serve.
But i dont know if that's the best solution.
There is any other way to do that?
Thanks in advance,
Carme
Hi Carme,
If you are looking for a tool for PGP ,you can have a look at the links below
http://www.aedaptive.com/index.php/solutions
http://www.aedaptive.com/index.php/solutions/pgp-for-sap-netweaver
If you are planning to develop adapter module or want to evaluate which one is better ,please refer following posts .
/people/dijesh.tanna/blog/2008/09/15/sap-pi-integrating-macafee-e-business-server-with-sap-pi-70-for-pgp-encryptiondecryption
Encrypting a file using PGP
Thanks,
Similar Messages
-
Want to decode PGP encrypted edi files with oracle soa b2b 11.1.1.6.0
I am working on a scenario where the trading parter(TP) will publish the edi to our FTP server. These edi files are encrypted using PGP software( we have to provide them our public key for this).
I have never worked with encryption\ decryption before, but I understand the theory of cryptography.
Question 1: Can we install PGP on top of soa 11g server and configure the b2b to decode the file using our private key.
Question 2: If SOA 11g server do not support PGP, then shall i install PGP at the FTP server, and use java to decode the file(using the private key) to a new location and B2B can pick the decode file from here.
These are two strategy I have planed, please guide me which one is feasible\best , and if you know the steps to implement please do share it with me.
Thanks in advance.
Syam
Edited by: user12196358 on May 10, 2013 4:28 PMBoth options are feasible but for option#1 (PGP decryption at B2B/SOA), you have to write a java callout. B2B/SOA 11g does not support PGP out-of-box but it can be achieved using java callout. I would prefer option#2, personally as in this case, PGP decryption will be done out of SOA/B2B and hence it will be hot pluggable (can be removed in future, if required, without modifying SOA/B2B configuration).
Regards,
Anuj -
PDF file transfer writing target file with the same source file name
Hi to all,
I want to transfer a PDF file from a SOURCE folder to a TARGET folder. My problem is that I want the target pdf file has the same name of the source pdf file. How can I do this? I have to look for some parameters in the sender or receiver channels?
Thanks to all.Hi Gabriele,
If you want to FTP the pdf file from source to target directory, use this blog. It doesn't require any IR devlopment.
/people/william.li/blog/2006/09/08/how-to-send-any-data-even-binary-through-xi-without-using-the-integration-repository
Also, In sender and receiver comm channels select "Set/Use Adapter specific message attributes" and "File Name" to get the same file name in the target directory.
Regards,
Sreenivas -
Unable create a target file with the same name
Hi,
I have to pick an attachment from a web service and place the attachment in
a folder, with the same name (Attached File Name). I tried this using SOAP to file
scenario. Using SOAP, I'm able to get the attachment inside PI with the same
name, but not able to generate the file in the receiver end.
Please let me know if this is possible or else is there any other way to do
it.
Regards,
Deepak RaviCheck also:
Combining three different aspects of PI (ASMA, AF Module and variable substitution) in one shot
Dynamic Configuration vs Variable Substitution - The Ultimate Battle for the File Name
Regards -
Using Java to encrypt files with RSA
Hi
I thinking of creating a javaprogram that encrypts my
files with RSA Cryptography.
Does anyone have some hints on what methods that
can come in handy?
I saw in the API that there are som methods relating this
like the interface RSAPublicKey, RSAPrivateKey from
the superinterface RSAKeyBut I could not find anything about some method to encrypt with
the keys...
help me please :(Is your Google broken? Just a few seconds of searching revealed...
Java's Cryptography Forum
Encryption by Example: Simple Java Programs
Java 2 Cryptography Extension
Fundamentals of Java Security
Reference: Java Cryptography -
System encryption using LUKS and GPG encrypted keys for arch linux
Update: As of 2012-03-28, arch changed from gnupg 1.4 to 2.x which uses pinentry for the password dialog. The "etwo" hook described here doesn't work with gnupg 2. Either use the openssl hook below or use a statically compiled version of gnupg 1.4.
Update: As of 2012-12-19, the mkinitcpio is not called during boot, unless the "install" file for the hook contains "add_runscript". This resulted in an unbootable system for me. Also, the method name was changed from install () to build ().
Update: 2013-01-13: Updated the hook files using the corrections by Deth.
Note: This guide is a bit dated now, in particular the arch installation might be different now. But essentially, the approach stays the same. Please also take a look at the posts further down, specifically the alternative hooks that use openssl.
I always wanted to set up a fully encrypted arch linux server that uses gpg encrypted keyfiles on an external usb stick and luks for root filesystem encryption. I already did it once in gentoo using this guide. For arch, I had to play alot with initcpio hooks and after one day of experimentation, I finally got it working. I wrote a little guide for myself which I'm going to share here for anyone that might be interested. There might be better or easier ways, like I said this is just how I did it. I hope it might help someone else. Constructive feedback is always welcome
Intro
Using arch linux mkinitcpio's encrypt hook, one can easily use encrypted root partitions with LUKS. It's also possible to use key files stored on an external drive, like an usb stick. However, if someone steals your usb stick, he can just copy the key and potentially access the system. I wanted to have a little extra security by additionally encrypting the key file with gpg using a symmetric cipher and a passphrase.
Since the encrypt hook doesn't support this scenario, I created a modifed hook called “etwo” (silly name I know, it was the first thing that came to my mind). It will simply look if the key file has the extension .gpg and, if yes, use gpg to decrypt it, then pipe the result into cryptsetup.
Conventions
In this short guide, I use the following disk/partition names:
/dev/sda: is the hard disk that will contain an encrypted swap (/dev/sda1), /var (/dev/sda2) and root (/dev/sda3) partition.
/dev/sdb is the usb stick that will contain the gpg encrypted luks keys, the kernel and grub. It will have one partition /dev/sdb1 formatted with ext2.
/dev/mapper/root, /dev/mapper/swap and /dev/mapper/var will be the encrypted devices.
Credits
Thanks to the authors of SECURITY_System_Encryption_DM-Crypt_with_LUKS (gentoo wiki), System Encryption with LUKS (arch wiki), mkinitcpio (arch wiki) and Early Userspace in Arch Linux (/dev/brain0 blog)!
Guide
1. Boot the arch live cd
I had to use a newer testing version, because the 2010.05 cd came with a broken gpg. You can download one here: http://releng.archlinux.org/isos/. I chose the “core“ version. Go ahead and boot the live cd, but don't start the setup yet.
2. Set keymap
Use km to set your keymap. This is important for non-qwerty keyboards to avoid suprises with passphrases...
3. Wipe your discs
ATTENTION: this will DELETE everything on /dev/sda and /dev/sdb forever! Do not blame me for any lost data!
Before encrypting the hard disc, it has to be completely wiped and overwritten with random data. I used shred for this. Others use badblocks or dd with /dev/urandom. Either way, this will take a long time, depending on the size of your disc. I also wiped my usb stick just to be sure.
shred -v /dev/sda
shred -v /dev/sdb
4. Partitioning
Fire up fdisk and create the following partitions:
/dev/sda1, type linux swap.
/dev/sda2: type linux
/dev/sda3: type linux
/dev/sdb1, type linux
Of course you can choose a different layout, this is just how I did it. Keep in mind that only the root filesystem will be decrypted by the initcpio. The rest will be decypted during normal init boot using /etc/crypttab, the keys being somewhere on the root filesystem.
5. Format and mount the usb stick
Create an ext2 filesystem on /dev/sdb1:
mkfs.ext2 /dev/sdb1
mkdir /root/usb
mount /dev/sdb1 /root/usb
cd /root/usb # this will be our working directory for now.
Do not mount anything to /mnt, because the arch installer will use that directory later to mount the encrypted root filesystem.
6. Configure the network (if not already done automatically)
ifconfig eth0 192.168.0.2 netmask 255.255.255.0
route add default gw 192.168.0.1
echo "nameserver 192.168.0.1" >> /etc/resolv.conf
(this is just an example, your mileage may vary)
7. Install gnupg
pacman -Sy
pacman -S gnupg
Verify that gnupg works by launching gpg.
