PGPDecryption Module: A Simple How to Guide
This in continuation of the blog PGPEncryption Module: A Simple How to Guide.
In the earlier blog, we had signed and encrypted a file. In this blog, we will see how we can decrypt that file and read the original content.
High Level Scenario:
Basics of Decryption:
1. Decryption only
In case of decryption, we will need to use our private key and its passphrase. There is no need to exclusively specify the algorithm as it will be automatically detected by the module.
2. Decrypt and Verify
Here along with our private key and passphrase, we need to provide the partners public key for verifying the signature of the sender. There is no need to provide any algorithm information specifically in this case too.
Sender communication channel configuration:
In the above, we have used our private key secring.skr along with its passphrase for decryption and the partners public key didikey.pkr for verifying the sender signature.
Even though I have used the file adapter in the blogs, please note that the PGP Modules can be used along with other adapters also. By default, all the keys can be stored on the OS level at the path ‘usr/sap/<System ID>/<Instance ID>/sec‘. But if required, you can store them in a different location and then use the parameter keyRootPath to specify the path in the module configuration. Note that the path and the keys should be accessible by the user <SID>adm.