Java SSF for Digital Signatures and Document Encryption

Similar Messages

• Digital Signatures and Document Encryption api

  Hello Expert,
  From which SAP NETWEAVER 7.0 SPS  Digital Signatures and Document Encryption api  is supported ?
  I found  Javadocs for  SAP NetWeaver 04 SPS15.Is this api supported from SPS 15  or prior to SPS 15   also?
  Regards,
  Kubra Fatima.

  Hello Francesco,
  I want to  generate a digital signature (PKCS#7,XML) using SAP SSF API as explained in
  http://help.sap.com/saphelp_nw04/helpdata/en/4f/65c3b32107964996a56e4165077e24/content.htm and in Amol Joshi's reply in
  Digital Signatures and Document Encryption api
  so my question  is From which PI/XI version and its SPS this SAP SSF LIBRARY is supported ?
  Kind Regards,
  Kubra fatima.

• Digital Signatures and Email Encryption on iPhone

  One of our clients has implemented a policy whereby all email communications with vendors must be digitally signed and encrypted. I know SSL allows the iPhone to create an encrypted connection to the email server. However, is there a way to actually digitally sign and encrypt an email sent via the iPhone...or to receive a digitally signed or encrypted email on the iPhone?

  Maybe there is a separate email client app in the App Store that supports PGP or S/MIME (the built-in email doesn't).

• Configuring SSF for Digital Signature.

  Hi, All,
  I m created a Status network for docuemnt.
  For 'release' status i fixed Signaure Strategy.
  For 'Releasing ' the document the authorized person should 'sign' ie digital signaure.
  During digiatal Signature, the system gives this mensage 'SSF information for the SAP user not found'
  note:I have only one signaure for 'Release' status.
  How i can config SSF
  Rgds,
  Ben

  Hi,
  I think this link will help you.
  http://help.sap.com/saphelp_nw70/helpdata/en/53/251a355d0c4d78e10000009b38f83b/frameset.htm
  Regards,
  Sunny

• Digital signatures and view document througt URL

  Hello together,
  We use status document and digital signatures workflow and we canu2019t use URL link to documents which have been approved. In browseru2019s window I see digital signatures information and error :u201DHTTP 404 the web page cannot be foundu201D.
  In transaction SOLAR01, SOLAR02 when, I display approved document, at first I see the windows with digital signatures information and then, after push enter - required document.
  If document in status u201Cin progressu201D we donu2019t have problem.
  Could you help me to resolve this problem or disable windows with signatures information?

  Hello Francesco,
  I want to  generate a digital signature (PKCS#7,XML) using SAP SSF API as explained in
  http://help.sap.com/saphelp_nw04/helpdata/en/4f/65c3b32107964996a56e4165077e24/content.htm and in Amol Joshi's reply in
  Digital Signatures and Document Encryption api
  so my question  is From which PI/XI version and its SPS this SAP SSF LIBRARY is supported ?
  Kind Regards,
  Kubra fatima.

• Digital Signatures and APEX

  Has anyone had any success implimenting digital signatures (PKI) within APEX?
  Here is a brief synapsis of what we are looking to accomplish and realize that third-party hardware/software might be necessary. We require users to login using LDAP credentials. We want them to be able to generate documents (i.e. PDF, Word, or Excel) from our application data. We want the users to have the ability to Digitally Sign their documents. We will be issuing individual private keys & certificates and we are considering generating the documents as XML. We are still in requirements gathering, but wanted to explore any and all capabilities within APEX.
  Any thoughts? Thanks.

  Hello Francesco,
  I want to  generate a digital signature (PKCS#7,XML) using SAP SSF API as explained in
  http://help.sap.com/saphelp_nw04/helpdata/en/4f/65c3b32107964996a56e4165077e24/content.htm and in Amol Joshi's reply in
  Digital Signatures and Document Encryption api
  so my question  is From which PI/XI version and its SPS this SAP SSF LIBRARY is supported ?
  Kind Regards,
  Kubra fatima.

• Digital Signatures and Security Policies

  Is there a way to combine a digital signature and a Security Policy. We have a need to digitally sign a document, but not allow that signature to be removed and to not allow any further editing of the document?