8. Create the keys
Just to be sure, make sure swap is off:
cat /proc/swaps
should return no entries.
Create gpg encrypted keys (remember, we're still in our working dir /root/usb):
dd if=/dev/urandom bs=512 count=4 | gpg -v --cipher-algo aes256 --digest-algo sha512 -c -a > root.gpg
dd if=/dev/urandom bs=512 count=4 | gpg -v --cipher-algo aes256 --digest-algo sha512 -c -a > var.gpg
Choose a strong password!!
Don't do this in two steps, e.g don't do dd to a file and then gpg on that file. The key should never be stored in plain text on an unencrypted device, except if that device is wiped on system restart (ramfs)!
Note that the default cipher for gpg is cast5, I just chose to use a different one.
9. Create the encrypted devices with cryptsetup
Create encrypted swap:
cryptsetup -c aes-cbc-essiv:sha256 -s 256 -h whirlpool -d /dev/urandom create swap /dev/sda1
You should see /dev/mapper/swap now. Don't format nor turn it on for now. This will be done by the arch installer.
Important: From the Cryptsetup 1.1.2 Release notes:
Cryptsetup can accept passphrase on stdin (standard input). Handling of new line (\n) character is defined by input specification:
if keyfile is specified as "-" (using --key-file=- or by positional argument in luksFormat and luksAddKey, like cat file | cryptsetup --key-file=- <action> ), input is processed
as normal binary file and no new line is interpreted.
if there is no key file specification (with default input from stdin pipe like echo passphrase | cryptsetup <action> ) input is processed as input from terminal, reading will
stop after new line is detected.
If I understand this correctly, since the randomly generated key can contain a newline early on, piping the key into cryptsetup without specifying --key-file=- could result in a big part of the key to be ignored by cryptsetup. Example: if the random key was "foo\nandsomemorebaratheendofthekey", piping it directly into cryptsetup without --key-file=- would result in cryptsetup using only "foo" as key which would have big security implications. We should therefor ALWAYS pipe the key into cryptsetup using --key-file=- which ignores newlines.
gpg -q -d root.gpg 2>/dev/null | cryptsetup -v -–key-file=- -c aes-cbc-essiv:sha256 -s 256 -h whirlpool luksFormat /dev/sda3
gpg -q -d var.gpg 2>/dev/null | cryptsetup -v –-key-file=- -c aes-cbc-essiv:sha256 -s 256 -h whirlpool -v luksFormat /dev/sda2
Check for any errors.
10. Open the luks devices
gpg -d root.gpg 2>/dev/null | cryptsetup -v –-key-file=- luksOpen /dev/sda3 root
gpg -d var.gpg 2>/dev/null | cryptsetup -v –-key-file=- luksOpen /dev/sda2 var
If you see /dev/mapper/root and /dev/mapper/var now, everything is ok.
11. Start the installer /arch/setup
Follow steps 1 to 3.
At step 4 (Prepare hard drive(s), select “3 – Manually Configure block devices, filesystems and mountpoints. Choose /dev/sdb1 (the usb stick) as /boot, /dev/mapper/swap for swap, /dev/mapper/root for / and /dev/mapper/var for /var.
Format all drives (choose “yes” when asked “do you want to have this filesystem (re)created”) EXCEPT for /dev/sdb1, choose “no”. Choose the correct filesystem for /dev/sdb1, ext2 in my case. Use swap for /dev/mapper/swap. For the rest, I chose ext4.
Select DONE to start formatting.
At step 5 (Select packages), select grub as boot loader. Select the base group. Add mkinitcpio.
Start step 6 (Install packages).
Go to step 7 (Configure System).
By sure to set the correct KEYMAP, LOCALE and TIMEZONE in /etc/rc.conf.
Edit /etc/fstab:
/dev/mapper/root / ext4 defaults 0 1
/dev/mapper/swap swap swap defaults 0 0
/dev/mapper/var /var ext4 defaults 0 1
# /dev/sdb1 /boot ext2 defaults 0 1
Configure the rest normally. When you're done, setup will launch mkinitcpio. We'll manually launch this again later.
Go to step 8 (install boot loader).
Be sure to change the kernel line in menu.lst:
kernel /vmlinuz26 root=/dev/mapper/root cryptdevice=/dev/sda3:root cryptkey=/dev/sdb1:ext2:/root.gpg
Don't forget the :root suffix in cryptdevice!
Also, my root line was set to (hd1,0). Had to change that to
root (hd0,0)
Install grub to /dev/sdb (the usb stick).
Now, we can exit the installer.
12. Install mkinitcpio with the etwo hook.
Create /mnt/lib/initcpio/hooks/etwo:
#!/usr/bin/ash
run_hook() {
/sbin/modprobe -a -q dm-crypt >/dev/null 2>&1
if [ -e "/sys/class/misc/device-mapper" ]; then
if [ ! -e "/dev/mapper/control" ]; then
/bin/mknod "/dev/mapper/control" c $(cat /sys/class/misc/device-mapper/dev | sed 's|:| |')
fi
[ "${quiet}" = "y" ] && CSQUIET=">/dev/null"
# Get keyfile if specified
ckeyfile="/crypto_keyfile"
usegpg="n"
if [ "x${cryptkey}" != "x" ]; then
ckdev="$(echo "${cryptkey}" | cut -d: -f1)"
ckarg1="$(echo "${cryptkey}" | cut -d: -f2)"
ckarg2="$(echo "${cryptkey}" | cut -d: -f3)"
if poll_device "${ckdev}" ${rootdelay}; then
case ${ckarg1} in
*[!0-9]*)
# Use a file on the device
# ckarg1 is not numeric: ckarg1=filesystem, ckarg2=path
if [ "${ckarg2#*.}" = "gpg" ]; then
ckeyfile="${ckeyfile}.gpg"
usegpg="y"
fi
mkdir /ckey
mount -r -t ${ckarg1} ${ckdev} /ckey
dd if=/ckey/${ckarg2} of=${ckeyfile} >/dev/null 2>&1
umount /ckey
# Read raw data from the block device
# ckarg1 is numeric: ckarg1=offset, ckarg2=length
dd if=${ckdev} of=${ckeyfile} bs=1 skip=${ckarg1} count=${ckarg2} >/dev/null 2>&1
esac
fi
[ ! -f ${ckeyfile} ] && echo "Keyfile could not be opened. Reverting to passphrase."
fi
if [ -n "${cryptdevice}" ]; then
DEPRECATED_CRYPT=0
cryptdev="$(echo "${cryptdevice}" | cut -d: -f1)"
cryptname="$(echo "${cryptdevice}" | cut -d: -f2)"
else
DEPRECATED_CRYPT=1
cryptdev="${root}"
cryptname="root"
fi
warn_deprecated() {
echo "The syntax 'root=${root}' where '${root}' is an encrypted volume is deprecated"
echo "Use 'cryptdevice=${root}:root root=/dev/mapper/root' instead."
if poll_device "${cryptdev}" ${rootdelay}; then
if /sbin/cryptsetup isLuks ${cryptdev} >/dev/null 2>&1; then
[ ${DEPRECATED_CRYPT} -eq 1 ] && warn_deprecated
dopassphrase=1
# If keyfile exists, try to use that
if [ -f ${ckeyfile} ]; then
if [ "${usegpg}" = "y" ]; then
# gpg tty fixup
if [ -e /dev/tty ]; then mv /dev/tty /dev/tty.backup; fi
cp -a /dev/console /dev/tty
while [ ! -e /dev/mapper/${cryptname} ];
do
sleep 2
/usr/bin/gpg -d "${ckeyfile}" 2>/dev/null | cryptsetup --key-file=- luksOpen ${cryptdev} ${cryptname} ${CSQUIET}
dopassphrase=0
done
rm /dev/tty
if [ -e /dev/tty.backup ]; then mv /dev/tty.backup /dev/tty; fi
else
if eval /sbin/cryptsetup --key-file ${ckeyfile} luksOpen ${cryptdev} ${cryptname} ${CSQUIET}; then
dopassphrase=0
else
echo "Invalid keyfile. Reverting to passphrase."
