Difference between revisions of "SAP ABAP ENCRIPTACION"

From SapWiki
Line 1: Line 1:
 
==Ejemplo AES 256 mode CBC==
 
==Ejemplo AES 256 mode CBC==
  <nowiki> *&---------------------------------------------------------------------*
+
  <nowiki>*&---------------------------------------------------------------------*
*& Report YENCRIPT2_DO
+
*& Report YENCRIPT2_DO
*&---------------------------------------------------------------------*
+
*&---------------------------------------------------------------------*
*&
+
*&
*&---------------------------------------------------------------------*
+
*&---------------------------------------------------------------------*
REPORT yencript2_do.
+
REPORT yencript2_do.
* equivale a AES 256 mode CBC
+
* equivale a AES 256 mode CBC
* basado en CL_SEC_SXML_WRITER=>CRYPT_AES_CTR
+
* basado en CL_SEC_SXML_WRITER=>CRYPT_AES_CTR
* para test https://www.devglan.com/online-tools/aes-encryption-decryption
+
* para test https://www.devglan.com/online-tools/aes-encryption-decryption
 
DATA: blocksize  TYPE i
 
    , keysize    TYPE i
 
    , cipher    TYPE xstring
 
    , block      TYPE xstring
 
    , rest      TYPE i
 
    , offset    TYPE i
 
    , l_iv      TYPE xstring
 
    , emptyiv    TYPE xstring
 
    , counter(4) TYPE x
 
    , ctroffset  TYPE i
 
    .
 
DATA iv TYPE xstring.
 
DATA key TYPE xstring.
 
DATA input TYPE xstring.
 
DATA result TYPE xstring.
 
DATA l_plaintext TYPE string.
 
DATA l_plaintext_x TYPE xstring.
 
DATA l_key TYPE string.
 
DATA l_key_x TYPE xstring.
 
DATA lv_message TYPE xstring.
 
DATA lv_message_decrypted TYPE xstring.
 
DATA lr_xstring TYPE xstring.
 
DATA l_base64 TYPE string.
 
DATA lv_message_string TYPE string.
 
DATA i_iv TYPE xstring.
 
DATA: lf_bindata TYPE xstring.
 
  
  *--------------------------------------------------------------------*
+
DATA: blocksize TYPE i
*
+
    , keysize    TYPE i
*--------------------------------------------------------------------*
+
    , cipher    TYPE xstring
* ejemplo: archivo JSON o XML
+
    , block      TYPE xstring
PARAMETERS gf_xfile TYPE string LOWER CASE.
+
    , rest      TYPE i
+
    , offset    TYPE i
*--------------------------------------------------------------------*
+
    , l_iv      TYPE xstring
AT SELECTION-SCREEN ON VALUE-REQUEST FOR gf_xfile.
+
    , emptyiv    TYPE xstring
*--------------------------------------------------------------------*
+
    , counter(4) TYPE x
  DATA: window_title TYPE string.
+
    , ctroffset  TYPE i
+
    .
  window_title = 'Archivo de entrada'.
+
DATA iv TYPE xstring.
  cl_secxml_helper=>file_f4(
+
DATA key TYPE xstring.
    EXPORTING window_title = window_title
+
DATA input TYPE xstring.
    IMPORTING filename = gf_xfile ).
+
DATA result TYPE xstring.
+
DATA l_plaintext TYPE string.
*--------------------------------------------------------------------*
+
DATA l_plaintext_x TYPE xstring.
START-OF-SELECTION.
+
DATA l_key TYPE string.
*--------------------------------------------------------------------*
+
DATA l_key_x TYPE xstring.
+
DATA lv_message TYPE xstring.
*--------------------------------------------------------------------*
+
DATA lv_message_decrypted TYPE xstring.
* read xml data
+
DATA lr_xstring TYPE xstring.
*--------------------------------------------------------------------*
+
DATA l_base64 TYPE string.
  IF gf_xfile IS NOT INITIAL.
+
DATA lv_message_string TYPE string.
    cl_secxml_helper=>upload_file(
+
DATA i_iv TYPE xstring.
        EXPORTING filename = gf_xfile
+
DATA: lf_bindata TYPE xstring.
        IMPORTING bindata = lf_bindata ).
+
 
