cancel
Showing results for 
Search instead for 
Did you mean: 

Assistance with an iRule

SugarsB
Nimbostratus
Nimbostratus

Good day

I need assistance with an iRule that can read the current time, add that as a timestamp and encrypt it in the header.

Regards

4 REPLIES 4

Interesting challenge. Try this?

 

when RULE_INIT {
  set static::key "fc2ed2bf490ad801c04ccd46b9d85b0c"
  set static::iv "7e2fe021d573c0eedd93c4b2704b1b3e"
}

when HTTP_REQUEST_SEND {
  set time [clock seconds]
  set encryptedtime [CRYPTO::encrypt -alg aes-128-cbc -keyhex $static::key -ivhex $static:iv $time]
  HTTP::header remove SECRETTIME
  HTTP::header insert SECRETTIME [b64encode $encryptedtime]
}

 

You can test it like by applying this rule to a test VIP:

when RULE_INIT {
  set static::key "fc2ed2bf490ad801c04ccd46b9d85b0c"
  set static::iv "7e2fe021d573c0eedd93c4b2704b1b3e"
}

when HTTP_REQUEST {
  set time [clock seconds]
  set encryptedtime [CRYPTO::encrypt -alg aes-128-cbc -keyhex $static::key -ivhex $static::iv $time]
  HTTP::respond 200 SECRETTIME [b64encode $encryptedtime]
}

And then test decrypting with curl and openssl:

curl -sI <ip> | grep SECRETTIME | awk '{print $2}' | openssl enc -a -d -aes-128-cbc -K fc2ed2bf490ad801c04ccd46b9d85b0c -iv 7e2fe021d573c0eedd93c4b2704b1b3e

Edit, made key + iv static to avoid being shamed by the iRules community.
Edit2: Added an example and changed to 32 bit hex key to follow the spec. F5 accepts 16 but openssl does not accept it.

 

 

Forgot how fun it is to be challenged by technical questions in the Devcentral forum. Too bad coding, work and kids takes up too much time. 🤔

I hear ya Patrik! It's hard to maintain balance. Thanks for the assist!

And @SugarsB - if this solved your problem clicking Accept as Solution will give at least one of Patrik's kids a cookie. 🍪

Cheers.

------
Lief ZimmermanLiefZimmerman | @LiefZF5 | DevCentral Community Manager

Anthony_Hynes
F5 Employee
F5 Employee

Thanks for helping out Patrik! We REALLY appreciate your help, support and participation!  🙂


-- Director of Community Development