fi
fi
fi
# Ask for a passphrase
if [ ${dopassphrase} -gt 0 ]; then
echo ""
echo "A password is required to access the ${cryptname} volume:"
#loop until we get a real password
while ! eval /sbin/cryptsetup luksOpen ${cryptdev} ${cryptname} ${CSQUIET}; do
sleep 2;
done
fi
if [ -e "/dev/mapper/${cryptname}" ]; then
if [ ${DEPRECATED_CRYPT} -eq 1 ]; then
export root="/dev/mapper/root"
fi
else
err "Password succeeded, but ${cryptname} creation failed, aborting..."
exit 1
fi
elif [ -n "${crypto}" ]; then
[ ${DEPRECATED_CRYPT} -eq 1 ] && warn_deprecated
msg "Non-LUKS encrypted device found..."
if [ $# -ne 5 ]; then
err "Verify parameter format: crypto=hash:cipher:keysize:offset:skip"
err "Non-LUKS decryption not attempted..."
return 1
fi
exe="/sbin/cryptsetup create ${cryptname} ${cryptdev}"
tmp=$(echo "${crypto}" | cut -d: -f1)
[ -n "${tmp}" ] && exe="${exe} --hash \"${tmp}\""
tmp=$(echo "${crypto}" | cut -d: -f2)
[ -n "${tmp}" ] && exe="${exe} --cipher \"${tmp}\""
tmp=$(echo "${crypto}" | cut -d: -f3)
[ -n "${tmp}" ] && exe="${exe} --key-size \"${tmp}\""
tmp=$(echo "${crypto}" | cut -d: -f4)
[ -n "${tmp}" ] && exe="${exe} --offset \"${tmp}\""
tmp=$(echo "${crypto}" | cut -d: -f5)
[ -n "${tmp}" ] && exe="${exe} --skip \"${tmp}\""
if [ -f ${ckeyfile} ]; then
exe="${exe} --key-file ${ckeyfile}"
else
exe="${exe} --verify-passphrase"
echo ""
echo "A password is required to access the ${cryptname} volume:"
fi
eval "${exe} ${CSQUIET}"
if [ $? -ne 0 ]; then
err "Non-LUKS device decryption failed. verify format: "
err " crypto=hash:cipher:keysize:offset:skip"
exit 1
fi
if [ -e "/dev/mapper/${cryptname}" ]; then
if [ ${DEPRECATED_CRYPT} -eq 1 ]; then
export root="/dev/mapper/root"
fi
else
err "Password succeeded, but ${cryptname} creation failed, aborting..."
exit 1
fi
else
err "Failed to open encryption mapping: The device ${cryptdev} is not a LUKS volume and the crypto= paramater was not specified."
fi
fi
rm -f ${ckeyfile}
fi
Create /mnt/lib/initcpio/install/etwo:
#!/bin/bash
build() {
local mod
add_module dm-crypt
if [[ $CRYPTO_MODULES ]]; then
for mod in $CRYPTO_MODULES; do
add_module "$mod"
done
else
add_all_modules '/crypto/'
fi
add_dir "/dev/mapper"
add_binary "cryptsetup"
add_binary "dmsetup"
add_binary "/usr/bin/gpg"
add_file "/usr/lib/udev/rules.d/10-dm.rules"
add_file "/usr/lib/udev/rules.d/13-dm-disk.rules"
add_file "/usr/lib/udev/rules.d/95-dm-notify.rules"
add_file "/usr/lib/initcpio/udev/11-dm-initramfs.rules" "/usr/lib/udev/rules.d/11-dm-initramfs.rules"
add_runscript
help ()
cat<<HELPEOF
This hook allows for an encrypted root device with support for gpg encrypted key files.
To use gpg, the key file must have the extension .gpg and you have to install gpg and add /usr/bin/gpg
to your BINARIES var in /etc/mkinitcpio.conf.
HELPEOF
Edit /mnt/etc/mkinitcpio.conf (only relevant sections displayed):
MODULES=”ext2 ext4” # not sure if this is really nessecary.
BINARIES=”/usr/bin/gpg” # this could probably be done in install/etwo...
HOOKS=”base udev usbinput keymap autodetect pata scsi sata usb etwo filesystems” # (usbinput is only needed if you have an usb keyboard)
Copy the initcpio stuff over to the live cd:
cp /mnt/lib/initcpio/hooks/etwo /lib/initcpio/hooks/
cp /mnt/lib/initcpio/install/etwo /lib/initcpio/install/
cp /mnt/etc/mkinitcpio.conf /etc/
Verify your LOCALE, KEYMAP and TIMEZONE in /etc/rc.conf!
Now reinstall the initcpio:
mkinitcpio -g /mnt/boot/kernel26.img
Make sure there were no errors and that all hooks were included.
13. Decrypt the "var" key to the encrypted root
mkdir /mnt/keys
chmod 500 /mnt/keys
gpg –output /mnt/keys/var -d /mnt/boot/var.gpg
chmod 400 /mnt/keys/var
14. Setup crypttab
Edit /mnt/etc/crypttab:
swap /dev/sda1 SWAP -c aes-cbc-essiv:sha256 -s 256 -h whirlpool
var /dev/sda2 /keys/var
15. Reboot
We're done, you may reboot. Make sure you select the usb stick as the boot device in your bios and hope for the best. . If it didn't work, play with grub's settings or boot from the live cd, mount your encrypted devices and check all settings. You might also have less trouble by using uuid's instead of device names. I chose device names to keep things as simple as possible, even though it's not the optimal way to do it.
Make backups of your data and your usb stick and do not forget your password(s)! Or you can say goodbye to your data forever...
Last edited by fabriceb (2013-01-15 22:36:23)I'm trying to run my install script that is based on https://bbs.archlinux.org/viewtopic.php?id=129885
Decrypting the gpg key after grub works, but then "Devce root already exists." appears every second.
any idea ?
#!/bin/bash
# This script is designed to be run in conjunction with a UEFI boot using Archboot intall media.
# prereqs:
# EFI "BIOS" set to boot *only* from EFI
# successful EFI boot of Archboot USB
# mount /dev/sdb1 /src
set -o nounset
#set -o errexit
# Host specific configuration
# this whole script needs to be customized, particularly disk partitions
# and configuration, but this section contains global variables that
# are used during the system configuration phase for convenience
HOSTNAME=daniel
USERNAME=user
# Globals
# We don't need to set these here but they are used repeatedly throughout
# so it makes sense to reuse them and allow an easy, one-time change if we
# need to alter values such as the install target mount point.
INSTALL_TARGET="/install"
HR="--------------------------------------------------------------------------------"
PACMAN="pacman --noconfirm --config /tmp/pacman.conf"
TARGET_PACMAN="pacman --noconfirm --config /tmp/pacman.conf -r ${INSTALL_TARGET}"
CHROOT_PACMAN="pacman --noconfirm --cachedir /var/cache/pacman/pkg --config /tmp/pacman.conf -r ${INSTALL_TARGET}"
FILE_URL="file:///packages/core-$(uname -m)/pkg"
FTP_URL='ftp://mirrors.kernel.org/archlinux/$repo/os/$arch'
HTTP_URL='http://mirrors.kernel.org/archlinux/$repo/os/$arch'