  ENDIF.
+
*--------------------------------------------------------------------*
+
*
  blocksize = 16.
+
*--------------------------------------------------------------------*  
  keysize  = 32.
+
* ejemplo: archivo JSON o XML
  ctroffset = 12.
+
PARAMETERS gf_xfile TYPE string LOWER CASE.
  emptyiv  = '00000000000000000000000000000000'.
+
 
+
*--------------------------------------------------------------------*
  i_iv = emptyiv.
+
AT SELECTION-SCREEN ON VALUE-REQUEST FOR gf_xfile.
  l_key = '12345678901234567890123456789012'.
+
*--------------------------------------------------------------------*
  l_key_x = cl_abap_hmac=>string_to_xstring( l_key ).
+
  DATA: window_title TYPE string.
+
 
  IF lf_bindata IS INITIAL.
+
  window_title = 'Archivo de entrada'.
    l_plaintext = 'Texto a encriptar'.
+
  cl_secxml_helper=>file_f4(
    l_plaintext_x = cl_abap_hmac=>string_to_xstring( l_plaintext ).
+
    EXPORTING window_title = window_title
  ELSE.
+
    IMPORTING filename = gf_xfile ).
    MOVE lf_bindata TO l_plaintext_x.
+
 
  ENDIF.
+
*--------------------------------------------------------------------*
+
START-OF-SELECTION.
  iv = i_iv.
+
*--------------------------------------------------------------------*
  key = l_key_x.
+
 
  input = l_plaintext_x.
+
*--------------------------------------------------------------------*
+
* read xml data
  IF xstrlen( iv ) NE blocksize OR xstrlen( key ) NE keysize.
+
*--------------------------------------------------------------------*
    WRITE:/ 'error en llave o IV'.
+
  IF gf_xfile IS NOT INITIAL.
    RETURN.
+
    cl_secxml_helper=>upload_file(
  ENDIF.
+
      EXPORTING filename = gf_xfile
+
      IMPORTING bindata = lf_bindata ).
  rest = xstrlen( input ).
+
  ENDIF.
  IF rest < 1.
+
 
    RETURN. "nothing to encrypt
+
  blocksize = 16.
  ENDIF.
+
  keysize  = 32.
+
  ctroffset = 12.
*--------------------------------------------------------------------*
+
  emptyiv  = '00000000000000000000000000000000'.
* encrypt
+
 
*--------------------------------------------------------------------*
+
  i_iv = emptyiv.
  CALL METHOD cl_sec_sxml_writer=>encrypt_iv(
+
  l_key = '12345678901234567890123456789012'.
    EXPORTING
+
  l_key_x = cl_abap_hmac=>string_to_xstring( l_key ).
      plaintext  = input
+
 
      key        = key
+
  IF lf_bindata IS INITIAL.
      iv        = iv
+
    l_plaintext = 'Texto a encriptar'.
      algorithm  = cl_sec_sxml_writer=>co_aes256_algorithm_pem
+
    l_plaintext_x = cl_abap_hmac=>string_to_xstring( l_plaintext ).
    IMPORTING
+
  ELSE.
      ciphertext = cipher ).
+
    MOVE lf_bindata TO l_plaintext_x.
+
  ENDIF.
* padding
+
 
  lr_xstring = cipher+blocksize.
+
  iv = i_iv.
+
  key = l_key_x.
*--------------------------------------------------------------------*
+
  input = l_plaintext_x.
* codificar archivo encriptado en BASE64
+
 
*--------------------------------------------------------------------*
+
  IF xstrlen( iv ) NE blocksize OR xstrlen( key ) NE keysize.
  PERFORM encode_base_64x USING lr_xstring CHANGING l_base64.
+
    WRITE:/ 'error en llave o IV'.
+
    RETURN.
*--------------------------------------------------------------------*
+
  ENDIF.
* decrypt message
+
 
