Magnum_IP
Nov 08, 2013Nimbostratus
Looking for advice on CRYPTO::sign and CRYPTO::verify
Hoping someone can help...
The documentation around the CRYPTO::sign and CRYPTO::verify commands is minimal and I can't find any worked examples online. Couple that with my limited knowledge of cryptography and the challenge of providing cookie integrity checking in an iRule and I'm struggling.
I'm currently using the CRYPTO::encrypt and CRYPTO::decrypt commands to set and encrypted cookie in the response to a client and the decrypt it in subsequent requests and that seems to be working well. How to use the sign and verify commands around this to check that the cookie hasn't been tampered with eludes me though.
Any help or advice appreciated.
fergu5