https://stackoverflow.com/questions/14892939
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianThe -iv is optional because you could have created a context containing the initialization vector and passed that in with -ctx instead. TCL command documentation does not have a good way of indicating this situation: -iv and -key are required OR -ctx is required.
Issue with CRYPTO library in F5 BIG-IP: missing required parameter
-
09-03-2022 - |
Question
i'm writing and iRule for the F5 Big-Ip v. 11.x. I have an issue with the CRYPTO library.
When I try to decrypt a string in this way
set foo [CRYPTO::decrypt -alg rc4 -keyhex $key $to_decrypt]
where $key is a string in hex format and $to_decrypt is the encrypted string.
I receive an error:
tmm err tmm[7107]: 01220001:3: TCL error: /Common/testirule - Missing required parameter
Here you can find the documentation: https://devcentral.f5.com/wiki/iRules.CRYPTO__decrypt.ashx
I can't understand which parameter is missing, can you help me? Thanks in advance!
edit: I add here a snippet from documentation:
CRYPTO::decrypt [-alg <>] [-ctx <> [-final]] [-key[hex] <>] [-iv[hex] <>] []
decrypts data based on several parameters
alg - algorithm. ASCII string from a given list (see below) The spelling is lowercase and the iRule will fail for anything not in the list. In ctx mode, alg must be given in the first CRYPTO::command and cannot be modified. ctx - context is the name of a Tcl variable and can only be generated from and used in CRYPTO commands. Notes: Trying to get or set value for a ctx variable will fail. When a CTX variable is first used in iRule, a tcl object will be generated from the given arguments (alg, key, iv, etc.). A given CTX variable can only be used for one CRYPTO:: command. An iRule CRYPTO:: command would fail if CTX is reused for different purpose. “–final” must be used for the last CRYPTO:: command for the same CTX variable to finish the CRYPTO:: command. After “-final” is used, the CTX variable will be freed and the same ctx variable name can be reused. When a CTX variable already has a key and an IV value stored in it, the value can only be updated before CRYPTO command really starts, that is before any data is given. After the command starts and before it finishes, updating key or IV in CTX would fail. key - key (binary data). Key length is determined by alg used. Can be generated by CRYPTO::keygen keyhex - key as hex data. Key length is determined by alg used. Can be generated by CRYPTO::keygen iv - initialization vector (binary data). Length is determined by alg used. Can be generated by CRYPTO::keygen ivhex - initialization vector as hex data. Length is determined by alg used. Can be generated by CRYPTO::keygen
Solution
Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