# Functions
# I've avoided using functions in this script as they aren't required and
# I think it's more of a learning tool if you see the step-by-step
# procedures even with minor duplciations along the way, but I feel that
# these functions clarify the particular steps of setting values in config
# files.
SetValue () {
# EXAMPLE: SetValue VARIABLENAME '\"Quoted Value\"' /file/path
VALUENAME="$1" NEWVALUE="$2" FILEPATH="$3"
sed -i "s+^#\?\(${VALUENAME}\)=.*$+\1=${NEWVALUE}+" "${FILEPATH}"
CommentOutValue () {
VALUENAME="$1" FILEPATH="$2"
sed -i "s/^\(${VALUENAME}.*\)$/#\1/" "${FILEPATH}"
UncommentValue () {
VALUENAME="$1" FILEPATH="$2"
sed -i "s/^#\(${VALUENAME}.*\)$/\1/" "${FILEPATH}"
# Initialize
# Warn the user about impending doom, set up the network on eth0, mount
# the squashfs images (Archboot does this normally, we're just filling in
# the gaps resulting from the fact that we're doing a simple scripted
# install). We also create a temporary pacman.conf that looks for packages
# locally first before sourcing them from the network. It would be better
# to do either *all* local or *all* network but we can't for two reasons.
# 1. The Archboot installation image might have an out of date kernel
# (currently the case) which results in problems when chrooting
# into the install mount point to modprobe efivars. So we use the
# package snapshot on the Archboot media to ensure our kernel is
# the same as the one we booted with.
# 2. Ideally we'd source all local then, but some critical items,
# notably grub2-efi variants, aren't yet on the Archboot media.
# Warn
timer=9
echo -e "\n\nMAC WARNING: This script is not designed for APPLE MAC installs and will potentially misconfigure boot to your existing OS X installation. STOP NOW IF YOU ARE ON A MAC.\n\n"
echo -n "GENERAL WARNING: This procedure will completely format /dev/sda. Please cancel with ctrl-c to cancel within $timer seconds..."
while [[ $timer -gt 0 ]]
do
sleep 1
let timer-=1
echo -en "$timer seconds..."
done
echo "STARTING"
# Get Network
echo -n "Waiting for network address.."
#dhclient eth0
dhcpcd -p eth0
echo -n "Network address acquired."
# Mount packages squashfs images
umount "/packages/core-$(uname -m)"
umount "/packages/core-any"
rm -rf "/packages/core-$(uname -m)"
rm -rf "/packages/core-any"
mkdir -p "/packages/core-$(uname -m)"
mkdir -p "/packages/core-any"
modprobe -q loop
modprobe -q squashfs
mount -o ro,loop -t squashfs "/src/packages/archboot_packages_$(uname -m).squashfs" "/packages/core-$(uname -m)"
mount -o ro,loop -t squashfs "/src/packages/archboot_packages_any.squashfs" "/packages/core-any"
# Create temporary pacman.conf file
cat << PACMANEOF > /tmp/pacman.conf
[options]
Architecture = auto
CacheDir = ${INSTALL_TARGET}/var/cache/pacman/pkg
CacheDir = /packages/core-$(uname -m)/pkg
CacheDir = /packages/core-any/pkg
[core]
Server = ${FILE_URL}
Server = ${FTP_URL}
Server = ${HTTP_URL}
[extra]
Server = ${FILE_URL}
Server = ${FTP_URL}
Server = ${HTTP_URL}
#Uncomment to enable pacman -Sy yaourt
[archlinuxfr]
Server = http://repo.archlinux.fr/\$arch
PACMANEOF
# Prepare pacman
[[ ! -d "${INSTALL_TARGET}/var/cache/pacman/pkg" ]] && mkdir -m 755 -p "${INSTALL_TARGET}/var/cache/pacman/pkg"
[[ ! -d "${INSTALL_TARGET}/var/lib/pacman" ]] && mkdir -m 755 -p "${INSTALL_TARGET}/var/lib/pacman"
${PACMAN} -Sy
${TARGET_PACMAN} -Sy
# Install prereqs from network (not on archboot media)
echo -e "\nInstalling prereqs...\n$HR"
#sed -i "s/^#S/S/" /etc/pacman.d/mirrorlist # Uncomment all Server lines
UncommentValue S /etc/pacman.d/mirrorlist # Uncomment all Server lines
${PACMAN} --noconfirm -Sy gptfdisk btrfs-progs-unstable libusb-compat gnupg
# Configure Host
# Here we create three partitions:
# 1. efi and /boot (one partition does double duty)
# 2. swap
# 3. our encrypted root
# Note that all of these are on a GUID partition table scheme. This proves
# to be quite clean and simple since we're not doing anything with MBR
# boot partitions and the like.
echo -e "format\n"
# shred -v /dev/sda
# disk prep
sgdisk -Z /dev/sda # zap all on disk
#sgdisk -Z /dev/mmcb1k0 # zap all on sdcard
sgdisk -a 2048 -o /dev/sda # new gpt disk 2048 alignment
#sgdisk -a 2048 -o /dev/mmcb1k0
# create partitions
sgdisk -n 1:0:+200M /dev/sda # partition 1 (UEFI BOOT), default start block, 200MB
sgdisk -n 2:0:+4G /dev/sda # partition 2 (SWAP), default start block, 200MB
sgdisk -n 3:0:0 /dev/sda # partition 3, (LUKS), default start, remaining space
#sgdisk -n 1:0:1800M /dev/mmcb1k0 # root.gpg
# set partition types
sgdisk -t 1:ef00 /dev/sda
sgdisk -t 2:8200 /dev/sda
sgdisk -t 3:8300 /dev/sda
#sgdisk -t 1:0700 /dev/mmcb1k0
# label partitions
sgdisk -c 1:"UEFI Boot" /dev/sda
sgdisk -c 2:"Swap" /dev/sda
sgdisk -c 3:"LUKS" /dev/sda
#sgdisk -c 1:"Key" /dev/mmcb1k0
echo -e "create gpg file\n"
# create gpg file
dd if=/dev/urandom bs=512 count=4 | gpg -v --cipher-algo aes256 --digest-algo sha512 -c -a > /root/root.gpg
echo -e "format LUKS on root\n"
# format LUKS on root
gpg -q -d /root/root.gpg 2>/dev/null | cryptsetup -v --key-file=- -c aes-xts-plain -s 512 --hash sha512 luksFormat /dev/sda3
echo -e "open LUKS on root\n"
gpg -d /root/root.gpg 2>/dev/null | cryptsetup -v --key-file=- luksOpen /dev/sda3 root
# NOTE: make sure to add dm_crypt and aes_i586 to MODULES in rc.conf
# NOTE2: actually this isn't required since we're mounting an encrypted root and grub2/initramfs handles this before we even get to rc.conf
# make filesystems
# following swap related commands not used now that we're encrypting our swap partition
#mkswap /dev/sda2
#swapon /dev/sda2
#mkfs.ext4 /dev/sda3 # this is where we'd create an unencrypted root partition, but we're using luks instead
echo -e "\nCreating Filesystems...\n$HR"
# make filesystems
mkfs.ext4 /dev/mapper/root
mkfs.vfat -F32 /dev/sda1
#mkfs.vfat -F32 /dev/mmcb1k0p1
echo -e "mount targets\n"
# mount target
#mount /dev/sda3 ${INSTALL_TARGET} # this is where we'd mount the unencrypted root partition