*--------------------------------------------------------------------*
+
  rest = xstrlen( input ).
  cl_sec_sxml_writer=>decrypt(
+
  IF rest < 1.
    EXPORTING
+
    RETURN. "nothing to encrypt
      ciphertext = cipher
+
  ENDIF.
      key =        l_key_x
+
 
      algorithm =  cl_sec_sxml_writer=>co_aes256_algorithm_pem
+
*--------------------------------------------------------------------*
    IMPORTING
+
* encrypt
      plaintext = lv_message_decrypted ).
+
*--------------------------------------------------------------------*
+
  CALL METHOD cl_sec_sxml_writer=>encrypt_iv(
  " convert xstring to string for output
+
    EXPORTING
  cl_abap_conv_in_ce=>create( input = lv_message_decrypted )->read( IMPORTING data = lv_message_string ).
+
      plaintext  = input
+
      key        = key
  " output secret message
+
      iv        = iv
  WRITE lv_message_string.
+
      algorithm  = cl_sec_sxml_writer=>co_aes256_algorithm_pem
+
    IMPORTING
*----------------------------------------------------------------------*
+
      ciphertext = cipher ).
*      FORM .......
+
 
*----------------------------------------------------------------------*
+
* padding
*      text
+
  lr_xstring = cipher+blocksize.
*----------------------------------------------------------------------*
+
 
*  -->  p1        text
+
*--------------------------------------------------------------------*
*  <--  p2        text
+
* codificar archivo encriptado en BASE64
*----------------------------------------------------------------------*
+
*--------------------------------------------------------------------*
FORM encode_base_64x USING p_xstring TYPE xstring
+
  PERFORM encode_base_64x USING lr_xstring CHANGING l_base64.
                  CHANGING p_string_base64 TYPE string.
+
 
  DATA: l_http_utility TYPE REF TO cl_http_utility.
+
*--------------------------------------------------------------------*
  DATA: l_string TYPE string.
+
* decrypt message
+
*--------------------------------------------------------------------*
  CREATE OBJECT l_http_utility.
+
  cl_sec_sxml_writer=>decrypt(
+
    EXPORTING
  CALL METHOD l_http_utility->encode_x_base64
+
      ciphertext = cipher
    EXPORTING
+
      key =        l_key_x
      unencoded = p_xstring
+
      algorithm =  cl_sec_sxml_writer=>co_aes256_algorithm_pem
    RECEIVING
+
    IMPORTING
      encoded  = p_string_base64.
+
      plaintext = lv_message_decrypted ).
ENDFORM.</nowiki>
+
 
 +
  " convert xstring to string for output
 +
  cl_abap_conv_in_ce=>create( input = lv_message_decrypted )->read( IMPORTING data = lv_message_string ).
 +
 
 +
  " output secret message
 +
  WRITE lv_message_string.
 +
 
 +
*----------------------------------------------------------------------*
 +
*      FORM .......
 +
*----------------------------------------------------------------------*
 +
*      text
 +
*----------------------------------------------------------------------*
 +
*  -->  p1        text
 +
*  <--  p2        text
 +
*----------------------------------------------------------------------*
 +
FORM encode_base_64x USING p_xstring TYPE xstring
 +
                  CHANGING p_string_base64 TYPE string.
 +
  DATA: l_http_utility TYPE REF TO cl_http_utility.
 +
  DATA: l_string TYPE string.
 +
 
 +
  CREATE OBJECT l_http_utility.
 +
 
 +
  CALL METHOD l_http_utility->encode_x_base64
 +
    EXPORTING
 +
      unencoded = p_xstring
 +
    RECEIVING
 +
      encoded  = p_string_base64.
 +
ENDFORM.</nowiki>
  
 
[[Category:ABAP]]
 
[[Category:ABAP]]

Revision as of 20:30, 4 April 2020

Ejemplo AES 256 mode CBC

*&---------------------------------------------------------------------*
*& Report YENCRIPT2_DO
*&---------------------------------------------------------------------*
*&
*&---------------------------------------------------------------------*
REPORT yencript2_do.
* equivale a AES 256 mode CBC
* basado en CL_SEC_SXML_WRITER=>CRYPT_AES_CTR
* para test https://www.devglan.com/online-tools/aes-encryption-decryption

DATA: blocksize  TYPE i
    , keysize    TYPE i
    , cipher     TYPE xstring
    , block      TYPE xstring
    , rest       TYPE i
    , offset     TYPE i
    , l_iv       TYPE xstring
    , emptyiv    TYPE xstring
    , counter(4) TYPE x
    , ctroffset  TYPE i
    .
DATA iv TYPE xstring.
DATA key TYPE xstring.
DATA input TYPE xstring.
DATA result TYPE xstring.
DATA l_plaintext TYPE string.
DATA l_plaintext_x TYPE xstring.
DATA l_key TYPE string.
DATA l_key_x TYPE xstring.
DATA lv_message TYPE xstring.
DATA lv_message_decrypted TYPE xstring.
DATA lr_xstring TYPE xstring.
DATA l_base64 TYPE string.
DATA lv_message_string TYPE string.
DATA i_iv TYPE xstring.
DATA: lf_bindata TYPE xstring.

