Security is one of the aspect when we are dealing with Cloud platform. Specially when we are transfering files over the public SFTP from cloud paltform. OIC allows securing files using PGP encryption  policy.

Oracle Integration Cloud provides Pretty Good Privacy (PGP) mechanism to encrypt or decrypt the files which allow us to read/write files in a secure manner.

So, we only required PGP public and private keys to transfer files in a secure manner.

  1. Do you want to encrypt the file?: So use PGP public key to encrypt
  2. Do you want to decrypt the file?: Use PGP private key to decrypt
 
We are dividing encryption and decryption into two parts:
 
Part 1): Will demonstrate how to  encrypt the files
Part 2): Will demonstrate how to decrypt the files
 
In this article, we’ll cover Part-1 
Use Case: We’ll read the plain CSV from FTP location and create the encrypted CSV file on FTP location
Let’s see how to achieve this.
 
Before we encrypt the file, we have to upload the PGP public key into the Integration FTP connection. So, I am considering we already have one FTP connection in place. Open the FTP connection and click on the Configure Security button. Notice the PGP Public Key field, click on the Checkbox and click on the Upload button.
 
Once we click on the Upload button, it will allow browsing the file. Browse the Public key file and Click the Upload button
 
 
See the ASCII-Armor Encryption field. Select Yes or No depending on the encryption requirement. For the time being, we are taking as No. Also, select the Cipher Algorithm based on the requirement
Once done, click on the Test connection. The connection should be tested successfully.
  • Now create a Scheduled based integration and drop the FTP adapter
  • Enter the endpoint name as “ReadFile
  • Enter below information and click the Next button
    • Select Operation: Select Read a File
    • Select a Transfer Mode: ASCII
    • Input Directory: Enter the directory(/home/opc/source) from where the file needs to be read
    • File Name: Enter the file name(Test.csv) to be read
  • Select Yes from Do you want to specify the structure for contents of the file and Select the Sample delimited document(e.g. CSV) from the drop down
  • Specify below information and complete the FTP wizard
    • Select the sample CSV file with below structure
    • Enter the record name as “Employee
    • Enter the recordset name as “Employees
FirstName,LastName,Qualification
Ankur,Jain,MCA
Tom,ghai,BED
 
Leave another option as it is for the time being
  • Drop FTP connection again and enter the endpoint name as “WriteEncryptFile
  • Enter below information and click the Next button
    • Select Operation: Select Write File
    • Select a Transfer Mode: ASCII
    • OutputDirectory: Enter the directory(/home/opc/target) where the file to be written
    • File Name Pattern: Enter the file name(Encrypt.csv) to be created
    • Select Yes for Enable PGP Security option
    • Select Encrypt for PGP Security Mode option
  • Select Yes from Do you want to specify the structure for contents of the file and Select the Sample delimited document(e.g. CSV) option
  • Specify below information and complete the FTP wizard
    • Select the sample CSV with the same structure as above
    • Enter the record name as “EncryptEmployee
    • Enter the recordset name as “EncryptEmployees
  • Open the WriteEncryptFile mapper and do the mapping as below
Source Element
Target Element
$ReadFile -> Employees
WriteFile ->EncryptEmployee
$ReadFile -> FirstName
WriteFile ->FirstName
$ReadFile -> LastName
WriteFile ->LastName
$ReadFile -> Qualification
WriteFile ->Qualification
 
The configuration is completed now. Let’s test the integration. Keep the plain CSV file on FTP with the same structure as we defined during reading and writing the file.

Test the Integration

Submit the integration and open the FTP target directory. An encrypted file should be created there. Open the file and see the file should be encrypted.
 
In the Next blog, we will read the same encrypted file, decrypt it and print the content into logs.