1. Capturing a password as a string is insecure (note that the swing
JPasswordField has recognized this).
2. ALL OF THE CRYPTOGRAPHY INTERFACES REQUIRE BYTE[].
3. There is no way to accurately convert a character[] to a byte[]
without converting to a String first.
What I tried to do to create a "password" was to capture the character
input via a JPasswordField. Then I wanted to utilize a hash algorithm
(MD5 or SHA) to hash the char[] array to a value. Then (and I had to
write this) convert the output of the hash to character based output (by
the way, why is there not a toString method on MessageDigest that
returns the value of the digest as a String?).
Luke Stephens
lstephen@ivisoft.com