mount /dev/mapper/root ${INSTALL_TARGET}
# mount target
mkdir ${INSTALL_TARGET}
# mkdir ${INSTALL_TARGET}/key
# mount -t vfat /dev/mmcb1k0p1 ${INSTALL_TARGET}/key
mkdir ${INSTALL_TARGET}/boot
mount -t vfat /dev/sda1 ${INSTALL_TARGET}/boot
# Install base, necessary utilities
mkdir -p ${INSTALL_TARGET}/var/lib/pacman
${TARGET_PACMAN} -Sy
${TARGET_PACMAN} -Su base
# curl could be installed later but we want it ready for rankmirrors
${TARGET_PACMAN} -S curl
${TARGET_PACMAN} -S libusb-compat gnupg
${TARGET_PACMAN} -R grub
rm -rf ${INSTALL_TARGET}/boot/grub
${TARGET_PACMAN} -S grub2-efi-x86_64
# Configure new system
SetValue HOSTNAME ${HOSTNAME} ${INSTALL_TARGET}/etc/rc.conf
sed -i "s/^\(127\.0\.0\.1.*\)$/\1 ${HOSTNAME}/" ${INSTALL_TARGET}/etc/hosts
SetValue CONSOLEFONT Lat2-Terminus16 ${INSTALL_TARGET}/etc/rc.conf
#following replaced due to netcfg
#SetValue interface eth0 ${INSTALL_TARGET}/etc/rc.conf
# write fstab
# You can use UUID's or whatever you want here, of course. This is just
# the simplest approach and as long as your drives aren't changing values
# randomly it should work fine.
cat > ${INSTALL_TARGET}/etc/fstab <<FSTAB_EOF
# /etc/fstab: static file system information
# <file system> <dir> <type> <options> <dump> <pass>
tmpfs /tmp tmpfs nodev,nosuid 0 0
/dev/sda1 /boot vfat defaults 0 0
/dev/mapper/cryptswap none swap defaults 0 0
/dev/mapper/root / ext4 defaults,noatime 0 1
FSTAB_EOF
# write etwo
mkdir -p /lib/initcpio/hooks/
mkdir -p /lib/initcpio/install/
cp /src/etwo_hooks /lib/initcpio/hooks/etwo
cp /src/etwo_install /lib/initcpio/install/etwo
mkdir -p ${INSTALL_TARGET}/lib/initcpio/hooks/
mkdir -p ${INSTALL_TARGET}/lib/initcpio/install/
cp /src/etwo_hooks ${INSTALL_TARGET}/lib/initcpio/hooks/etwo
cp /src/etwo_install ${INSTALL_TARGET}/lib/initcpio/install/etwo
# write crypttab
# encrypted swap (random passphrase on boot)
echo cryptswap /dev/sda2 SWAP "-c aes-xts-plain -h whirlpool -s 512" >> ${INSTALL_TARGET}/etc/crypttab
# copy configs we want to carry over to target from install environment
mv ${INSTALL_TARGET}/etc/resolv.conf ${INSTALL_TARGET}/etc/resolv.conf.orig
cp /etc/resolv.conf ${INSTALL_TARGET}/etc/resolv.conf
mkdir -p ${INSTALL_TARGET}/tmp
cp /tmp/pacman.conf ${INSTALL_TARGET}/tmp/pacman.conf
# mount proc, sys, dev in install root
mount -t proc proc ${INSTALL_TARGET}/proc
mount -t sysfs sys ${INSTALL_TARGET}/sys
mount -o bind /dev ${INSTALL_TARGET}/dev
echo -e "umount boot\n"
# we have to remount /boot from inside the chroot
umount ${INSTALL_TARGET}/boot
# Create install_efi script (to be run *after* chroot /install)
touch ${INSTALL_TARGET}/install_efi
chmod a+x ${INSTALL_TARGET}/install_efi
cat > ${INSTALL_TARGET}/install_efi <<EFI_EOF
# functions (these could be a library, but why overcomplicate things
SetValue () { VALUENAME="\$1" NEWVALUE="\$2" FILEPATH="\$3"; sed -i "s+^#\?\(\${VALUENAME}\)=.*\$+\1=\${NEWVALUE}+" "\${FILEPATH}"; }
CommentOutValue () { VALUENAME="\$1" FILEPATH="\$2"; sed -i "s/^\(\${VALUENAME}.*\)\$/#\1/" "\${FILEPATH}"; }
UncommentValue () { VALUENAME="\$1" FILEPATH="\$2"; sed -i "s/^#\(\${VALUENAME}.*\)\$/\1/" "\${FILEPATH}"; }
echo -e "mount boot\n"
# remount here or grub et al gets confused
mount -t vfat /dev/sda1 /boot
# mkinitcpio
# NOTE: intel_agp drm and i915 for intel graphics
SetValue MODULES '\\"dm_mod dm_crypt aes_x86_64 ext2 ext4 vfat intel_agp drm i915\\"' /etc/mkinitcpio.conf
SetValue HOOKS '\\"base udev pata scsi sata usb usbinput keymap consolefont etwo encrypt filesystems\\"' /etc/mkinitcpio.conf
SetValue BINARIES '\\"/usr/bin/gpg\\"' /etc/mkinitcpio.conf
mkinitcpio -p linux
# kernel modules for EFI install
modprobe efivars
modprobe dm-mod
# locale-gen
UncommentValue de_AT /etc/locale.gen
locale-gen
# install and configure grub2
# did this above
#${CHROOT_PACMAN} -Sy
#${CHROOT_PACMAN} -R grub
#rm -rf /boot/grub
#${CHROOT_PACMAN} -S grub2-efi-x86_64
# you can be surprisingly sloppy with the root value you give grub2 as a kernel option and
# even omit the cryptdevice altogether, though it will wag a finger at you for using
# a deprecated syntax, so we're using the correct form here
# NOTE: take out i915.modeset=1 unless you are on intel graphics
SetValue GRUB_CMDLINE_LINUX '\\"cryptdevice=/dev/sda3:root cryptkey=/dev/sda1:vfat:/root.gpg add_efi_memmap i915.i915_enable_rc6=1 i915.i915_enable_fbc=1 i915.lvds_downclock=1 pcie_aspm=force quiet\\"' /etc/default/grub
# set output to graphical
SetValue GRUB_TERMINAL_OUTPUT gfxterm /etc/default/grub
SetValue GRUB_GFXMODE 960x600x32,auto /etc/default/grub
SetValue GRUB_GFXPAYLOAD_LINUX keep /etc/default/grub # comment out this value if text only mode
# install the actual grub2. Note that despite our --boot-directory option we will still need to move
# the grub directory to /boot/grub during grub-mkconfig operations until grub2 gets patched (see below)
grub_efi_x86_64-install --bootloader-id=grub --no-floppy --recheck
# create our EFI boot entry
# bug in the HP bios firmware (F.08)
efibootmgr --create --gpt --disk /dev/sda --part 1 --write-signature --label "ARCH LINUX" --loader "\\\\grub\\\\grub.efi"
# copy font for grub2
cp /usr/share/grub/unicode.pf2 /boot/grub
# generate config file
grub-mkconfig -o /boot/grub/grub.cfg
exit
EFI_EOF
# Install EFI using script inside chroot
chroot ${INSTALL_TARGET} /install_efi
rm ${INSTALL_TARGET}/install_efi
# Post install steps
# anything you want to do post install. run the script automatically or
# manually
touch ${INSTALL_TARGET}/post_install
chmod a+x ${INSTALL_TARGET}/post_install
cat > ${INSTALL_TARGET}/post_install <<POST_EOF
set -o errexit
set -o nounset
# functions (these could be a library, but why overcomplicate things
SetValue () { VALUENAME="\$1" NEWVALUE="\$2" FILEPATH="\$3"; sed -i "s+^#\?\(\${VALUENAME}\)=.*\$+\1=\${NEWVALUE}+" "\${FILEPATH}"; }
CommentOutValue () { VALUENAME="\$1" FILEPATH="\$2"; sed -i "s/^\(\${VALUENAME}.*\)\$/#\1/" "\${FILEPATH}"; }
UncommentValue () { VALUENAME="\$1" FILEPATH="\$2"; sed -i "s/^#\(\${VALUENAME}.*\)\$/\1/" "\${FILEPATH}"; }
# root password
echo -e "${HR}\\nNew root user password\\n${HR}"
passwd
# add user
echo -e "${HR}\\nNew non-root user password (username:${USERNAME})\\n${HR}"
