[英]Does SAP ABAP offer a way to sign assemblies?
I'm trying to find out whether it is possible to sign binaries written for SAP systems in ABAP.我试图找出是否可以在 ABAP 中对为 SAP 系统编写的二进制文件进行签名。 Contextually does it make sense?从上下文来看是否有意义? I've only found some reference to an add-on assembly kit which seems to be some sort of packaging standard.我只找到了一些对附加组装套件的参考,它似乎是某种包装标准。 Can this be used to authenticate the source and integrity of ABAP modules?这可以用于验证 ABAP 模块的来源和完整性吗?
Greatly appreciate your feedback~!非常感谢您的反馈~!
I seem to have found an answer to my question somewhat...one forum discussion states that ABAP is only interpreted and that there are no binaries to sign in the first place.我似乎在某种程度上找到了我的问题的答案......一个论坛讨论指出 ABAP 仅被解释并且首先没有二进制文件可以签名。 I'm a bit confused though as to what the Add-on Assembly Kit is.我对附加组件套件是什么有点困惑。 I suppose it's a way of packaging the ABAP code into a certifiable package, which I suppose is the closest we'll get to what I'm looking for-although I'm not sure how this works if you're not interested in sharing the package with SAP for certification...If you have any insights please enlighten me.我想这是将 ABAP 代码打包成可认证包的一种方式,我想这是我们最接近我正在寻找的东西 - 尽管如果您对共享不感兴趣,我不确定这是如何工作的SAP 认证包...如果您有任何见解,请赐教。
Thanks!谢谢!
not positive of your end requirement but I'll answer the best I can.对您的最终要求不满意,但我会尽我所能回答。 ABAP is interpreted so there really is no need to sign a binary as there is none to sign. ABAP 已被解释,因此实际上没有必要对二进制文件进行签名,因为没有要签名的二进制文件。 Because third party's needed ways to deliver solutions or code to their customers in a packaged manner SAP developed the add-on assembly toolkit, (emphasis on assembly) this allows the third party a tool to package all the solution pieces,( classes, tables, includes, screens etc.) into an add-on that can be installed, versioned etc. in your customers SAP system.因为第三方需要以打包方式向客户交付解决方案或代码的方式,SAP 开发了附加组装工具包,(强调组装)这允许第三方工具打包所有解决方案部分,(类、表、包括、屏幕等)添加到可以在您的客户 SAP 系统中安装、版本控制等的附加组件。 So it's main purpose is to allow you to assemble the myriad pieces that make up your solution.所以它的主要目的是让您组装构成您的解决方案的无数部分。
Of course if your talking about a single app, report etc. this obviously would be overkill.当然,如果您谈论的是单个应用程序、报告等,这显然是矫枉过正。
If what you are seeking is a way to know that an app comes from your specific company, then you can request a custom namespace, when you get one assigned they issue you a key which only your company uses to install the namespace and that sort of works like signing, your programs will all exist in your namespace and be identified as such.如果您正在寻求一种方法来了解某个应用程序来自您的特定公司,那么您可以请求一个自定义命名空间,当您获得一个命名空间时,他们会向您颁发一个密钥,只有您的公司使用该密钥来安装该命名空间以及类似的像签名一样工作,您的程序都将存在于您的命名空间中并被标识为这样。
I'm sure there are more details others can provide but that should get you started.我相信其他人可以提供更多详细信息,但这应该可以帮助您入门。
Later.....之后.....
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.