Encryption need CGI support

from what i can see, you already have the encryption and decryption algorithm in place. So all that you now need is a mechanism, using CGI, to "carry" this encrypted piece of info from one page to the other.

if that is indeed the case there are a couple of way you can achieve this.

1) using HTML hidden element and moving the encrypted info beween pages.

2) using cookies to set the encrypted info in the users browser and then retrieving it at a later point

3) passing the encrypted into to a CGI script, which would then store it in a temporary file on your server and pass the name of that temp. file to the browser. The browser would then carry this temp file name, rather than the actual encrypted value, across pages using any of the above 2 mechanisms.

Let me know your thoughts on the same.

exactly you know what i want.Now the matter how can i perform this? What if i choose the method 3. Do you have the CGI script for me to do that? and If i do the have the script. Do guide me on how to use the script and the server.

I am Lookin for your reply again.

"...What if i choose the method 3...."

That's a good choice.

"... Do you have the CGI script for me to do that?.."

give me some time & i will write a script for you.

"....and If i do the have the script. Do guide me on how to use the script and the server. ...."

sure.

Rgds

kokzai,

After 4 1/2 hrs of continue work, i think i have what you need.

i have slightly modified your html file and added an extra button called "Encrypt & Continue".

what this button does is allows javascript to do the encryption and submit the key and encrypted value to a CGI script (store_passwd.pl).

This script stores the info in a file on the web server & sets the name of the file as a cookie value.

next you need to call the second script (decrypt.pl). This script checks if the cookie exists, reads the cookie, gets the file name, opens the file (which has the key and the encrypted value) reads the values and decrypts them.

in order to do this i had to port the entire javascript decrypt alogrithm in PERL (check sub decrypt)

Using these script you can now pass the encrypted value between as many pages as you want!!

try it out and let me know how it goes.

here is the code.
=========================encrypt-decrypt.html
<html><head><title>Encrypt/Decrypt Script</title>


<SCRIPT LANGUAGE="JavaScript">


<!-- Hide from JS-Impaired Browsers
/* Although the "cs" string is
   in ASCII order below, it
   can be "scrambled" if you
   wish to further complicate
   any decryption attempts. */
bs="\\";
cs=' !"#$%&';
cs+="'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRS"
+"TUVWXYZ^[_]`abcdefghijklmnopqrstuvwxyz{|}~\t\r\n"+bs;
cm=0;
cm1=0;
cflg="";
/* Although this example has been prepared using
   a four-bit paradigm, you may elect to alter it
   to a 2-bit, 3-bit, 5-bit, etc. paradigm. For
   example, a 2 bit paradigm would look like this:
   four="00 01 10 11 ";
   fourletter="a  b  c  d "
   and the code in the encryption and decryption
   routines below would need to be altered to
  reflect the change in bit paradigm. We've
   put comments at the appropriate places.
   Caution: don't use a space as a printing character
   in your construction of the variable "sixletter".
   Some alternates are included here for your own
   construction consideration.
   sixletter="A    B    C    D    E    F    G    H    "
            +"I    J    K    L    M    N    O    P    ";
   sixletter=".    ,    /    '    |    _    `    ~    "
            +"!    @    ^    *    -    :    ;    ?    "; */
sixteen="0000 0001 0010 0011 0100 0101 0110 0111 "
       +"1000 1001 1010 1011 1100 1101 1110 1111 ";
sixletter=";    .    *    ,    x    `    i    :    "
         +"_    -    ^    <    >    '    ~    =    ";

function samp(){
  // First, we grab the two strings
  ls="";
  ls1="";
  kwd=document.ex1.key.value;
  kwdpd=kwd;
  msg=document.ex1.ps.value;
  // Pad key to be long enough for message
  if (cflg!=1){
    sl=msg.length;
  }else{
    sl=msg.length/2;
  }