groupadd sudo
useradd -m -g users -G audio,lp,optical,storage,video,games,power,scanner,network,sudo,wheel -s /bin/bash ${USERNAME}
passwd ${USERNAME}
# mirror ranking
echo -e "${HR}\\nRanking Mirrors (this will take a while)\\n${HR}"
cp /etc/pacman.d/mirrorlist /etc/pacman.d/mirrorlist.orig
mv /etc/pacman.d/mirrorlist /etc/pacman.d/mirrorlist.all
sed -i "s/#S/S/" /etc/pacman.d/mirrorlist.all
rankmirrors -n 5 /etc/pacman.d/mirrorlist.all > /etc/pacman.d/mirrorlist
# temporary fix for locale.sh update conflict
mv /etc/profile.d/locale.sh /etc/profile.d/locale.sh.preupdate || true
# yaourt repo (add to target pacman, not tmp pacman.conf, for ongoing use)
echo -e "\\n[archlinuxfr]\\nServer = http://repo.archlinux.fr/\\\$arch" >> /etc/pacman.conf
echo -e "\\n[haskell]\\nServer = http://www.kiwilight.com/\\\$repo/\\\$arch" >> /etc/pacman.conf
# additional groups and utilities
pacman --noconfirm -Syu
pacman --noconfirm -S base-devel
pacman --noconfirm -S yaourt
# sudo
pacman --noconfirm -S sudo
cp /etc/sudoers /tmp/sudoers.edit
sed -i "s/#\s*\(%wheel\s*ALL=(ALL)\s*ALL.*$\)/\1/" /tmp/sudoers.edit
sed -i "s/#\s*\(%sudo\s*ALL=(ALL)\s*ALL.*$\)/\1/" /tmp/sudoers.edit
visudo -qcsf /tmp/sudoers.edit && cat /tmp/sudoers.edit > /etc/sudoers
# power
pacman --noconfirm -S acpi acpid acpitool cpufrequtils
yaourt --noconfirm -S powertop2
sed -i "/^DAEMONS/ s/)/ @acpid)/" /etc/rc.conf
sed -i "/^MODULES/ s/)/ acpi-cpufreq cpufreq_ondemand cpufreq_powersave coretemp)/" /etc/rc.conf
# following requires my acpi handler script
echo "/etc/acpi/handler.sh boot" > /etc/rc.local
# time
pacman --noconfirm -S ntp
sed -i "/^DAEMONS/ s/hwclock /!hwclock @ntpd /" /etc/rc.conf
# wireless (wpa supplicant should already be installed)
pacman --noconfirm -S iw wpa_supplicant rfkill
pacman --noconfirm -S netcfg wpa_actiond ifplugd
mv /etc/wpa_supplicant.conf /etc/wpa_supplicant.conf.orig
echo -e "ctrl_interface=DIR=/var/run/wpa_supplicant GROUP=network\nupdate_config=1" > /etc/wpa_supplicant.conf
# make sure to copy /etc/network.d/examples/wireless-wpa-config to /etc/network.d/home and edit
sed -i "/^DAEMONS/ s/)/ @net-auto-wireless @net-auto-wired)/" /etc/rc.conf
sed -i "/^DAEMONS/ s/ network / /" /etc/rc.conf
echo -e "\nWIRELESS_INTERFACE=wlan0" >> /etc/rc.conf
echo -e "WIRED_INTERFACE=eth0" >> /etc/rc.conf
echo "options iwlagn led_mode=2" > /etc/modprobe.d/iwlagn.conf
# sound
pacman --noconfirm -S alsa-utils alsa-plugins
sed -i "/^DAEMONS/ s/)/ @alsa)/" /etc/rc.conf
mv /etc/asound.conf /etc/asound.conf.orig || true
#if alsamixer isn't working, try alsamixer -Dhw and speaker-test -Dhw -c 2
# video
pacman --noconfirm -S base-devel mesa mesa-demos
# x
#pacman --noconfirm -S xorg xorg-xinit xorg-utils xorg-server-utils xdotool xorg-xlsfonts
#yaourt --noconfirm -S xf86-input-wacom-git # NOT NEEDED? input-wacom-git
#TODO: cut down the install size
#pacman --noconfirm -S xorg-server xorg-xinit xorg-utils xorg-server-utils
# TODO: wacom
# environment/wm/etc.
#pacman --noconfirm -S xfce4 compiz ccsm
#pacman --noconfirm -S xcompmgr
#yaourt --noconfirm -S physlock unclutter
#pacman --noconfirm -S rxvt-unicode urxvt-url-select hsetroot
#pacman --noconfirm -S gtk2 #gtk3 # for taffybar?
#pacman --noconfirm -S ghc
# note: try installing alex and happy from cabal instead
#pacman --noconfirm -S haskell-platform haskell-hscolour
#yaourt --noconfirm -S xmonad-darcs xmonad-contrib-darcs xcompmgr
#yaourt --noconfirm -S xmobar-git
# TODO: edit xfce to use compiz
# TODO: xmonad, but deal with video tearing
# TODO: xmonad-darcs fails to install from AUR. haskell dependency hell.
# switching to cabal
# fonts
pacman --noconfirm -S terminus-font
yaourt --noconfirm -S webcore-fonts
yaourt --noconfirm -S fontforge libspiro
yaourt --noconfirm -S freetype2-git-infinality
# TODO: sed infinality and change to OSX or OSX2 mode
# and create the sym link from /etc/fonts/conf.avail to conf.d
# misc apps
#pacman --noconfirm -S htop openssh keychain bash-completion git vim
#pacman --noconfirm -S chromium flashplugin
#pacman --noconfirm -S scrot mypaint bc
#yaourt --noconfirm -S task-git stellarium googlecl
# TODO: argyll
POST_EOF
# Post install in chroot
#echo "chroot and run /post_install"
chroot /install /post_install
rm /install/post_install
# copy grub.efi file to the default HP EFI boot manager path
mkdir -p ${INSTALL_TARGET}/boot/EFI/Microsoft/BOOT/
mkdir -p ${INSTALL_TARGET}/boot/EFI/BOOT/
cp ${INSTALL_TARGET}/boot/grub/grub.efi ${INSTALL_TARGET}/boot/EFI/Microsoft/BOOT/bootmgfw.efi
cp ${INSTALL_TARGET}/boot/grub/grub.efi ${INSTALL_TARGET}/boot/EFI/BOOT/BOOTX64.EFI
cp /root/root.gpg ${INSTALL_TARGET}/boot/
# NOTES/TODO -
Hi All,
problem is when i open to outlook to check mail at that time i got mail but attached file is not open which is encrypted file
so please help how to open attached file following process i do .
1: convert otf to pdf file
2: download pdf file into application server
3:encrypt pdf file with password protect
4:upload pdf file from application server
5:send mail
1. OTR TO PDF
CALL FUNCTION 'CONVERT_OTF'
EXPORTING
format = 'PDF'
max_linewidth = 132
* ARCHIVE_INDEX = ' '
* COPYNUMBER = 0
* ASCII_BIDI_VIS2LOG = ' '
* PDF_DELETE_OTFTAB = ' '
IMPORTING
bin_filesize = gv_bin_filesize
* BIN_FILE =
TABLES
otf = gt_otf
lines = gt_pdf_tab
EXCEPTIONS
err_max_linewidth = 1
err_format = 2
err_conv_not_possible = 3
err_bad_otf = 4
OTHERS = 5.
IF sy-subrc <> 0.
MESSAGE ID sy-msgid TYPE sy-msgty NUMBER sy-msgno
WITH sy-msgv1 sy-msgv2 sy-msgv3 sy-msgv4.
ENDIF.
then download pdf file into application server using following code
OPEN DATASET l_file FOR OUTPUT IN BINARY MODE .
IF sy-subrc = 0 .
LOOP AT gt_pdf_tab.
TRANSFER gt_pdf_tab TO l_file .
ENDLOOP.
CLOSE DATASET l_file .
ELSE.
WRITE : / 'operating system could not open file' .
ENDIF.
*Then i use command line mode Encryptpdf, from verypdf.com, *
so successfuly file encrypted and password protected.*
Then upload pdf filw which is encrypted form application server
OPEN DATASET to_file FOR INPUT IN BINARY MODE.
IF sy-subrc = 0.
DO .
READ DATASET to_file INTO gs_objbin. "GS_PDF_TAB.
IF sy-subrc = 0.
APPEND gs_objbin TO gt_objbin . "GS_PDF_TAB TO GT_PDF_TAB.
ELSE.
EXIT.
ENDIF.
