Home kellton

Main navigation

  • Services
    • Digital Business Services
      • Digital Experience
        • Product Strategy & Consulting
        • Product Design
        • Product Management
      • Product Engineering
        • Digital Application Development
        • Mobile Engineering
        • IoT & Wearables Solutions
        • Quality Engineering
      • Data Engineering & AI
        • Data Engineering
        • Data Science & ML
        • Generative AI & ChatGPT
        • Visualisation & Analytics
        • Integration & API
        • RPA
      • Cloud Engineering
        • Cloud Consulting
        • Cloud Migration
        • Cloud Managed Services
        • DevSecOps
      • NextGen Services
        • Blockchain
        • Web3
        • Metaverse
    • SAP
      • SAP Services
        • S/4HANA Implementations
        • SAP AMS Support
        • SAP Automation
        • SAP Security & GRC
        • SAP Value Added Solutions
        • Other SAP Implementations
  • Platforms & Products
    • Kellton4Health
    • Kellton4NFT
    • Kellton4Commerce
    • KLGAME
    • tHRive
    • Optima
  • Industries
    • Fintech, Banking, Financial Services & Insurance
    • Retail, E-Commerce & Distribution
    • Pharma, Healthcare & Life Sciences
    • Non-Profit, Government & Education
    • Travel, Logistics & Hospitality
    • HiTech, SaaS, ISV & Communications
    • Manufacturing, Automotive & Chemicals
    • Oil,Gas & Mining
    • Energy & Utilities
  • Insights
    • Blogs
    • Brochures
    • Success Stories
    • News / Announcements
    • Webinars
    • White papers
  • Careers
    • Life At Kellton
    • Jobs
  • About
    • About Us
    • Our Partners
    • Our Leadership
    • Testimonials
    • Investors
    • Privacy-Policy
    • Contact Us
Search

Breadcrumb

  1. Home
  2. Blogs
  3. Encryption and Decryption of Data Using Pretty ...

Encryption and Decryption of Data Using Pretty Good Privacy (PGP) with the SAP PGP Modules

SAP
November 21st , 2019
Posted By:
Digital Practice Team
linkedin
Encryption and Decryption of Data Using Pretty Good Privacy (PGP) with the SAP PGP Modules

Related Post

How blockchain-driven innovations can transform global supply chains
Blog
Breaking down barriers: How blockchain-driven innovations can transform global supply chains?
25 May, 2023
Generative AI and ChatGPT
Blog
Redefining the game: Generative AI and ChatGPT unlock new possibilities across industries
11 May, 2023
android testing frameworks
Blog
Best Android automated app testing frameworks in 2023
08 May, 2023

PGP is one of the most commonly-used encryption and decryption mechanism used in data transmission across internal and external systems. SAP PI/PO provides out-of-the-box functionality via Adapter Modules to support PGP— utilized to encrypt or decrypt data as well as sign it. Public keys (safe to share) are used to encrypt messages while private keys (must not be shared) are used to decrypt the messages. 
 

PGP Modules

 

1. PGPEncryption Module
 

The PGPEncryption module functions as the originator of PGP messages. It is used for the following activities:
 

  • Data Encryption 
     
  • Payload Signature 
     
  • Data Compression 
     

The PGPEncryption module is configured under the ‘modules’ tab in the receiver communication channel. It can be used in every communication channel that supports enhancement via modules (e.g. File, SFTP, JMS, SOAP, etc.)
 

PGP Encryption Module Configuration
 

Options for PGP Encryption

Parameter NameDescription
applyEncryptionSet to true if you want to encrypt the outgoing message
applySignatureSet to true if you want to sign the outgoing message
applyCompressionSet to true if you want to compress the outgoing message
encryptionAlgoSpecify the algorithm to be used for encryption
signingAlgoSpecify the algorithm to be used for signature
asciiArmoredSet to true if you want the message to be ASCII armored
partnerPublicKeyUsed to specify the public key of the partner
ownPrivateKeyUsed to specify your own private key (never share this key with anyone)
pwdOwnPrivateKeyPassword for your own private key (never share this password with anyone)
keyRootPathPath where PGP keys are stored (if storing keys on PI/PO server)
useSecureStorageSet to true if you want to use PGP keys stored in B2B integration cockpit

 

2. PGPDecryption Module
 

The PGPDecryption module functions as the subscriber of PGP messages. It is used for the following tasks:
 

  • Data Decryption
     
  • Signature verification
     
  • Data Decompression 
     

The PGPDecryption module is configured under the ‘modules’ tab in sender communication channel. It can be used in every communication channel that supports enhancement via Modules (e.g. File, SFTP, JMS, SOAP, etc.)

 

PGP Decryption Module
 

Options for PGPDecryption
 

Parameter Description
partnerPublicKeyUsed to specify the public key of the partner
ownPrivateKeyUsed to specify your own private key (never share this key with anyone)
pwdOwnPrivateKeyPassword for your own private key (never share this password with anyone)
keyRootPathPath where keys are stored (if storing keys on PI/PO server)
useSecureStorageSet to true if you want to use PGP keys stored in B2B integration cockpit

 

Managing PGP Modules
 

The PGP Keys (private as well as public) can either be stored in NetWeaver J2EE server's Secure Store or on the file server where PI/PO is installed. Storing keys in secure store provides better and more secure options as compared to the local file server.
 

1. Secure Store of NetWeaver J2EE Server (Recommended Approach)
 

When keys are stored in Secure Store, the encryption and maintenance of keys are done using the B2B Integration Cockpit. It can be accessed via a web browser and provides an excellent user interface to upload/download keys. Currently, you can only import/export PGP keys in Secure Store. It does not provide an option to generate PGP key pairs.

When using this approach, you need to set ‘useSecureStore’ option in the adapter module to ‘true’ to let the system know where the keys are stored. 
 

B2B Integration

2. Storing Keys on a File Server of SAP PI/PO (Not Recommended)
 

Even though PI/PO allows keys to be stored on the file server, it is not advisable to do so. Using this approach may keep your keys exposed to anyone who has access to the server. Private keys must be stored in a safe location and must not be shared with anyone. Public keys can be freely shared across systems.  If you decide to store your keys on the file server, you must set ‘useSecureStore’ to ‘false’ and provide the physical location of the key in the adapter module.
 

Conclusion


By using SAP PGP Adapter Modules, you can successfully encrypt, decrypt, and sign your data. Most of the industry-standard encryption algorithms are supported and depending upon your licensing agreement with SAP, you may be able to download these modules without any additional costs.

Posted By:
Digital Practice Team
linkedin

Want to know more?

sap banner image
Blog
Business benefits of SAP Fiori: The driver of excellence in user experience (UX)
24 Apr, 2023
SAP BTP
Blog
How can SAP BTP help enterprises become more intelligent?
17 Apr, 2023
Business processes with SAP S4 HANA
Blog
Automating and optimizing business processes with SAP S/4 HANA
10 Apr, 2023

Leading you through Digital Transformation journey

North America: +1.844.469.8900

Asia: +91.124.469.8900

Europe: +44.203.807.6911

Email: ask@kellton.com

Footer menu right

  • Digital Experience
  • Data Engineering & AI
  • Nextgen Services
  • About
  • Contact

Footer Menu Left

  • Product Engineering
  • Cloud Engineering
  • SAP Services
  • Careers
  • Success Stories

© 2023 Kellton