  while (kwd.length<sl){
    kwd+=kwdpd;
  }
  document.ex1.ps.value="I am now converting key and message strings...";
  if (cflg!=1){
    setTimeout("samp2()",1000);
  }else{
    setTimeout("decryp()",1000);
  }
}

function samp2(){
  // Next, convert the 2 strings to binary
  for (var i=0;i<msg.length;i++){
    chk=kwd.charAt(i);
    cmk=cs.indexOf(chk)+32;
    chm=msg.charAt(i);
    cmm=cs.indexOf(chm)+32;
    for (var j=7;j>-1;j--){
      c=Math.pow(2,j);
      if (cmk>=c){
        cmk=cmk-c;
        ls+="1";
      }else{
        ls+="0"
      }

      if (cmm>=c){
        cmm=cmm-c;
        ls1+="1";
      }else{
        ls1+="0"
      }
    }
  }
  document.ex1.ps.value="I am now encrypting message string...";
  setTimeout("samp3()",1000);
}

function samp3(){
  // Next, convert the bits using key string
  ls2="";
  ls4="";
  for (var i=0;i<ls1.length;i++){
    ch=ls.charAt(i);
    ch1=ls1.charAt(i);
    if (ch=="0"){
      if (ch1=="0"){
        ch1="1";
      }else{
       ch1="0";
      }
    }
    ls2+=ch1;
  }
  /* If a different bit paradigm is
    used, alter the loop below
    accordingly. */

  for (var i=0;i<ls2.length;i=i+4){
    ls3=ls2.substring(i,i+4);
    y=sixteen.indexOf(ls3);
    ls4+=sixletter.charAt(y);
  }
  document.ex1.ps.value=ls4;

  if (cflg == 2){
    // Send the encrypted into to the CGI script!!
    document.ex1.submit();
  }
}

function decryp(){
  // Convert the keyword again
  ls="";
  for (var i=0;i<kwd.length;i++){
   chk=kwd.charAt(i);
    cmk=cs.indexOf(chk)+32;
    for (var j=7;j>-1;j--){
      c=Math.pow(2,j);
      if (cmk>=c){
        cmk=cmk-c;
        ls+="1";
      }else{
        ls+="0"
      }
    }
  }
  document.ex1.ps.value="I am now decrypting message string...";
  setTimeout("decryp1()",1000);
}

function decryp1(){
  /* Next, return msg from 4 bit to 8 bit.
    If a different bit paradigm is
    used, alter the loop variable below
    accordingly. */
  ls1="";
  for (var i=0;i<msg.length;i++){
    ls3=msg.charAt(i);
    y=sixletter.indexOf(ls3);
    ls1+=sixteen.substring(y,y+4);
}
  // Next, convert the bits using key string
  ls2="";
  ls4="";

  for (var i=0;i<ls1.length;i++){
    ch=ls.charAt(i);
    ch1=ls1.charAt(i);
    if (ch=="0"){
      if (ch1=="0"){
        ch1="1";
      }else{
        ch1="0";
      }
    }
    ls2+=ch1;
  }

  for (var i=0;i<ls2.length;i=i+8){
    ls3=ls2.substring(i,i+8);
    y=parseInt(ls3,2);
    ls4+=cs.charAt(y-32);
  }
  document.ex1.ps.value=ls4;
}
// End Hiding -->
</script>

</head>
<body bgcolor="#EEFAFF"><center>

<table border=0 cellpadding=8 cellspacing=10 width="100%">
<tr>
<td colspan="10" rowspan="10" bgcolor="#eeeecc">
<font class="E" size=3 color="#333333"><b>
<div align="center">
Follow the Step Below</a></b></font>
</div>
</td>
</tr>
</table>

<Table border=0 width=700>
<tr><td align=center><font face="Helvetica,Arial,Geneva">