ENDDO.
CLOSE DATASET to_file.
ENDIF.
then i use use FM SO_NEW_DOCUMENT_ATT_SEND_API1
CALL FUNCTION 'SO_NEW_DOCUMENT_ATT_SEND_API1'
EXPORTING
document_data = gs_docdata
put_in_outbox = 'X'
commit_work = 'X'
* IMPORTING
* SENT_TO_ALL =
* NEW_OBJECT_ID =
TABLES
packing_list = gt_objpack
* OBJECT_HEADER = I_OBJTXT
contents_bin = gt_objbin
contents_txt = i_objtxt
* CONTENTS_HEX =
* OBJECT_PARA =
* OBJECT_PARB =
receivers = gt_reclist
EXCEPTIONS
too_many_receivers = 1
document_not_sent = 2
document_type_not_exist = 3
operation_no_authorization = 4
parameter_error = 5
x_error = 6
enqueue_error = 7
OTHERS = 8
Edited by: Krupaji on Oct 27, 2010 11:31 AMRelated FM SO_NEW_DOCUMENT_ATT_SEND_API1 you can check following example:
clear : gs_docdata,gt_objbin. "
refresh : gt_objbin . "
* gs_docdata-obj_name = 'ord_accept'.
gs_docdata-obj_name = 'Invoice'.
gs_docdata-expiry_dat = sy-datum + 10.
* gs_docdata-obj_descr = 'Your Invoice No : '.
gs_docdata-obj_descr = detail1.
gs_docdata-sensitivty = 'F'. "Functional object
gs_docdata-doc_size = gv_desc_lines * 255.
clear gs_objpack-transf_bin.
* Start line of object header in transport packet
* GS_OBJPACK-TRANSF_BIN = 'X'.
gs_objpack-doc_size = gv_desc_lines * 255.
gs_objpack-head_start = 1.
gs_objpack-head_num = 0.
gs_objpack-body_start = 1.
gs_objpack-body_num = gv_desc_lines.
gs_objpack-doc_type = 'RAW'.
* GS_OBJPACK-OBJ_NAME = 'ORDER_ACCEPTANCE'.
* GS_OBJPACK-OBJ_DESCR = 'ORDER_ACCEPTANCE.PDF'.
append gs_objpack to gt_objpack.
endif.
* Passing the SAP Script text lines to SAPoffice: Single List with Column Length 255 table
clear : gs_objbin, gs_pdf_tab.
*& Encrypted file
filename = name.
if name is initial.
concatenate 'd:\pdf\' main_dtl-vbeln '.PDF' into name.
filename = name.
endif.
data: pdf type ref to cl_hrasr00_pdf_generation.
data : lt_data type solix_tab.
open dataset filename for input in binary mode.
if sy-subrc eq 0.
read dataset filename into filex.
endif.
if filex is not initial.
call function 'SCMS_XSTRING_TO_BINARY'
exporting
buffer = filex
importing
output_length = file_length
tables
binary_tab = gt_objbin.
endif.
close dataset filename.
describe table gt_objbin lines gv_tab_lines.
clear gs_objbin.
read table gt_objbin into gs_objbin index gv_tab_lines.
if sy-subrc = 0.
gs_objpack-doc_size = ( gv_tab_lines - 1 ) * 255 + strlen( gs_objbin ).
gs_objpack-transf_bin = 'X'.
gs_objpack-head_start = 1.
gs_objpack-head_num = 0.
gs_objpack-body_start = 1.
gs_objpack-body_num = gv_tab_lines.
gs_objpack-doc_type = 'PDF'.
gs_objpack-obj_name = 'INVOICE'.
gs_objpack-obj_descr = 'Invoice Order'.
append gs_objpack to gt_objpack.
endif.
call function 'SO_NEW_DOCUMENT_ATT_SEND_API1'
exporting
document_data = gs_docdata
put_in_outbox = 'X'
commit_work = 'X'
* IMPORTING
* SENT_TO_ALL =
* NEW_OBJECT_ID =
tables
packing_list = gt_objpack
* OBJECT_HEADER = I_OBJTXT
contents_bin = gt_objbin
contents_txt = i_objtxt
* CONTENTS_HEX =
* OBJECT_PARA =
* OBJECT_PARB =
receivers = gt_reclist
exceptions
too_many_receivers = 1
document_not_sent = 2
document_type_not_exist = 3
operation_no_authorization = 4
parameter_error = 5
x_error = 6
enqueue_error = 7
others = 8
if sy-subrc <> 0.
message id sy-msgid type sy-msgty number sy-msgno
with sy-msgv1 sy-msgv2 sy-msgv3 sy-msgv4.
else.
open dataset name for input in binary mode.
if sy-subrc eq 0.
delete dataset filename.
endif. -
Need Target File Name Timestamp is same as Source File name Timestamp
Hi ,
I want to genereate Target file name (Target_09062008082030.xml) but this time stamp is exactly Sorce FileTime stamp..(Source_09062008082030.xml)..
so, i want to create a target file with the same source file time stamp..
for this.. i sed Message Specific attributes... in both sender and receiver side.. but that was creating with the complete name.of source file name.. but i want only Timestamp of the source filename... and remaing is the constant.. for this how can i proceed ..
Thanks
JainSee in Sender CC when you set the Adapter Specific Message Attr for file name it will send the filename in the header of the XI Message.
To acces this file name inside mapping you need to create a UDF . The type can be any thing as you desire.
You dont need to pass any variable .if suppose you want the file name (constant) e.g ABC_<timestamp>.xml
DynamicConfiguration conf = (DynamicConfiguration) container.getTransformationParameters().get(StreamTransformationConstants.DYNAMIC_CONFIGURATION);
DynamicConfigurationKey key = DynamicConfigurationKey.create("http://sap.com/xi/XI/System/File","FileName");
String fileName= conf.get(key);
//see above your key is FileName which will be sent by the sender CC automatically... You are simply accessing it here using get() method.
//now ur filename will contain name of the source file... you need to perform a substring operation to get the timestamp and create a new file name as you desire.
fileName = "New_<timestmp>.xml"; //for e.g
//set this file name again in header message using put()
conf.put(key, fileName);
//when you check on the adapter specific message attr for fileName in the receiver CC ,it will automatically take this new file name value.
return fileName;
// if you want to use this new fileName inside your mapping payload (for other fields) you can assign this to any target field,else just assign it to the root tag which will make no difference if this file name is not used anywhere. -
I had a requriment where I need to move files from one directory to another.There is no tranformation in data.So I haven't created any IR objects.But I want the target file with the same name as source file.I can't use any udf as I haven't implemented any mapping.Plz suggest how can I acheive this.
Hi,
This blog is just for you.
[How to send any data (even binary) through XI, without using the Integration Repository|How to send any data (even binary) through XI, without using the Integration Repository]
Just make sure that you specify File Construction mode as Create.
What ever you specify in File name in Receiver adapter won't matter, your directory should be different than sender.
Regards,
Anirudh. -
Issue with Target File structure
Hi Experts ,
Mine is a proxy to file scenerio. please suggest me on the below req. My target file structure should be as follows.
HDR:PARTNER,CHDAT,NEW_TEL,OLD_TEL,PREF_CONTACT_NO,TEL,EXXX_ID
1029382,28.02.2011,0782191829,049829329,Y,3,0
1029382,28.02.2011,0783484311,077383738,N,2,0
1029382,28.02.2011,01972383934,0113938393,N,,0
1039385,28.02.2011,0782133829,079829310,Y,3,0
10245748,28.02.2011,N,,,,DAVID.WHITAKERattheYAHOO.CO.UK
112928393,28.02.2011,01183393843,01123839388,N,,Tom.HanksattherateSKYdotCOM
FTR:UPDATE_VENDOR_CONTACTS_SRM_TO_EIS,01.03.2011 02.18.29,6
This structure has 3 parts , header , body and trailer.
