ltm rule command AES decrypt
iRule(1) BIG-IP TMSH Manual iRule(1)
AES::decrypt
Decrypts the data using the previously-created AES key.
SYNOPSIS
AES::decrypt KEY DATA
DESCRIPTION
Decrypt the data using an AES key.
Syntax
AES::decrypt
* will be interpreted as an AES key and used directly if it is
a string formatted as an AES::key or an object generated from
AES::key.
* will otherwise be interpreted as a pass phrase and used to
generate an AES key. This does not work due to bug 224113.
* Decrypt the using the AES key either supplied or generated
from .
Caution
This function is affected by ID241924 and ID242479, and should not be
used in BIG-IP v10.1.x or earlier.
This function is also affected by ID224113, and a workaround is
necessary. The workaround is to not use a passphrase, but to specify a
key directly, in the form of "AES ", where
is 128, 192, or 256. For example, "AES 128
e467128783ea04aba33aded4e6e457a5", would be a valid 128-bit key.
RETURN VALUE
Returns the decrypted data.
VALID DURING
ANY_EVENT
EXAMPLES
when HTTP_REQUEST {
set key "AES 128 43047ad71173be644498b98de6a32fe3"
set decryptedData [AES::decrypt $key $encryptedData]
log local0. "The decrypted data is $decryptedData"
}
HINTS
SEE ALSO
CHANGE LOG
@BIGIP-9.0.0 --First introduced the command.
BIG-IP 2017-01-31 iRule(1)