Forum Discussion

Kevin_Stewart's avatar
Kevin_Stewart
Icon for Employee rankEmployee
Mar 14, 2008

AES functions

Hello Devcentral gurus,

 

 

Does anyone know the specifics of the AES functions and how they work. Specifically, look at the following code snippet:

 

 

set testkey "test"

 

set testdata "blah"

 

log local0. "aes output -> [AES::encrypt $testkey $testdata]"

 

 

I've searched and searched through the forum and perhaps I just don't understand it. The above code delivers a different result every time a new browser window is opened. I have to assume that internally AES is pulling some additional information to "seed" the result, but then why the key? I would have thought that since the AES::key function delivers a random key, everything else would be static, and entering a static key would give the same result every time. What am I missing? Say for example I am strongly encrypting something that is being sent to the user in a file-based cookie. When they come back to the site later, I would like to be able to decrypt that data. Again, am I missing something? As it stands, the AES functions don't allow that.

 

 

Thank you for your help.

 

Kevin
application delivery
dev
devops
iRules
  • funkdaddy_31014's avatar
    funkdaddy_31014
    Icon for Nimbostratus rankNimbostratus
    Aug 22, 2011
    Also following up on this old thread. Like an earlier poster, we are are trying to encrypt in java and decrypt on the BigIP. I see the links to the C code from laz above, and wondering if anyone has gotten this work?

     

     

    Anyone know of CWC-AES libraries written in Java?

     

     

    Thanks!
  • IheartF5_45022's avatar
    IheartF5_45022
    Icon for Nacreous rankNacreous
    Dec 07, 2011
    So...looky what is in the release notes for 11.1? Pity they don't tell us HOW to use the new functionality in an iRule. I need it!! I will ping our account team to get some doco released on this.

     

     

    I would also like to know if encrypting on v11.1 and decrypting on another F5 on 11.0 is gonna cause any problems as I seem to have some issues.....Cryptographic Operations for iRules

    In this release, iRules support encryption and decryption of data that is compatible with external devices. iRules support includes the following ciphers:

     

    • RC4
    • DES
    • 3DES
    • AES

    Additionally, iRules support includes the following encryption modes:

    • ECB
    • CBC
    • CTR

     

     

     

  • hooleylist's avatar
    hooleylist
    Icon for Cirrostratus rankCirrostratus
    Dec 07, 2011
    Hi Joanna,

     

     

    I'm checking internally to see what docs we have/can make available.

     

     

    Aaron
  • hooleylist's avatar
    hooleylist
    Icon for Cirrostratus rankCirrostratus
    Jan 12, 2012
    Hi Joanna,

     

     

    The DC team update the CRYPTO wiki pages with details on the new functionality:

     

    http://devcentral.f5.com/wiki/iRules.crypto.ashx

     

     

    Aaron