Skip to content

Commit

Permalink
Update documentation.
Browse files Browse the repository at this point in the history
  • Loading branch information
@niwinz
niwinz committed Jan 24, 2017
1 parent 3073329 commit c243f84
Showing 1 changed file with 30 additions and 7 deletions.
37 changes: 30 additions & 7 deletions doc/content.adoc
View file
@@ -1,6 +1,6 @@
= buddy-core - Cryptographic Api
Andrey Antukh, <niwi@niwi.nz>
1.1.1
1.2.0
:toc: left
:!numbered:
:source-highlighter: pygments
Expand Down Expand Up @@ -40,7 +40,7 @@ dependency vector on your *_project.clj_* file:

[source,clojure]
----
[buddy/buddy-core "1.1.1"]
[buddy/buddy-core "1.2.0"]
----

And is tested under JDK7 and JDK8.
Expand Down Expand Up @@ -750,14 +750,37 @@ by a known public key.

== FAQ

*Buddy has own cryptographic algorithms implementations?*
=== Buddy has own cryptographic algorithms implementations?

Mainly no, I'm not cryptography expert and for this I rely on the to battle tested Bouncy Castle java
library that's dedicated to this purpose.
Mainly no, I'm not cryptography expert and for this I rely on the to
battle tested Bouncy Castle java library that's dedicated to this
purpose.

*Buddy will support pgp?*

Surely not! Because there already exists one good link:https://github.com/greglook/clj-pgp[library for that].
=== Buddy will support pgp?

Surely not! Because there already exists one good
link:https://github.com/greglook/clj-pgp[library for that].


=== Unexpected exceptions when application is run from uberjar?

This is known problem of BouncyCastle. This is because, some parts of buddy uses the BC provider
that BouncyCastle exposes. And any security providers for the JDK should be signed. And if you
repackage all dependencies of your application in one unique jar, it will not match the signature
of BC provider, and then, jdk will silently rejects adding it.

Take care that only very small part of buddy-core is subject to this
issue. Only the `buddy.core.dsa` and `buddy.core.keys` (partially) are
using the security provider. So if you are using it, you will need to
provide the bouncy castle dependency separatelly to your uberjar
bundle.

A common approach for this case, is just put `:uberjar-exclusions
[#"org/bouncycastle"]` on your `:uberjar` profile and then, download
the bouncycastle jars and expose them in the classpath. If you are
running your application directly from lein, you are not affected by
this issue.


== Developers Guide
Expand Down

0 comments on commit c243f84

Please sign in to comment.