  Hello Francesco,
  I want to  generate a digital signature (PKCS#7,XML) using SAP SSF API as explained in
  http://help.sap.com/saphelp_nw04/helpdata/en/4f/65c3b32107964996a56e4165077e24/content.htm and in Amol Joshi's reply in
  Digital Signatures and Document Encryption api
  so my question  is From which PI/XI version and its SPS this SAP SSF LIBRARY is supported ?
  Kind Regards,
  Kubra fatima.

• Digital Signatures and Coldfusion

  I want to add a digital signature field (3 to be exact) to a PDF file that I
  generate via coldfusion (via the cfdocument tag), OR use a form built in livecycle that once it is signed by the first person, the only allowable changes to the form are the second and third digital signature.
  Any help would be appreciated as digital signatures are not handled in cfdocument as well (at all) as I had hoped.
  Thanks,
  Drew

  Hello Francesco,
  I want to  generate a digital signature (PKCS#7,XML) using SAP SSF API as explained in
  http://help.sap.com/saphelp_nw04/helpdata/en/4f/65c3b32107964996a56e4165077e24/content.htm and in Amol Joshi's reply in
  Digital Signatures and Document Encryption api
  so my question  is From which PI/XI version and its SPS this SAP SSF LIBRARY is supported ?
  Kind Regards,
  Kubra fatima.

• Digital Signature and Encryption using IAIK

  What support does Netweaver provide for Digital Signatures and Encryption. Does it use IAIK for implementing security. It will be good if somebody could give some starting points.

  Welcome to SDN!!!
  Starting point: http://service.sap.com/security
  You can use sapcryptolib (provided by SAP) for Digital Signatures and Encryption. (Also described in the link mentioned above).
  Regards
  Juergen

• PKI- Digital signature and doc cypher

  Hello everybody, I have a problem and I need help please. This is my situation:
  I would like to cypher a world document and add a digital signature. I want to use certificates to do so. That is why I have developed a PKi in order to get certificates to use digital signature and ASYMMETRIC encryption. I have to add that I am trying to assure
  non repudiation, integrity and confidentiality of word documents.
  Is there any way to do it? if so, how can i do it and what software application do you recommend? thanks!

  As Elke explains and shows via that link, that informs you how to digitally sign a document.  However a digital signature only provides non-repudiation and integrity of a document, not confidentiality.  Symmetric Encryption is needed for that. 
  You would not use Asymmetric encryption to bulk encrypt files, it would be too slow.
  Unfortunately there is no easy way to symmetrically encrypt files with the tools available in modern Windows distributions.  Personally I would digitally sign the document, then use a tool like 7-Zip
  to encrypt them with AES-256 and a passphrase, or to go one better than that use Symantec Encryption Desktop. Using the latter allows you to do encrypt either with a passphrase, or with
  your targets PGP public key (that does of course assume they are also using PGP) so that only they can decrypt it with their private half.
  Also signing an Office document (or PDF for that matter) with an internal PKI certificate is only valuable if the documents are internally distributed within the same organisation, or when the other organisation(s) trust your root CA certificate, otherwise
  they will not be able to verify the signature (think of it like the error in your browser with the red X stating there is a problem with your certificate).
  I'm not quite sure what your use case is, but if it's just for distributing internal documents then no problem.  Otherwise you'll have to get a document signing certificate from a vendor like
  GlobalSign who have a trusted root certificate which ships with most operating systems so that anyone who receives the document can verify it.
  D

• Use of active directory userid/password authentication instead of SAP R/3 User/Password for digital signature?

