when i try to compile in java gwt its displaying the issues below
- The import java.security cannot be resolved
- MessageDigest cannot be resolved to a type
- NoSuchAlgorithmException cannot be resolved to a type
note: versions used gwt 2.0 java 6 (jre 1.6) tried in 1.8 as well
public static String EncryptPassowrd(String password)
{
String encryptedPassword = "";
byte[] actualBytes = password.toString().getBytes();
byte[] newbytes = new byte[actualBytes.length * 2];
for (int i = 0; i < actualBytes.length; i++)
{
newbytes[2 * i] = actualBytes[i];
newbytes[2 * i + 1] = 0;
}
try
{
MessageDigest md = MessageDigest.getInstance("SHA-1");
md.reset();
md.update(newbytes);
byte[] encryptedbytes = md.digest();
for (int i = 0; i < encryptedbytes.length; i++)
{
encryptedPassword = encryptedPassword == "" ? Integer.toString((encryptedbytes[i] & 0xff) + 0x100, 16).substring(1) : encryptedPassword + "-"
+ Integer.toString((encryptedbytes[i] & 0xff) + 0x100, 16).substring(1);
}
return encryptedPassword.toUpperCase();
}
catch (NoSuchAlgorithmException e)
{
// Do Nothing
}
return "";
}
java.security is not included in the subset of the Java runtime library that GWT emulates, as it was already mentioned.
Although you could use GWT-Crypto to go around it, password encryption is not secure, especially on the client side - check GWT-Crypto own wiki. Instead, the plain text password should be sent over an encrypted channel (SSL) and processed securely on the server (for example, hashed with bcrypt). Since hash functions are one-way function, you won't be able to "decrypt" the hashes. In order to authenticate your user, you can run the password through the hash function again in order to compare with the hash that is stored in the database.