Forum Discussion
Jeyakumar_Nadar
Nimbostratus
Mar 13, 2006Cookie encryption/decryption using iRule
Hello,
I am trying to write a script that will encrypt/decrypt a cookie, but am having a little trouble with the syntax used in the BIG-IP. I need to check to make sure that a cookie is not decrypted before I decrypt it and am not sure of the "if" statement I can use. Here is the code I am using now:
when HTTP_REQUEST {
if{CHECK TO SEE IF ALREADY DECRYPTED, PLEASE HELP!!!} {
HTTP::cookie remove "MyCookie"
}
else {
HTTP::cookie decrypt "MyCookie" KeyValue
}
}
when HTTP_RESPONSE {
HTTP::cookie encrypt "MyCookie" KeyValue
}
I need to make sure that I do not decrypt an already decrypted cookie. Can anybody help me with the "if" statement that I need.
Thanks in Advance!
Jeya
- First, I'd look at the the sample code on encrypting cookies
- Jeyakumar_Nadar
Nimbostratus
Thanks for the idea, but I do not know the necessary syntax to do this. Can you send me some documentation, links or an API for the language. With that information I will be able to implement one of your ideas. Thanks again! - Jeyakumar_Nadar
Nimbostratus
When I say syntax, I mean function calls, and proper code formatting, thanks. - I included a link in the previous post to a sample iRule that does cookie encryption.
- Jeyakumar_Nadar
Nimbostratus
Thanks for the quick replies, but I am still having a few issues. I am trying to concat "enc" onto the encrypted cookie string using this code in the Response: - Documentation for "substr" is in the iRules wiki link above. Look on the Commands page and you should find it. If you don't like my solution below, feel free to use the builtin string commands. Check out the TCL reference above as well as it has a lot of string functions that can come in handy.
when RULE_INIT { set ::cookieKey [AES::key] } when HTTP_RESPONSE { if { [HTTP::cookie exists "mycookie" } { set decrypted [HTTP::cookie "mycookie"] HTTP::cookie remove "mycookie" set encrypted [b64encode [AES::encrypt $::cookieKey $decrypted]] HTTP::cookie insert name "emycookie" value $encrypted } } when HTTP_REQUEST { if { [HTTP::cookie exists "emycookie" } { set encrypted [HTTP::cookie "emycookie"] HTTP::cookie remove "emycookie" set decrypted [AES::decrypt $::cookieKey [b64decode $encrypted]] HTTP::cookie insert name "mycookie" value $decrypted } }
- unRuleY_95363Historic F5 AccountJoe had a misplaced square bracket above. I have edited his post to correct it.
Recent Discussions
Related Content
DevCentral Quicklinks
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com
Discover DevCentral Connects