Distribution of Encryption in Framework

[lechnerc77]

The logic for en- and decryption is distributed in several classes in DECODE_KEY and ENCRYPT_KEY macros (e. g. ZCL_ADF_SERVICE, ZCL_ADF_SERVICE_BLOB, ZCL_ADF_SERVICE_EVENTHUB, ZCL_SSF_UTILITY). As this logic is an essential ingredient it should be centralized in one class for the sake of maintainability. I think the class ZCL_SSF_UTILITY had the original intention to do so but seems to be unfinished.

[krdash]

Hello Christian @lechnerc77 @Microsoft/abapsdk , Thank you for the valuable feedback. we are in the process of extending the class ZCL_SSF_UTILITY as it was initially designed to encrypt all kinds of keys and method to decrypt the same in our current landscape. This class is no longer used in SDK as currently we are encrypting keys automatically from the maintenance screen of table ZADF_CONFIG using logic embedded with table events. we will keep you posted on the extended class once it is completed and reused in the service classes( e.g ZCL_ADF_SERVICE_EVENTHUB) of SDK.

Thanks, Krishna

[lechnerc77]

Hi Krishna, that is great to hear. Hope to see the result soon Best regards Christian

[larshp]

I also just stumbled upon the macros, looking at the code I guess the macros were added for security reasons, as macros cannot be debugged, while this is true, I think the specific implementation is debuggable,

For something like https://github.com/microsoft/ABAP-SDK-for-Azure/blob/73de27af27cadeed927e9193b5cb0b8598f532b7/src/zadf/zcl_adf_service_blob.clas.abap#L120 a user debugging can set a break point inside function module SSFC_BASE64_DECODE to get lv_decoded_xstr? So I agree with @lechnerc77 above, this should be optimized for maintainability instead

[vikasbansal2022]

Hi @lechnerc77

We upgraded our repo with latest version and ZCL_ADF_SERVICE is used as base class and other ZCL_ADF* classed are extending its methods. Please let us know if you need more information.

Regards, Vikas