For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

ukstin's avatar
ukstin
Icon for Nimbostratus rankNimbostratus
Jan 29, 2009

encrypt/decrypt URI

Hi, I´m trying to do an Irule to encrypt and decrypt the URI with a cookie value as key. But it´s not working as expected, somebody as any opinion about these irule? when HTTP_R...
application delivery
dev
devops
iRules
Colin_Walker_12's avatar
Colin_Walker_12
Historic F5 Account
Jan 29, 2009
First, it's always helpful if you give us more info to go off of than that something just isn't working as expected. Including details on HOW it's misbehaving, error log entries, etc. is very helpful.

That being said, it doesn't look like you're setting the value of decrypted anywhere. This would make it pretty hard to use that to update the uri later. Try changing the HTTP_REQUEST section to something like: 

 
 when HTTP_REQUEST {  
   set uri [HTTP::uri]  
   set host [HTTP::host]  
   if { [HTTP::cookie exists "JSESSIONID"] } {  
   set decrypted [AES::decrypt [HTTP::cookie value "JSESSIONID"] [b64decode $uri]] 
   if { [string length $decrypted] > 1 } { 
     log local0. "session: $IDkey uri $uri decriptada: $decrypted"  
     HTTP::uri $decrypted  
     set uri $decrypted  
   }  
   }  
 }

I think that'll get you closer to the result you're looking for. That's a pretty interesting use of a cookie as a key. I'd love to hear how it works out for you once you get it up and running.

Colin