<tr><td><font face="Helvetica,Arial,Geneva">

<form name="ex1" method=post action="/cgi-bin/store_passwd.pl">
<p><b>First:</B></p>
<p>Type your key letter, key word or key phrase here:</p>
<input type="password" name="key" value="" size=25>

<p><b>Second: </b></p>
<p>Type your message to be encrypted here:</p>
<textarea name="ps" rows=10 cols=50 wrap=virtual></textarea>

<br><b>Click Here </b> <input type="button" name="but" value=" Encrypt " onClic
k="cflg=0;samp();">
<b>Click here </b> <INPUT TYPE="button" NAME="but1" VALUE=" Decrypt " onClick="
cflg=1;samp()">
<b>Click here </b> <INPUT TYPE="button" NAME="but2" VALUE=" Encrypt & Continue"
 onClick="cflg=2;samp();">

</FORM>
</table>

<table>
<tr>
<td colspan="255" bgcolor="#eeeecc">
<div align="center">
<font class="F" size=2 color="#333333"><b>
Click below If You Have Any Question.</a></b></font>
</div>
</td>
</tr>
</table>

<p align="center"><font size ="1" face="Arial">
[ <a href="example.html">Home</a> | <a href="resource.html">Resource</a> | <a

href="act.html">Digital Signature Act</a> |
<a href="ecommerce.html">Building E-Commmerce</a> |  <a href="e2.html">Encrypti
on</a> |
<a href="my.html">Sign Up</a> | <a href="aboutus.html">About Us</a>]
</p>
</font>

=========================store_passwd.pl
#!/usr/local/bin/perl

use strict;
use CGI;
my($q)=new CGI;

my($file_name)="test";

##  Receive the key info.
my($key)=$q->param('key');
##  Receive the encrypted info.
my($ps)=$q->param('ps');

##  Store the info in a file.
open(TMP,">/tmp/".$file_name) || die $!;
print TMP $key."\t".$ps;
close(TMP);

print "Set-Cookie: fl=$file_name; path=/; \n";

print "Content-type: text/html\n\n";
print "Encrypted info saved and cookie set!!<P>\n";

=========================decrypt.pl
#!/usr/local/bin/perl

use strict;

print "Content-type: text/html\n\n";

if ($ENV{'HTTP_COOKIE'}){ ##  Cookie was set!! Read it!!
  my($cookie_name,$file_name)=split(/=/,$ENV{'HTTP_COOKIE'});
  undef $/;
  open(TMP,"/tmp/".$file_name) || die $!;
  my($key,$ps)=split(/\t/,<TMP>);
  close(TMP);
  $/="\n";
  chomp($ps);
 
  my($plain_text)=&decrypt($key,$ps);
  print "<pre>Encrypted text is >$ps< <P>\n\n";
  print "Plain text is $plain_text</pre>\n";
}else{
  print "Cookie not set!!<P>\n";
}

#################################################################
sub decrypt{
  my($kwd,$ps)=@_;
  my($ls,$ls1,$ls2,$ls3,$ls4);
  my($bs,$cs,$sixletter,$sixteen);
  $bs="\\";
  $cs=' !"#$%&';
  $cs.="'()*+,-./0123456789:;<=>?\@ABCDEFGHIJKLMNOPQRS"."TUVWXYZ^[_]`abcdefghij
klmnopqrstuvwxyz{|}~\t\r\n".$bs;

  $sixteen="0000 0001 0010 0011 0100 0101 0110 0111 "
          ."1000 1001 1010 1011 1100 1101 1110 1111 ";
  $sixletter=";    .    *    ,    x    `    i    :    _    -    ^    <    >
'    ~    =    ";

  my($kwdpd)=$kwd;

  my($sl)=length($ps)/2;

  while(length($kwd)<$sl){
    $kwd.=$kwdpd;
  }

  my($chk,$cmk,$i);
  foreach $i (0..(length($kwd)-1)){
    $chk=substr($kwd,$i,1);
    $cmk=index($cs,$chk)+32;
    my($j)=7;
    my($c);
    while($j>-1){
     $c=2**$j;
      $j--;
      if ($cmk>=$c){
        $cmk=$cmk-$c;
        $ls.="1";
      }else{
        $ls.="0"
      }
    }
  }

