Skip to Content
Can we encrypt data with ABAP? I had been trying to find something out-of-box for a sometime. As usual I was searching SDN for some useful solutions, I found a code posted by Urgent Requirement: Encryption/Decryption in SAP in the forums and some pointer by Issuing cookies to the Class CL_HARD_WIRED_ENCRYPTOR. I just wanted to give a try to this one and to admit it was so easy to use. In this weblog I just take you through a simple example which uses all uses all the encryption and decryption methods of this class.

Declaration & Initial Part

Encryption – String to String

Decryption – String to String

Encryption – String to Byte

Decryption – Byte to String

Encryption – Bytes to Bytes

Decryption – Bytes to Bytes

The Result

Adding to this there are methods for BASE64 encoding and decoding of binary data as well. Hope this is a very simple to use class for the encryption & decryption of data.

To report this post you need to login first.


You must be Logged on to comment or reply to a post.

  1. H. Senden
    Hi Kathirvel,

    a very nice blog, but i cannot try it on my system. It’s a WAS 6.20 abap system, and the cl_hard_wired_encryptor class is unknown.


    1. Peter Inotai
      Hi Kathirvel,

      I agree with Hans, it’s a very useful blog. I wasn’t aware of this class.
      I couldn’t find this class on our 6.20 system only on our 6.40 system.
      Do you have an official info about this class availablilty? Is it possible to get it via SP to 6.20?

      1. Kathirvel Balakrishnan Post author
        Hi Hans & Peter
        Thanks for your comments. Yes you are right this class is available only from 6.40. I got this information from Thomas’s reply in the forum thread Issuing cookies
        I could not find any offcial information for this class availability or getting it via SP to SP to 6.20 at Service Market Place.
        I know this could be a disappointment, but there are some examples by Rich in the below thread Urgent Requirement: Encryption/Decryption in SAP This could work in your 6.20 system. Its worth a try.


        1. Peter Inotai
          Hi Kathirvel,

          Thanks for the info. It would be nice if SAP would a downport for this. Even there is kernel dependencied, most of the BC 6.20 system running with 6.40 kernel.
          However I don’t think it will happen, as 6.20 is already an “old” release. 🙁


            1. Peter Inotai
              Hi Anton,

              You’re right.
              I didn’t check what is inside of this class. Now I can see that there is no “magic” inside. So it’s not a big deal to downport to a Z-class.
              However now it’s also clear based on the previous comment, that it wouldn’t make too much sense as this class doesn’t provide “real” encryption.


  2. Nigel James
    If it is real encryption you are looking for then I would keep looking. The good thing about abap being ‘open source’ is that you can see this is just a XOR algorithm and would be very easily broken. Each byte is simply being XORed with 0x74 and the order is being reversed with a byte at the front as a marker.

    I wouldn’t trust anything I expected to keep secure with this.

    Hope this helps,

    1. Peter Inotai
      It seems guys in Walldorf are quite funny based on CL_HARD_WIRED_ENCRYPTOR->RUN_TEST “check string-to-string algorithms” part.
      Check the value of the ‘string_in’ :-)))
      1. Michael Nicholls
        Hmm, Google translate gives this as “Outer one weia, the **** does not put eggs”. I assume this is a doubly encrypted (or at least doubly obfuscated) message, as it makes no sense in English!
  3. Jabin G George

    Hi Kathirvel,

    Well Explained.

    My requirement is to hide my ABAP code in other systems. I want to assign a tcode to the program and don’t want to give code readability of my source code.

    It would be great if you can provide some inputs..!! 🙂

    Thanks in advance. !!


    1. Wolfgang Janzen

      Hi Jabin,

      I would not call ABAP to be “open source” but I’d state that it’s intended that ABAP coding is always visible. By intend there’s no mechanism to hide your ABAP coding.

      If you want to ensure that someone can only use your service but will not gain access to the source code, then you might consider to provide a cloud service. Or (classic on-Premise) to provide an executable which acts as RFC server and which can be called from ABAP programs.

      Regards, Wolfgang


Leave a Reply