*--------------------------------------------------------------------*
*
*--------------------------------------------------------------------* 
* ejemplo: archivo JSON o XML
PARAMETERS gf_xfile TYPE string LOWER CASE.

*--------------------------------------------------------------------*
AT SELECTION-SCREEN ON VALUE-REQUEST FOR gf_xfile.
*--------------------------------------------------------------------*
  DATA: window_title TYPE string.

  window_title = 'Archivo de entrada'.
  cl_secxml_helper=>file_f4(
    EXPORTING window_title = window_title
    IMPORTING filename = gf_xfile ).

*--------------------------------------------------------------------*
START-OF-SELECTION.
*--------------------------------------------------------------------*

*--------------------------------------------------------------------*
* read xml data
*--------------------------------------------------------------------*
  IF gf_xfile IS NOT INITIAL.
    cl_secxml_helper=>upload_file(
       EXPORTING filename = gf_xfile
       IMPORTING bindata = lf_bindata ).
  ENDIF.

  blocksize = 16.
  keysize   = 32.
  ctroffset = 12.
  emptyiv   = '00000000000000000000000000000000'.

  i_iv = emptyiv.
  l_key = '12345678901234567890123456789012'.
  l_key_x = cl_abap_hmac=>string_to_xstring( l_key ).

  IF lf_bindata IS INITIAL.
    l_plaintext = 'Texto a encriptar'.
    l_plaintext_x = cl_abap_hmac=>string_to_xstring( l_plaintext ).
  ELSE.
    MOVE lf_bindata TO l_plaintext_x.
  ENDIF.

  iv = i_iv.
  key = l_key_x.
  input = l_plaintext_x.

  IF xstrlen( iv ) NE blocksize OR xstrlen( key ) NE keysize.
    WRITE:/ 'error en llave o IV'.
    RETURN.
  ENDIF.

  rest = xstrlen( input ).
  IF rest < 1.
    RETURN. "nothing to encrypt
  ENDIF.

*--------------------------------------------------------------------*
* encrypt
*--------------------------------------------------------------------*
  CALL METHOD cl_sec_sxml_writer=>encrypt_iv(
    EXPORTING
      plaintext  = input
      key        = key
      iv         = iv
      algorithm  = cl_sec_sxml_writer=>co_aes256_algorithm_pem
    IMPORTING
      ciphertext = cipher ).

* padding
  lr_xstring = cipher+blocksize.

*--------------------------------------------------------------------*
* codificar archivo encriptado en BASE64
*--------------------------------------------------------------------*
  PERFORM encode_base_64x USING lr_xstring CHANGING l_base64.

*--------------------------------------------------------------------*
* decrypt message
*--------------------------------------------------------------------*
  cl_sec_sxml_writer=>decrypt(
    EXPORTING
      ciphertext = cipher
      key =        l_key_x
      algorithm =  cl_sec_sxml_writer=>co_aes256_algorithm_pem
    IMPORTING
      plaintext = lv_message_decrypted ).

  " convert xstring to string for output
  cl_abap_conv_in_ce=>create( input = lv_message_decrypted )->read( IMPORTING data = lv_message_string ).

  " output secret message
  WRITE lv_message_string.

*----------------------------------------------------------------------*
*       FORM .......
*----------------------------------------------------------------------*
*       text
*----------------------------------------------------------------------*
*  -->  p1        text
*  <--  p2        text
*----------------------------------------------------------------------*
FORM encode_base_64x USING p_xstring TYPE xstring
                  CHANGING p_string_base64 TYPE string.
  DATA: l_http_utility TYPE REF TO cl_http_utility.
  DATA: l_string TYPE string.

  CREATE OBJECT l_http_utility.

  CALL METHOD l_http_utility->encode_x_base64
    EXPORTING
      unencoded = p_xstring
    RECEIVING
      encoded   = p_string_base64.
ENDFORM.
Retrieved from "http://sapwiki.cl/wiki/index.php?title=SAP_ABAP_ENCRIPTACION&oldid=412"