I am planning to create a target structure . Is it possible to get the field names of the structure in it
Header
HeaderInfo : HDR:PARTNER,CHDAT,NEW_TEL,OLD_TEL,PREF_CONTACT_NO,TEL,EMAIL_ID
Body
1029382,28.02.2011,0782191829,049829329,Y,3,0
1029382,28.02.2011,0783484311,077383738,N,2,0
1029382,28.02.2011,01972383934,0113938393,N,,0
Footer
Footer Info :FTR:UPDATE_VENDOR_CONTACTS_SRM_TO_EIS,01.03.2011 02.18.29,6
I will take care of the comma and the single line for header/footer and multiline for body in content conversion ,
In the footer I need date and time stamp along with total number of rows for the body.
How do I get the same .
Please suggest .
Arnab.Hi,
Yes you can get the timestamp and count of no of records in the footer.
Please define your target structure like below
MT_
Records
Header ( o to 1)
Headerdata
Items(0 to unbounded)
field1
fielld2
Footer
Footerdata
And in the mapping get the current dat using data function.
And then pass the Item node to the function count
Concat both of them along with the constants you need and assign to footer data..
Thanks
Suma -
How can I open McAfee encrypted (EEFF) PDF files with Adobe Reader?
How can I open McAfee encrypted (EEFF) PDF files with Adobe Reader? Get error "There was an error opening this document. Access denied". Disabling Protected Mode in Reader doesn’t always work.
McAfee: https://kc.mcafee.com/corporate/index?page=content&id=KB74299&actp=search&viewlocale=en_US &searchid=1240943327683If Reader ISN'T in the list of prpgrams to open with, click "Browse"
In the "Browse window" go to C/Program files [or Program Files (x86)]/Adobe/Reader 11/Reader
Select "AcroRd32.exe" and click "Open"
Make sure "Always use the selected program to open this kind of file" is checked and click "OK". -
Pick a particular file and keep on target side with the same file name
Hi Guys,
I have got couple of files in a folder. I need to pick only two files, I have setup BPM procedure 2 payloads merge. To keep these merged file with the same source filename.
Source side file Directory
abc_12345_20100408101029.xml (abc_seq number_timestamp.xml)
xxx12345.xml
test.xml
abc_12345_20100408101149.xml
Target Side, How do I keep with the same file name?
abc_12345_20100408111239.xml --- same file name with diffrent timestamp.
One more question: How to setup a file adapter to trigger between 2:00am to 5:00 am? in a particular time
Does anybody has got quick idea, any links etc.,
Your quick and positive response will be much appreciates.
Kind Regards
SanHi,
One more question: How to setup a file adapter to trigger between 2:00am to 5:00 am? in a particular time
For this you can Availability time planning (i.e you can schedule the file adapter to poll for the files with in the time interval i.e 2 -5)...
for generating the file name at target side you need to look for the Dynamic Configuration as you need to change the timestamp for the file..and i am not sure how this works in BPM..
in normal scenarios dynamic configuration will help....
HTH
Rajesh -
Field names with spaces in target file using fcc
Hello Friends,
My target structure fields:
MT_Target
ItemNo, ItemName, ItemQuantity, AmountValue, TotalAmount
My requirement here is - In the target file - these fields should be generated with space. Shown as below:
Item No, Item Name, Item Quantity, Amount Value, Total Amount
How can i achieve this.
Thanx
S.if i understood u correctly u want to have a header line in ut target file same as that ur field names but with a space in between??
if yes the use :
NameA.addHeaderLine=3
NameA.headerLine =Item No, Item Name, Item Quantity, Amount Value, Total Amount
http://help.sap.com/saphelp_nw04/helpdata/en/d2/bab440c97f3716e10000000a155106/content.htm -
To create 3 diff files with same content but with diff names in same target
Hi SapAll.
i have got a a requirement where pi need to create 3 different files with same content but with different names under same target from a single Idoc.
its an IDOC to 3 File Inteface.
can any body help me in providing the differnt solutions for this without use of any script executions.
will be waiitng for response.
regards.
Varma> i want to use only one communication channel to produce 3 different file names with same content ,so here i should use only one message mapping in 3 operation mappings .
This is not possible to produce 3 different file names with single CC. You have to use 3 different CCs. unless you have going to use some other trick e.g some script to rename the file etc..
As I suggested in my previous reply use Multi-Mapping Or create 3 different Interface Mappings (by using the same MM).
Note: You have to create 3 different Inbound Message Interfaces (you can use the same Inbound Message Type) otherwise while creating the 3 Interface Determination it won't allow because of same Outbound & Inbound Message Interface. It will simply say Interface alreday exists..
So, just use the Multi-Mapping which is best solution in my opinion, because the benefit of using multi-mapping are:
1. You have to create only single Message Mapping
2. Single Interface Mapping
3. Single Receiver Determination
4. Single Interface Determination
5. 3 Receiver CCs (3 you have to use in any case)
6. Performance wise it is good (read the blog's last 2 para)
7. And last but not the least easy to maintain the scenario. -
Encrypt/decrypt same file with two different passwords
Hi everyone:
I'm quite new to Java and cryptography in general and have a theoretical question. Is the following scenario possible and how would it be implemented:
Two users with two passwords (say, a regular user and a superuser) encrypt, decrypt, read from and write to the same file. The secret key for encryption and decryption should be based on their passwords (generated from their passwords), i.e. not stored anywhere on the system.
I've been racking my brains but can't think of a way. Am I missing an obvious solution?
Can it be done?
Thanks,
MichaelI don't think you can avoid having more than just a password hash stored on the system. Using a combination of my approach and Jeff's approach I can implement this as long as you allow a password protected key store to be stored on each system. A given user's key store would contain his RSA private key and associated public key together with the admin user's RSA certificate (thought the admin user's public key could be stored in the program since it does not have to be kept private). The admin user's key store would contain only his RSA private and public keys.
Assume that the data file is to be create by a standard non-admin user. His code performs the following actions -
1) Generates a random symmetric algorithm key. Say a 128 bit AES key.
2) He write a digest of this to the output file.
3) He writes the random key encrypted with his public key to the file.
4) He writes his public key (or certificate) to the file.
5) He writes the random key encrypted with the admin users public key to the file.
6) He encrypts the data using the random key writes the result to the file.
This user can then update the file by
1) reading from the file the digest of the random key.
2) reading the random key encrypted with his public key.
3) Decrypting this encrypted random key using his private key extracted from his keystore.
4) Check the digest of this key to make sure he has the correct random key.
5) skipping his certificate and the random key encrypted using the admin user's public key.
5) Decrypting the data using the random key.
6) Update the data.
7) Re-encrypt the file as described in the first part using a new random key.
The admin user can
1) read from the file the digest of the random key.
2) skip the random key encrypted using the user's public key.
3) reading the user's public key from the file (for use later if the file needs to be updated).
4) read the random key encrypted using the admin's public key.
5) decrypting the random key using the admin's private key obtained from his key store.
6) check the digest of the random key to make sure it is correct.
7) decrypt the the data.
The admin can edit the data since he can re-encrypt the data in a similar manner to the way it was created in the first place.
Maybe you are looking for
-
IPod is not read by itunes/computer
I own a 5gb 1st gen Ipod which is no longer connecting to the computer. It isnt read as a drive, and Itunes 5.0 isn't recognizing (it wasnt recognized by the prevous version either). I've tried menu/play holding to reset, that doesnt effect anything,
-
I just purchased my Mini. I installed iTunes and synced with purchase. I have old music on iTunes. Now those songs are not on iTunes but on my pad instead. I guess my question is this.... How do I put the songs I have on my pad to iTunes. When I sy
-
Hi, Can anyone let me know what is the table for physical inventory which are carried out for warehouse. I want to know the table in which my before count and after count results gets posted. Sunil
-
Wow...customer service?
Why is it so easy for you to contact me and take my money but the level of customer service you provide is non existent?
-
Concept Behind advance hour glass model
Hi, Just want to know the reason behind the incremental optimization using Advance hour glass model. how it increase the performance and what is the reason behind it. Regards Anubhav