  Dear all,
  I am looking to setup the use of active directory userid/password authentication instead of SAP R/3 User/Password for digital signature. We SSO to the backened ABAP AS via an SAP NW Portal to which SPNEgo kerberos authentication is setup. Today we specify R3 user id/password to digitally approvae a lot release. The idea is to have users maintain one AD password and don't have to remember the R/3 password anymore and also our Security team to avoid password maintenance.
  I know there are 3 options for digital signature and
  System signature with authorization by user ID and password (We use this currently)
  Digital User signature with verification - (We would like to use this with AD userid/password, so the system still ask the users their AD userid/password for the authentication when they try to "sign" a document.)
  User signature without verification
  Do you think there is a way to configure the system in order to ask and check the active directory userid/password instead of SAP R/3 password? Where can I found documentation about it ?
  I have several different versions of AS ABAP starting from NW 7.02 to NW 7.31.
  My active directory is based on Windows 2008.
  Thanks in advance!!
  Dhee

  Actually enabling Kerberos for SSO purposes and enabling Kerberos for digital signatures are two different topics although the latter is because of the former. I'm interested in the topic as well and I'm currently looking at different options. SAP provides a BAdI for the digital signature API which can be used for external authentication but they do not provide the solution to invoke Kerberos authentication based on username and password. SAP provides a semi solution with NWSSO 2.0 SP2 which works only on Windows with classic dynpros meaning SAP GUI for Windows is assumed. The solution is based on an ActiveX component which does the actual Kerberos authentication using the Secure Login Client which is part of the NWSSO suite. Extending that implementation to non-Windows and non-GUI applications would require some sort of web enabled service that could be used to authenticate the user with username and password. In case authentication is successful, a Kerberos token would be returned to SAP which would then be validated. All the required pieces are there since SAP has Kerberos support now in both stacks of the NetWeaver Application Server, some bits are still missing though which leaves customers looking at 3rd party or custom solutions.

• Digital Signature error - "Document could not be signed"

  I have a servlet (from the documentation sample) the rendered my form online. My form was saved from Designer as Acrobat 7.0.5 Static PDF Form File and then I applied Reader Extensions to it to allow for Digital Signatures and Basic Form Fill In. When I try to digitall sign the form, I get the error:
  "The document could not be signed."
  "There was an error when attempting to commit this signature. The document was not saved."
  "A file error has occurred."
  Anyone know what this means and how do I fix it??
  I am using Acrobat Reader 7.0.8, so maybe that is the problem, but I won't know what version Reader my user's will have, so it needs to work in many versions.
  If I don't sign the form, I can submit it where a second servlet saves the form to a file and this happens successfully.
  Thank you,
  Jennifer

  Hello Rob,
  Thanks for the reply.
  Actually, there is a bug with Reader and Form Rendered forms - at least with already extended pdf forms that get rendered via Form Server.
  So, I hope this makes sense, but this is what I have determined (this is all done with viewing the EXTENDED PDF form WITHIN a WEB BROWSER):
  If I use a simple hyperlink (i.e. plain html anchor tag) to my PDF form, I can digitally sign the form with no problem within in all 7.x versions of Reader.
  If I utilize Form Server code (tested with local EJBClient and then remote JBoss using SOAPClient) then the results vary:
  Reader 7.0.0 - I could successfully sign the form
  Reader 7.0.5 - I could successfully sign the form
  Reader 7.0.7 - I could NOT sign the form
  Reader 7.0.8 - I could NOT sign the form
  Reader 8.0.0 - I could successfully sign the form
  So, you can see in version 7.0.7 and 7.0.8, one cannot digitally sign a form if it was rendered via Form Server and viewing the form in the web browser, but I can sign it just fine if I display the form via a simple html hyperlink, so that is what I am doing now.
  I had this same issue when using Workflow server, but that was easy enough to apply the Reader Extension QPAC over and over as needed. I need these forms to be submitted on a remote server and haven't figured out yet how to apply the Reader Extension remotely yet.
  I hope this helps.
  Jennifer

• Looking for "PDF Public-Key Digital Signature and Encryption Specification"

  Hi,
  i am looking for the following ("old") document:
  PDF Public-Key Digital Signature and Encryption Specification
  Originally i could be found here:
  http://partners.adobe.com/asn/developer/acrosdk/DOCS/ppk_pdfspec.pdf
  But not anymore. Does somebody of you still have it? Adobe today just offers the latest documents but i specifically need that older version.
  Or is there an archive i don't know of?
  Thanks for your help,
  ToM

  You can read the PDF 1.5 specification OR even ISO 32000-1 itself for that information. Each feature is "tagged" with the specific version in which it was introduced.
  Digital Signatures were first introduced in Acrobat 4 (PDF 1.3) and have seen various improvements which each version since.

