Forum Discussion
Nimbostratusb64encode in an Access Policy
I want to take a session variable in an Access Policy, encode it and store the result in a custom variable for use later on.
In an irule, b64encode works great however I need a TCL equivalent to use in an Access Policy. I want to stay away from using an iRule-Event because I find them to be very flaky and have an open ticket with F5 at the moment.
Something to the effect of session.user.custom.b64var = [b64encode "HELLO" ] would be ideal.
The objective is to obfuscate the original value “HELLO”. The value will be stored in a user certificate therefore I cannot use non-printable characters and I would rather it not be obvious what the data represents. Encryption would be great but not really necessary.
Any suggestions?
APM 11.5.1
1 Reply
- Kevin_Stewart
Employee
Try this:
session.custom.bob = expr { "HELLO" } session.custom.fred = binary scan [mcget {session.custom.bob}] B* bits; switch [expr {[string length $bits]%6}] { 0 {set tail {}} 2 {append bits 0000; set tail ==} 4 {append bits 00; set tail =}}; return [string map { 000000 A 000001 B 000010 C 000011 D 000100 E 000101 F 000110 G 000111 H 001000 I 001001 J 001010 K 001011 L 001100 M 001101 N 001110 O 001111 P 010000 Q 010001 R 010010 S 010011 T 010100 U 010101 V 010110 W 010111 X 011000 Y 011001 Z 011010 a 011011 b 011100 c 011101 d 011110 e 011111 f 100000 g 100001 h 100010 i 100011 j 100100 k 100101 l 100110 m 100111 n 101000 o 101001 p 101010 q 101011 r 101100 s 101101 t 101110 u 101111 v 110000 w 110001 x 110010 y 110011 z 110100 0 110101 1 110110 2 110111 3 111000 4 111001 5 111010 6 111011 7 111100 8 111101 9 111110 + 111111 / } $bits]$tail
