PGP Encryption in webMethods

Has anyone used PGP encryption within webMethods? I found the following services in the WmEDIforTN package but was unable to figure out how they work:
PGP.createEncryptedData
PGP.createSignedAndEncryptedData
PGP.createSignedData
PGP.processPGPData
VAN.PGPDecoding
VAN.PGPEncoding

What I would like to do is use the internal PGP software that is built into webMethods based on the cryptix libraries instead of shelling out to GnuPG inorder to perform some of our encryption to partners that is NOT going over the VAN, but is being FTP’d.

Anyone have any ideas? Or can find any documentation on these services?

I took a look at these at one time and attempted to work with them and was unsuccessful. These services were originally put in place for use with a particular VAN (I think it was ICC.net). When I attempted to get help from webm support, I was told that the services were intended for use in Trading Networks, and should work that way. (basically if you set your partner up like that particular VAN it would work). This wouldn’t satisfy my needs in that I was dealing with non-EDI data. I ended up using GnuPG myself.

Your can try to use the write the Java service by implemented the Cryptix OpenPGP API.

http://www.cryptix.org/products/openpgp/index.html

Hi. What is the latest news regarding webMethods and secure FTP. I have been searching through wmusers and Advantage on this topic. It appears that webMethods does not support secure ftp out of the box. We need to retrieve files from a customer via FTP. The FTP options they support are:

· FTP over the Internet with PGP or GNUPG encryption
· FTP over SSL
· FTP over a Virtual Private Network (VPN)
· FTP over a secure business partner connection

I think the VPN option is out because the volume does not justify this.

Does anyone have any words of wisdom, examples, tips, comments regarding the other FTP options above ? Obviously we don’t want to reinvent the wheel so if someone can point us to the “best” solution to meet the requirements that would be great.

Regards,

Wayne

Wayne, I had a situation where I had to use SSH to allow SAP Business Connector to send/receive to/from an FTP Server (front end to Manugistics) in Calgary which is outside our firewall here in Toronto.
There was a seperate discussion that I became involved in and the following blurb is what I posted a few days ago. Maybe there is something in what I had to do that can help you.
I’m kind of new to this integration stuff. 15 yrs AS/400, now in SAP environment.
Regards, Spy.

Posted on Monday, March 08, 2004 - 12:29 pm:


Mike, et al. I got the FTP port solution to work.
I am using the SSH product to do secure transmissions between SAP Buscon 4.6 and a remote Windows 2000 FTP server outside of our LAN.
Previously, the WebConnect/Manugistics server (RS/6000 AIX) was inside our LAN and I would use pub.client FTP to send to it and it would use HTTP Invoke back to Buscon.

My solution for sending to the remote Windows 2000 FTP server (which is running WebConnect and hands off to Manu on another remote server), was to FTP the XML from within the service running in Buscon to the hard drive on the Buscon machine, and using fireCommandExec I invoked a seperate win32 batch process which used SFTP2 to send the XML file, which I had just FTP’d to disk, to the remote FTP server.

This works just fine. Getting fireCommandExec to work was a treat. I had a friend here create an executable using Delphi. I am not sure how he got it to work, considering the limitations of fireCommandExec in the java environment, but I have the Delphi source code if anyone is interested.

Manugistics creates XML files to be returned to Buscon. On Buscon I run a scheduled batch task every 15 minutes that uses SCP2 to grab any XML files from the FTP server and drops them onto Buscon.
Then the task uses FTP to send the XML via FTP listening port 8030, which I had created specifically for this purpose. The target of the FTP is the directory where my service resides i.e. /ns/Services/ShipmentInterface/Receive_and_Post
When the XML hits this directory the XML document is parsed and passed to the service, Receive_and_Post, as a node.
The service passes the document as an IDoc to SAP R/3 via ALE and invokes an ABAP program to update the SAP database.

Well, that’s it. It’s been in production now for 3 weeks and hasn’t skipped a beat.
Thanks for pointing me in the right direction Mike.

Regards, Spy.

Wayne,

I just read somewhere that PGP support has been deprecated in 6.1 so stay away from that one for future portability.

Hi. I just received news from my source deep within webMethods that a new security tech note will be available very soon on Advantage explaining how to do secure FTP using OpenPGP. A sample package will be provided. This package was developed using the GNUPG OpenPGP implementation, but others can be used by modifying a property file.

When I get more information I will post it…otherwise keep watch at Advantage.

Regards,

Wayne

Hello,
I am using the OpenPGP package provided by wm. I have GnuPGP installed on my windows2000 box and I can encrypt a given file without any issues. When I try using the DecryptFile service it times out. I took the command line contents and ran it separately and PGP prompts me to input the passphrase. So I am pretty sure the reason the wm service times out because it is not inputting the passphrase. Does any one have any thoughts on how to get around this issue?
Regards

Jonathan,

I believe this question was already answered over on webMethods Advantage.

Please see http://advantage.webmethods.com/article/?id=1610624062.

Thanks,
Nathen

I’ve successfully encrypted files with webmethods and the OpenPGP package using GnuPG. however, when our partner sent us a test file back, I got this error trying to decrypt it…

gpg: encrypted with RSA key, ID AF9C9841
gpg: decryption failed: secret key not available
gpg: encrypted with RSA key, ID AF9C9841
gpg: encrypted with RSA key, ID AF9C9841
gpg: decryption failed: secret key not available

but if I run gpg from the command line with the file…

gpg --homedir e:\webMethods6\IntegrationServer\gnupg --no-tty --armor --yes --decrypt BOFARECON

it decrypts fine. and I know the secret key is on the keyring, because it is listed when I run

gpg --list-secret-keys

so why is webmethods unable to see the secret key? anyone had a problem like this?

Luke,

You might try adding --verbose flag to the decrypt command to see what’s happening (check the openpgp.properties file for details).

– Tim

Can any One suggest the requirements for Implementing PGP on wM7.1 else it is same as wm6.5.

I doubt that it has changed much or at all. Your best two bets are probably to still either use the OpenPGP package or to write a couple of Java services using Cryptix.

We are using wM 8.2.2 and in need of PGP encryption and decryption. Can anyone share the link to download the openPGP package?.

Hello all,

In dire need of OpenPGP package provided by wm for 9.9 version.
Can anyone please share the link to get the OpenPGP package.

Need to decrypt the encrypted data provided by one of the sources and process it in wm.

awaiting reply,

Thankyou
Vishu.

Check out the Tech Community code samples section you will find your package there. Note that OpenPGP package is not support by SAG, not sure if still GCS supports its. This package was initially created in 2004 and I am sure there were no updates to it.

Also explore Active Transfer, to see if that fits your requirement.

ActiveTransfer uses PGP for file encryption during an ActiveTransfer file transfer. You can read more about how to activate File-Based Encryption for ActiveTransfer within the “Managing File Transfers with webMethods ActiveTransfer” guide.