Monday, 15 June 2015

encryption - Issue with CRYPTO library in F5 BIG-IP: missing required parameter -



encryption - Issue with CRYPTO library in F5 BIG-IP: missing required parameter -

i'm writing , irule f5 big-ip v. 11.x. have issue crypto library.

when seek decrypt string in way

set foo [crypto::decrypt -alg rc4 -keyhex $key $to_decrypt]

where $key string in hex format , $to_decrypt encrypted string.

i receive error:

tmm err tmm[7107]: 01220001:3: tcl error: /common/testirule - missing required parameter

here can find documentation: https://devcentral.f5.com/wiki/irules.crypto__decrypt.ashx

i can't understand parameter missing, can help me? in advance!

edit: add together here snippet documentation:

crypto::decrypt [-alg <>] [-ctx <> [-final]] [-key[hex] <>] [-iv[hex] <>] []

decrypts info based on several parameters

alg - algorithm. ascii string given list (see below) spelling lowercase , irule fail not in list. in ctx mode, alg must given in first crypto::command , cannot modified. ctx - context name of tcl variable , can generated , used in crypto commands. notes: trying or set value ctx variable fail. when ctx variable first used in irule, tcl object generated given arguments (alg, key, iv, etc.). given ctx variable can used 1 crypto:: command. irule crypto:: command fail if ctx reused different purpose. “–final” must used lastly crypto:: command same ctx variable finish crypto:: command. after “-final” used, ctx variable freed , same ctx variable name can reused. when ctx variable has key , iv value stored in it, value can updated before crypto command starts, before info given. after command starts , before finishes, updating key or iv in ctx fail. key - key (binary data). key length determined alg used. can generated crypto::keygen keyhex - key hex data. key length determined alg used. can generated crypto::keygen iv - initialization vector (binary data). length determined alg used. can generated crypto::keygen ivhex - initialization vector hex data. length determined alg used. can generated crypto::keygen

the -iv optional because have created context containing initialization vector , passed in -ctx instead. tcl command documentation not have way of indicating situation: -iv , -key required or -ctx required.

encryption tcl f5 big-ip

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)