Generating ASCII Armored PGP Key Pairs

Applies to:

PGP Encryption/Decryption modules used in SAP Netweaver PI based Standard and Partner Adapters

Summary

The following sections briefly describe the steps to create PGP key pairs using open source tool gpg4win and converting them in to ASCII Armored format.

Author(s):

Sivasubramaniam Arunachalam

Company: SAP Labs
Created on: 11-Jan-2012
Author(s) Bio
Sivasubramaniam Arunachalam is a senior developer at SAP Labs (Technology Innovation Platform). He is currently occupied with PI 7.31 development/maintenace activities. Since Sivasubramaniam joined SAP Labs in July 2010, he has developed new features in several adapters/areas including File, JDBC, IDoc, SOAP/XI, HTTP, JPR, B2B(RNIF 1.1/2.0, CIDX & PIDX) Adapters, XML Validation and Mapping Runtime. Currently, he is the component responsible for File, JDBC, B2B Adapters and XML Validation and takes care of all new development, enhancement and maintenance activities.

Table of Contents

Tools Required

• Install Gpg4win from http://www.gpg4win.org/download.html

It will automatically update it's path to the system PATH(Environment variable)

Generating Key Pairs

• Open the console the issue the following command to initiate the generation of public/private key pairs

# gpg --gen-key

• It will create both keys with the name like secring.gpg (Private Key) and pubring.gpg (Public Key)

• Select RSA(5) as a key type

• Choose the default key size (2048) by just pressing enter without any input.

• Choose the default key validity (key does not expire) by just pressing enter without any input
• During confirmation prompt, press 'y'

• Provide the Real User Name and E-Mail Address for the key to be issued with optional Comment
• Press 'O' for 'Okay'

• Provide and confirm the passpharse for private key

• Acutal keys will be updated after providing random system gestures

• Verify the details of the generated Private Key

# gpg -K

• Verify the details of the generated Public Key

# gpg -k

• Verify the key location

Generate ASCII Armored Keys from GPG Keys

• Use the following command to generate ASCII Armored Public Key

# gpg --export pgp.sender@pgpsender.com > public_key_sender.asc

• Use the following command to generate ASCII Armored Private Key

# gpg --export-secret-key pgp.sender@pgpsender.com > private_key_sender.asc

• Verify the generated ASCII Armored keys

To generate the another key pair (for PGP Receiver), move the present keys to different location and follow the same steps from the beginning. These key pairs can be used for both Encryption and Signing.