ltm rule command AES encrypt
iRule(1) BIG-IP TMSH Manual iRule(1)
AES::encrypt
Encrypts the data using the previously-created AES key.
SYNOPSIS
AES::encrypt KEY DATA
DESCRIPTION
Encrypt the data using an AES key.
Syntax
AES::encrypt
* will be interpreted as an AES key and used directly if it is
a string formatted as an AES::key or an object generated from
AES::key.
* will otherwise be interpreted as a pass phrase and used to
generate an AES key. This does not work in versions prior to BIG-IP
11.2.0 due to bug 224113.
* Encrypt the using the AES key either supplied or generated
from .
Caution
This function is affected by ID241924 and ID242479, and should not be
used in BIG-IP v10.1.x or earlier.
This function is also affected by ID224113, and a workaround is
necessary. The workaround is to not use a passphrase, but to specify a
key directly, in the form of "AES ", where
is 128, 192, or 256. For example, "AES 128
e467128783ea04aba33aded4e6e457a5", would be a valid 128-bit key. This
was fixed in BIG-IP v11.2.0.
RETURN VALUE
Returns the encrypted data.
VALID DURING
ANY_EVENT
EXAMPLES
when SERVER_DATA {
set key "AES 128 43047ad71173be644498b98de6a32fe3"
set encryptedData [AES::encrypt $key [TCP::payload]]
TCP::payload replace 0 [TCP::payload length] $encryptedData
}
HINTS
SEE ALSO
CHANGE LOG
@BIGIP-9.0.0 --First introduced the command.
BIG-IP 2017-01-31 iRule(1)