AES::decrypt¶
Description¶
Decrypt the data using an AES key.
Syntax¶
AES::decrypt <key> <data>
AES::decrypt <key> <data>¶
- <key> will be interpreted as an AES key and used directly if it is a string formatted as an AES::key or an object generated from AES::key.
- <key> will otherwise be interpreted as a pass phrase and used to generate an AES key. This does not work due to bug 224113.
- Decrypt the <data> using the AES key either supplied or generated from <key>.
Caution¶
This function is affected by ID241924 and ID242479, and should not be
used in BIG-IP v10.1.x or earlier.
This function is also affected by ID224113, and a workaround is
necessary. The workaround is to not use a passphrase, but to specify a
key directly, in the form of “AES “, where is 128, 192, or 256. For
example, “AES 128 e467128783ea04aba33aded4e6e457a5”, would be a valid
128-bit key.
Examples¶
when HTTP_REQUEST {
set key "AES 128 43047ad71173be644498b98de6a32fe3"
set decryptedData [AES::decrypt $key $encryptedData]
log local0. "The decrypted data is $decryptedData"
}