Forum Discussion
gpoverland
Nimbostratus
NimbostratusF5 iRule Example integrating HMAC
I currently utilize a static key value to create a custom encrypted cookie to validate user session authenticity via cookie values. I would like to move over to using an HMAC solution, but having iss...
gpoverlandNimbostratus
NimbostratusNothing yet.. The example didn't really define with comments what the values mean. For example, I believe the message variable is the data I want encrypted and that the token is the output. This could be just an issue of me reading up on HMAC, so just trying to see if someone has a full blown example of how they used it for say... user session authentication or validation.. Make sense? Thanks for replying so quickly
- Kai_Wilke
MVP
On the first sight i would say that $message is the message to be authenticated and $input is your secret key. You may also take a look to the available Google-Authenticator iRule samples, to see some real world examples. GA tokens are using HMAC-SHA1 calculations. Cheers, Kai - Kai_WilkeSince Nat Thirasuttakorn is aware of your question, I would leave the conversation now. I guess its far more effective if he answers any questions regarding his code... ;-) Good luck with your development and Cheers, Kai
