Posterus_85681
Mar 07, 2016Nimbostratus
3DES encryption of text using iRule for custom URL/URI
We have a vendor that uses a custom URL/URI format to achieve SSO. The method they are wanting us to follow is below. Can this be done using F5 iRule and inbuilt commands? (I was thinking of using CRYPTO::encrypt but not sure if that will be correct)
The shared passphrase is used specifically to generate the key used by the DESEDE encryption algorithm.To generate the key, use the output of the hash function using the shared passphrase as the input parameter as below.
- Generate MD5 hash of passphrase – produces 16 byte array
- Convert the resultant MD5 hash byte array to a hex string in lower case – produces a 32 byte string
- Use the first 24 bytes of the hex string as the key for the DESEDE encryption algorithm
- Encrypt the URL string using the key generated above with a DESEDE cipher using ECB/PKCS5 padding. The encrypted result is a byte array
- The byte array above is base64 encoded and converted to a string with UTF-8 encoding
- The string is then URL encoded to form the final output string
- ASCII device control characters (e.g. null characters (%00), line feed (%0A), carriage return (%0D)) should NOT be in the encrypted string