Friday, 14 June 2019

Securing files using PGP encryption (Part-1-Encryption): Oracle Integration

Are you scared the data can be hijacked during transmission of the files if we are doing transactions using the Integration Cloud? Do not scare, read the article and feel comfortable to transmit the files in a secured manner.

Oracle Integration Cloud provides Pretty Good Privacy (PGP) mechanism to encrypt or decrypt the files which allow us to read/write files in a secure manner.

So, we only required PGP public and private keys to transfer files in a secure manner.
  1. Do you want to encrypt the file?: So use PGP public key to encrypt
  2. Do you want to decrypt the file? Use PGP private key to decrypt
We are dividing encryption and decryption into two parts:

Part 1): Will demonstrate how to  encrypt the files
Part 2): Will demonstrate how to decrypt the files

In this article, we'll cover Part-1 

Use Case: We'll read the plain CSV from FTP location and create the encrypted CSV file on FTP location

Let's see how to achieve this.

Before we encrypt the file, we have to upload the PGP public key into the Integration FTP connection. So, I am considering we already have one FTP connection in place. Open the FTP connection and click on the Configure Security button. Notice the PGP Public Key field, click on the Checkbox and click on the Upload button.

Once we click on the Upload button, it will allow browsing the file. Browse the Public key file and Click the Upload button


See the ASCII-Armor Encryption field. Select Yes or No depending on the encryption requirement. For the time being, we are taking as No. Also, select the Cipher Algorithm based on the requirement

Once done, click on the Test connection. The connection should be tested successfully.
  • Now create a Scheduled based integration and drop the FTP adapter
  • Enter the endpoint name as "ReadFile"
  • Enter below information and click the Next button
    • Select Operation: Select Read a File
    • Select a Transfer Mode: ASCII
    • Input Directory: Enter the directory(/home/opc/source) from where the file needs to be read
    • File Name: Enter the file name(Test.csv) to be read
  • Select Yes from Do you want to specify the structure for contents of the file and Select the Sample delimited document(e.g. CSV) from the drop down
  • Specify below information and complete the FTP wizard
    • Select the sample CSV file with below structure
    • Enter the record name as "Employee"
    • Enter the recordset name as "Employees"
FirstName,LastName,Qualification
Ankur,Jain,MCA
Tom,ghai,BED

Leave another option as it is for the time being

  • Drop FTP connection again and enter the endpoint name as "WriteEncryptFile"
  • Enter below information and click the Next button
    • Select Operation: Select Write File
    • Select a Transfer Mode: ASCII
    • OutputDirectory: Enter the directory(/home/opc/target) where the file to be written
    • File Name Pattern: Enter the file name(Encrypt.csv) to be created
    • Select Yes for Enable PGP Security option
    • Select Encrypt for PGP Security Mode option
  • Select Yes from Do you want to specify the structure for contents of the file and Select the Sample delimited document(e.g. CSV) option
  • Specify below information and complete the FTP wizard
    • Select the sample CSV with the same structure as above
    • Enter the record name as "EncryptEmployee"
    • Enter the recordset name as "EncryptEmployees"
  • Open the WriteEncryptFile mapper and do the mapping as below
Source Element
Target Element
$ReadFile -> Employees
WriteFile ->EncryptEmployee
$ReadFile -> FirstName
WriteFile ->FirstName
$ReadFile -> LastName
WriteFile ->LastName
$ReadFile -> Qualification
WriteFile ->Qualification

The configuration is completed now. Let's test the integration. Keep the plain CSV file on FTP with the same structure as we defined during reading and writing the file.

Submit the integration and open the FTP target directory. An encrypted file should be created there. Open the file and see the file should be encrypted.

In the Next blog, we will read the same encrypted file, decrypt it and print the content into logs.

1 comment:

  1. I definitely appreciate your blog. Excellent work!
    Visit to know about aes encryption

    ReplyDelete