• Digital Signatures and Encryption in Yosemite Mail

  After upgrading to Yosemite, I am having difficulty using the Mac Mail app to send digitally signed and encrypted email.
  Before the upgrade to Yosemite, I was able to send signed and encrypted emails using certificate/keys in my keychain using both the Mac Mail app and Microsoft Outlook 2011 for Mac.
  After upgrading, I am still able to send signed and encrypted message in Outlook, but the Mac Mail app gives the following error when I attempt to send a signed email:
  'You don’t have a trusted certificate in your keychain that matches the email address “XXXX@XXXX”. Without a certificate, you can’t sign messages sent from this address.'   (Actual name replaced)
  When I look at my certificates in my keychain, a certificate is available with "Usage: Digital Signature" that has the email address from the error message "XXXX@XXXX" with exact case in the RFC 822 Name.
  Another interesting piece of data that might help track this down is that when I first launch the Mac Mail application, the Mac Mail application is able to successfully decrypt emails that have been previously sent encrypted to me.  HOWEVER, after I attempt to send an email and get the "You don’t have a trusted certificate..." error message, these emails are no longer able to be decrypted.  I get the "Unable to decrypt message" header above the message and the content of the message is just a "smime.p7m".  If I close the mail application and restart it, these encrypted message are once again decrypt-able until I attempt to send a message.
  It almost seems like things are working until mail tries to access the keychain.
  I have attempted to delete my certificate and keys from my keychain and then adding those items again.
  I have attempted to close the mail application and reopen it.
  I have attempted to reboot my computer.

  1.  I want to confirm that this is still an issue for me in 10.10.1 and mail Version 8.1 (1993)
  2.  I have another data point.
  At my office I have wired networking and wireless networking available.  Primarily I utilize the wired networking for access to network drives, etc.
  When using the wired networking, I experience all the problems that have been catalogued in this thread.  Can't sign, can't encrypt, can't close the compose window after the mail program fails to find my certificate.
  However, when I switch to wireless networking before starting the mail application, digital signatures and encryption seem to work!  This is pretty weird behavior.  Make sure to restart mail if you were previously wired.
  Here are some theories:
  Something to do with OCSP?  When I am wired vs wireless I am on different ip subnets and subject to different firewall rule sets.  Perhaps OCSP is trying to determine the status of the certificate and failing? 
  Here are some things I have tested:
  I switched to a different official apple brand thunderbolt to ethernet adapter with no change in behavior
  I disabled wireless and disconnected my wired network.  So no network access at all.  Signatures and encryption work!  The message obviously does not send, but it appears in my outbox and I don't get the signature error.  When I reconnect my wired cable, the message sends successfully and appears as encrypted in my sent folder!
  I have attempted to disable OCSP by using "Keychain Access --> Preferences --> Certificates Tab --> OCSP (OFF) and CRL (OFF)" but this hasn't made a difference in the behavior of wired networking.
  Ran a TCPDUMP on traffic to the OCSP service but didn't see any traffic when I attempted to send a message and received the signature error
  I am pretty stumped on this.  This is very odd behavior
  Does anyone else experience this behavior?

• Digital Signatures and Encryption

  I recently attended the webinar on Web Services interoperability w/ .NET. The
  presenter mentioned that digital signatures and encryption did not work w/ Workshop
  8.1. Is it fixed in 8.1 SP2? Also, are there any interoperability issues w/
  .NET and Workshop using digital signatures and encryption.

  Hi Amber,
  The work is based on the finalization and imminent publication of the
  wsse Oasis spec. This is targeted for WLS 8.1 SP3, and you can contact
  our outstanding support organization, reference CR134931, for details.
  Regards,
  Bruce
  Amber Osterman wrote:
  >
  I recently attended the webinar on Web Services interoperability w/ .NET. The
  presenter mentioned that digital signatures and encryption did not work w/ Workshop
  8.1. Is it fixed in 8.1 SP2? Also, are there any interoperability issues w/
  NET and Workshop using digital signatures and encryption.