NAME
Javascript::SHA1
- Calculate the SHA1 digest of a CGI form field
Synopsis
This is a complete, runnable, tested program.
#!/usr/bin/perl
use strict;
use warnings;
use CGI;
use Javascript::SHA1;
# ------------------
my($q) = CGI -> new();
my($p) = $q -> param('my_password') || '';
my($js) = Javascript::SHA1 -> new();
print $q -> header(),
$q -> start_html({script => $js -> javascript('my_password'), title => 'Javascript::SHA1'}),
$q -> h1({align => 'center'}, 'Javascript::SHA1'),
"Previous value: $p",
$q -> br(),
$q -> start_form({action => $q -> url(), name => 'SHA1'}),
'Username: ',
$q -> textfield({name => 'my_username', size => 50}),
$q -> br(),
'Password: ',
$q -> password_field({name => 'my_password', size => 50}),
$q -> br(),
'Generate str2hex_sha1: ',
$q -> submit({onClick => 'return str2hex_sha1()'}),
$q -> end_form(),
$q -> end_html();
Description
Javascript::SHA1
is a pure Perl module.
This module allows you to convert user input, eg a password, into the SHA1 digest of that input.
This means the password itself need never be transmitted across the network - only the SHA1 digest need be transmitted.
Distributions
This module is available both as a Unix-style distro (*.tgz) and an ActiveState-style distro (*.ppd). The latter is shipped in a *.zip file.
See http://savage.net.au/Perl-modules.html for details.
See http://savage.net.au/Perl-modules/html/installing-a-module.html for help on unpacking and installing each type of distro.
Constructor and initialization
new(...) returns a Javascript::SHA1
object.
This is the class's contructor.
Usage: Javascript::SHA1 -> new().
new()
does not take any parameters.
Method: javascript([$name_of_CGI_password_field][, $number_of_CGI_form])
Returns a block of Javascript which you must output as part of your HTML page.
Takes 2 optional parameters:
- The name of the CGI field used to input the password
-
This field name defaults to 'password'.
- The number of the CGI form within the HTML page
-
This field value defaults to 0, which is the first form on the page.
See the Synopsis for one way to do this.
Note: if you pass just 1 parameter, it is assumed to be the name of a field.
Submitting a CGI Form
To disable this module, simply use a submit button of the form:
$q -> submit();
To enable the module, use a submit button with an onClick event handler that calls a Javascript function which converts your CGI password field's value into the SHA1 digest of that value. Use one of:
- $q -> submit({onClick => 'return str2hex_sha1()'});
-
Returns a string of length 40.
- $q -> submit({onClick => 'return str2b64_sha1()'});
-
Returns a string of length 27.
- $q -> submit({onClick => 'return str2str_sha1()'});
-
Returns a string of length 20 (approx :-).
Example code
See the examples/ directory in the distro.
There is 1 demo file, sha1.cgi.
This is a CGI script identical to the one in the synopsis.
Edit it to suit your circumstances.
Related Modules
Javascript::MD5.
Author
Javascript::SHA1
was written by Ron Savage <ron@savage.net.au> in 2004.
Home page: http://savage.net.au/index.html
Copyright
Australian copyright (c) 2004, Ron Savage. All Programs of mine are 'OSI Certified Open Source Software'; you can redistribute them and/or modify them under the terms of The Artistic License, a copy of which is available at: http://www.opensource.org/licenses/index.html