Forum Discussion
quangtran
Cirrus
Cirrususe irule to digitally sign
Hello everyone, I have a request like this: { "Data": "eyJVc2VyTmFtZSI6ImVjdXN0b21zIiwiUGdCJ9" } Here is the body when calling on F5. Add Sign to call the server as follows: { "Data": ...
Kai_Wilke
MVP
MVPHi Quangtran,
> What do I need to change here?
you will need to change those two things...
1.) Your pub/pri key is stored in the RULE_INIT event in a global varibable. Those can't become accessed from the HTTP_REQUEST* events via $pri_key / $priv_key, you would need to prefix those global varibals to $::pri_key and $::pub_key, but this HIGHLY NOT recommended, since it would disable CMP-mode for the entire Virtual Server. Rename those variables to $static::pub_key and static::pri_key to make them accessible in the HTTP_REQUEST events without loosing CMP-mode is my recommendation.
2.) You include the raw RSA encrypted data without applying any encodings to the message. This may break the JSON message syntax, if the RSA output contains non-escaped character used by JSON (e.g. " { } , ). Apply [b64encode $temp(enc_data)] before inserting it to the JSON message.
Cheers, Kai
quangtranmy data was base64 encoded before sending, thanks for your suggestion.
can i extract the data with this command:
when HTTP_REQUEST_DATA {
set temp(data) [findstr [HTTP::payload] "\"\Data\"\: 9 \"\ "]- Kai_Wilke
The output of the CRYPTO::encrypt command is binary data and should be encoded before inserted in Json. Otherwise it may crash an ordinary Json parser on every N request...
Cheers, Kai