X

The Integration blog covers the latest in product updates, best practices, customer stories, and more.

  • December 12, 2019

Using Stage File Read/Write operation to encrypt/decrypt files

Namratha Narayan
Project Lead, SOA

You may have a scenario where the requirement is to retrieve an encrypted file from sFTP server and send that to external REST endpoint in encrypted/unencrypted mode with additional capabilities such as processing in the middle. 

The new feature makes it easy to configure PGP keys in Stage File Read/Write operation to decrypt/encrypt file up to 10 MB in size.

 

Prerequisite

Enable following features:

  • oic.suite.settings.certificate  (It will allow user to manage certificate life cycle in OIC)
  • oic.ics.stagefile.pgp.key.support (It will allow user to upload and delete PGP keys in stage file)

To enable feature flags - Refer to Blog on Enabling Feature Flags in Oracle Integration

The minimum Oracle Integration version required for the feature is 190904.0200.31130

 

Step By Step Guide

  • Public Key is used for Encryption and Private Key for decryption. In order to use encrypt/decrypt files we have to upload PGP keys in OIC.

To upload PGP Keys:

  • From OIC Home page → Settings → Certificates page
  • Click Upload at the top of the page.
  • In the Upload Certificate dialog box, select the certificate type. Each certificate type enables Oracle Integration Cloud to connect with external services.
  • PGP: Use this option for bringing PGP Certificates.

Public Key:

  • Enter Alias Name and Description
  • Select Type as PGP
  • Select Category as Public
  • Select PGP File, Click Browse and select the public key file to be uploaded
  • Select ASCII-Armor Encryption Format
  • Select Cipher Algorithm
  • Click Upload.

Private Key:

  • Enter Alias Name and Description
  • Select Type as PGP
  • Select Category as Private
  • Select PGP File, Click Browse and select the private key file to be uploaded
  • Enter the PGP Private Key Password of the private key being imported.
  • Click Upload.

 

  • You can download the encrypted file to staged location using FTP Download File operation.

To configure FTP Adapter Download File operation:

  • Select Download File.
  • Specify the input directory and download directory path(this path will be the input directory for stage read file).

 

  • You can then use Stage File action Read File operation to decrypt the encrypted file so it can be read and transformed.

To configure Stage Read Entire File operation with PGP Key to decrypt file:

  • Select Read Entire File
  • Configure File Reference - Select Yes
  • Specify the File Reference - Click the Expression Builder icon to build an expression to specify the file reference.
  • Decrypt - Check this option to decrypt the file (Use Decrypt Check Box to enable PGP selection)
  • Select PGP Key - Select the PGP Private Key to decrypt the file

 

  • After the transformation, you can use Stage File action Write File operation to re-encrypt it.

To configure Stage Write file operation with PGP Key to encrypt file:

  • Select Write File
  • Specify the File Name - Click the Expression Builder icon to build an expression to specify the file name.
  • Specify the Output Directory - Click the Expression Builder icon to build an expression to specify the output directory.
  • Encrypt - Check this option to encrypt the file (Use Encrypt Check Box to enable PGP selection)
  • Select PGP Key - Select the PGP Public Key to encrypt the file

 

  • Encrypted file can be sent to an external endpoint or sFTP server.

To configure FTP Adapter Write File operation:

  • Select Write File.
  • Specify the directory path to which to transfer files
  • Select the pattern name for files to transfer.

 

Samples

Stage Write File Integration to encrypt file

IAR

This Integration

  • Downloads input file from input directory to stage location
  • Reads the downloaded file using Stage Read Entire File Operation using File Reference
  • Encrypts and Writes the file to stage location using Stage Write File Operation with Encrypt option and PGP Public Key
  • Writes the encrypted file to output directory from stage location

 

Stage Read File Integration to decrypt encrypted file

IAR

This Integration

  • Downloads stage encrypted file from input directory to stage location
  • Reads and Decrypts the downloaded file using Stage Read Entire File Operation using File Reference with Decrypt option and PGP Private Key
  • Writes the decrypted file to stage location using Stage Write File Operation
  • Writes the decrypted file to output directory from stage location

Be the first to comment

Comments ( 0 )
Please enter your name.Please provide a valid email address.Please enter a comment.CAPTCHA challenge response provided was incorrect. Please try again.