  my($y);
  foreach $i (0 .. (length($ps)-1)){
    $ls3=substr($ps,$i,1);
    $y=index($sixletter,$ls3);
    $ls1.=substr($sixteen,$y,4);
  }

  my($ch,$ch1);
  foreach $i (0 .. (length($ls1)-1)){
    $ch=substr($ls,$i,1);
    $ch1=substr($ls1,$i,1);
    if ($ch == 0){
      if ($ch1 == 0){
        $ch1=1;
      }else{
      $ch1=0;
      }
    }
    $ls2.=$ch1;
  }

  $i=0;
  while ($i<length($ls2)){
    $ls3=substr($ls2,$i,8);
    $y=bin2dec($ls3);
    $ls4.=substr($cs,$y-32,1);
    $i+=8;
  }

  return $ls4;
}

sub bin2dec {
  return unpack("N", pack("B32", substr("0" x 32 . shift, -32)));
}

Thank you very much for your hardwork.I wonder how am i suppose to thank you in an appropriate way.
I still have some problems here.I am curious that do i need to install any new software in my pc?
It doesnt not work well.
The Encrypt and Decrypt function doesnt work.
Do i still need to click on encrypt button follow by decrypt and the new button.It this the correct procedure?
Sad to say that i dont really have knowldege on  CGI. I am just new to this laugage.
Anyway how should i address you?
I am kevin over here..

You can reward the expert with your grading and points.

Kevin,

my name is Manesh. ok here is what you need to do. when you load the html page you will see an extra button, in addition  to the 2 you have.

This extra button has the caption "Encrypt & continue".

Now enter your key and the text you want to encrypt. Click on the "Encrypt & continue" button.

now that is when my your javascript encryption subroutine is called. once the javascript encryption is done, my PERL/CGI script is called.

This script gets the key and the encrypted info and stores it on the server in a file. it also sets a cookie with that file name as the value.

next when you run my second PERL script, it reads that cookie value, gets the file name and does the decryption.

Finally it shows you the decrypted value on your browser.

in order to see the entire thing running you will need to have a web server running on the system.

However for the javascript part of the program, you only need a javascript aware browser like netscape or IE.

there are many free web servers available for Windows and Unix platforms.

let me know if there is anything else that you need.

Rgds            

Manesh,

    Hello I think i get the Idea. Thank you very much. I am finally done with the project thank you for your effort. I am kevin over here ..

glad to be of help to you & to know that you could complete your project.

were you able to get the solution to work?
how did it go?? did you face any problems???

let me know.

Rgds

It run smoothly. Somehow i made some changes to get into the right way. How do you manage to know Perl so well ??
how can i end this question??

"....It run smoothly.."

Lovely!! that nice.

"...Somehow i made some changes to get into the right way..."

Good for you!! Glad to know that you have a working solution.

"....How do you manage to know Perl so well ?? ..."

PERL is my first love. i have been working with it for almost 6 yrs now!!


".......how can i end this question?? ....."

you can accept my comment as an answer and grade me too.

i would suggest that you keep the amount of time and effort that was put into your solution before assigning points.

Wish you luck with your future projects.

Rgds

i just noticed something odd.

the original Q was posted by user chwankok (Kevin) and user kokzai has found the solution working too.

are chwankok & kokzai one and the same person??

just curious. :-)

Sorry i was away for sometime. I was back to hometown and couldnt get online any sooner. KokZai and Chwankok is the different  person but able to access each other account =)
I will accept it soon. Thank you for the file.
Oh well if i do have more question. Will you help me?
=)

"...........Oh well if i do have more question. Will you help me? ..."

Sure!! :-)

Rgds