Configuring the Encryption PGP Module

You use this procedure to configure any PI adapter module with the PGP module, and apply the appropriate algorithms for encrypting, signing, and compressing the messages.

You use this procedure to configure the Processing Sequence and Module Configuration parameters.

Procedure

In the Module Name column, enter the module name as localejbs/PGPEncryption. The module name is case sensitive.
Note
Before activating the adapter module, you have to deploy the PGP module. For example, if you want to change the encoding before transmitting an encrypted message, your module chain should look like this:
- EncodingConversionModule
- PGPEncryption Module
- Adapter module
End of the note.
In the Type column, enter the type as Local Enterprise Bean.
In the Module Configuration section, enter the values based on the description of the parameters in the table below:

Note
An error is reported if an incorrect parameter name is entered.

End of the note.

Parameter Name	Description
applyEncryption	If you want to encrypt the messages that are transferred, enter this parameter. The parameter value can either be true or false. Default parameter value is True.
applySignature	If you want to sign the messages that are transferred, enter this parameter. The parameter value can either be true or false. Default parameter value is False.
applyCompression	If you want to compress the messages that are transferred, enter this parameter. Parameter values are: None: Compression is not required. ZIP: Use ZIP format for compression. ZLIB: Use ZLIB format for compression. BZIP2: Use BZIP2 format for compression. Default parameter value is ZLIB.
encryptionAlgo	If you want to select the algorithm used for encryption, use this parameter. Parameter values are AES_128, AES_192, AES_256, BLOWFISH, CAST5, DES, 3DES and TWOFISH. Default parameter value is CAST5.
signingAlgo	If you want to select the algorithm used for signing, use this parameter. Parameter values are MD5, RIPEMD160, SHA1, SHA224, SHA256, SHA384 ,and SHA512. Default parameter value is SHA1.
format	If you want to set the format of the message that is exchanged between the sender and receiver channels, enter this parameter. The parameter value can either be text or binary. Default parameter value is Binary.
asciiArmored	If you want the messages to be ASCII-armored, enter this parameter. Parameter value can either be true or false. Default parameter value is True.
partnerPublicKey	The parameter specifies the file name of the partner’s public key. This is mandatory if the applyEncryption parameter is used in the receiver channel configuration.
ownPrivateKey	The parameter specifies the name of the file that contains the private key. This is mandatory if applySignature is used in the receiver channel configuration.
pwdOwnPrivateKey	This parameter specifies the password for accessing the private key if the messages are signed by the partner.
keyRootPath	This parameter specifies the path to the keys. This is not mandatory. The default parameter value would be usr/sap/<System ID>/<Instance ID>/sec.
dynamicFileName	This parameter dynamically configures the adapter-specific file name. For example, if you use the File adapter, this value is “FileName.”
dynamicNamespace	This parameter dynamically configures the adapter-specific namespace. For example, if you use the File adapter, this value is “http://sap.com/xi/XI/System/File.”

Note Note

You use the partner’s public key to encrypt a message and to digitally sign a message use an own private key.

End of the note.