Skip to Content
Technical Articles
Author's profile photo Former Member

SAP Cloud Integration – Dynamic PGP Encryption UserId

Requirements

With SCPI as enterprise wide middleware, multiple systems and services make use of SCPI’s transfer mechanisms to transfer encrypted data from Point A to Point B. Sometimes, there are requirements using dynamic determination on which PGP userId to user for encryption.

 

Issue

The PGPEncryptor shape does not resolve User Id set as a property or header i.e., ${property.myDynamicPGPUserId} is not resolved and thus an error is received as – com.sap.it.rt.adapter.http.api.exception.HttpResponseException: An internal server error occured: Cannot PGP encrypt message. No public encryption key found for the User Ids [${property.myDynamicPGPUserId}] in the public keyring. Either specify other User IDs or add correct public keys to the keyring..

 

Solution

Passing a dynamic value in PGP User Id can be achieved with Camel PGP headers supported by Camel framework which allow us to override values in the Camel step of PGP encryption.

Further information can be found at – PGP :: Apache Camel

We need to set the Camel Header – CamelPGPDataFormatKeyUserids of the type List<String> in our script before PGP encryption step:

def Message pgpUsername(Message message){
    List<String> pgpUsername = Arrays.asList("Your_PGP_Username_goes_here");
    message.setHeader("CamelPGPDataFormatKeyUserids",pgpUsername);
    return message;
}

 

Post this we can call the PGPEncryption step with User Id maintained as dummy user:

PGP%20Encryption%20Step

PGP Encryption Step

 

Do remember to set “Allowed Headers” in Runtime configuration of your iFlow to allow this Camel Header – CamelPGPDataFormatKeyUserids

 

Runtime%20Configuration

Runtime Configuration

 

The Camel header will override the User ID maintained within PGP encryption step and your dynamic username will take precedence. Do test and let me know if you face any issues.

Assigned Tags

      4 Comments
      You must be Logged on to comment or reply to a post.
      Author's profile photo Sunny Kapoor
      Sunny Kapoor

      Thank you Former Member for a great blog and solving one of the key ask on PGP encryption. Solution is very simple and that is what making it more useful.

      Author's profile photo Vishal Kapoor
      Vishal Kapoor

      super blog very well explained!!

      Author's profile photo Rashmi Joshi
      Rashmi Joshi

      Thanks @Aditya, nice blog 👍

      Author's profile photo Wolfram Siefke
      Wolfram Siefke

      UserIds in the PGP process steps have been "dynamized" meanwhile by supporting camel expressions.
      refer to:

      https://help.sap.com/viewer/368c481cd6954bdfa5d0435479fd4eaf/LATEST/en-US/7a07766899c84ed2bb38897e3a332032.html
      https://help.sap.com/viewer/368c481cd6954bdfa5d0435479fd4eaf/LATEST/en-US/d0dc511970b04f9bb4a844bcc3d5b89e.html