HMAC
Problem this snippet solves:
This iRule shows example of to calculate HMAC or keyed-Hash Message Authentication Code by iRule using built-in function sha256.
Code :
when RULE_INIT { set message "test" set input { "1234" \ "123456789012345678901234567890123456789012345678901234567890xxxx" \ "yyyy123456789012345678901234567890123456789012345678901234567890xxxx" \ } foreach prekey $input { set bsize 64 if { [string length $prekey] > $bsize } { set key [sha256 $prekey] } else { set key $prekey } set ipad "" set opad "" for { set j 0 }{ $j < [string length $key] }{ incr j }{ binary scan $key @${j}H2 k set o [expr 0x$k ^ 0x5c] set i [expr 0x$k ^ 0x36] append ipad [format %c $i] append opad [format %c $o] } for { }{ $j < $bsize }{ incr j }{ append ipad 6 append opad \\ } set token [sha256 $opad[sha256 "${ipad}${message}"]] binary scan $token H* hextoken log -noname local0. [string toupper "result = $hextoken"] } }
Published Mar 17, 2015
Version 1.0Nat_Thirasuttakorn
Employee
Joined September 25, 2004
Nat_Thirasuttakorn
Employee
Joined September 25, 2004
1 Comment
Sort By
- Sam_Richman_263Historic F5 AccountAs a note, version 11.1 and above has the CRYPTO::sign iRule command, which provides multiple HMAC algorithms: https://clouddocs.f5.com/api/irules/CRYPTO__sign.html