xsc
commented
10 years ago Seems like one of your other dependencies uses a different BouncyCastle package. Can you paste (part of) your project.clj?
Closed mathiasp closed 10 years ago
xsc
commented
10 years ago Seems like one of your other dependencies uses a different BouncyCastle package. Can you paste (part of) your project.clj?
mathiasp
commented
10 years ago Oh, I see. Sadly lein deps :tree gives me a null pointer exception. Seems I have to clean my libs...
Here is the current list, a bit chaotic, I'm still playing around with stuff:
:dependencies [[org.clojure/clojure "1.6.0"] [org.clojure/clojurescript "0.0-2173"] [org.clojure/core.async "0.1.267.0-0d7780-alpha"] [org.clojure/algo.generic "0.1.2"] [com.cemerick/friend "0.2.0" :exclusions [ring/ring-core org.apache.httpcomponents/httpclient]] [ring "1.2.1"] [ring/ring-jetty-adapter "1.2.1"] [org.clojure/core.cache "0.6.3"] [org.clojure/core.memoize "0.5.6" :exclusions [org.clojure/core.cache]] [compojure "1.1.6" :exclusions [ring/ring.core org.clojure/tools.macro] ] [hiccup "1.0.5"] [cljs-ajax "0.2.3"] [prismatic/dommy "0.1.2"] [com.taoensso/tower "2.0.2"] ; i18n [com.taoensso/timbre "3.1.1"] ; logging [environ "0.4.0"] ; [co.paralleluniverse/pulsar "0.4.0" :exclusions [org.clojure/tools.macro]] [enlive "1.1.5"] [liberator "0.11.0"] [slamhound "1.5.1"] [ring-middleware-format "0.3.2"] [clojure-csv/clojure-csv "2.0.1"] [formative "0.8.8"] [matsu "0.1.2"] [cheshire "5.3.1"] [om "0.5.2"] [om-sync "0.1.1"] [ankha "0.1.1"] ;; om component for data inspection [image-resizer "0.1.6"] [me.raynes/conch "0.6.0"] ;; call programs from clojure [simple-time "0.1.1"] ; nice time library [clj-pdf "1.11.15"] ; pdf generation [net.glxn/qrgen "1.4-SNAPSHOT"] ;; simplifiec qrcode generation (java) ;; passwords / hashing: [pandect "0.3.0"] ; digest and hmac [clojurewerkz/scrypt "1.1.0"] [crypto-random "1.2.0"] ; wrapper around SecureRandom [http-kit "2.1.17"] [clj-http "0.7.9"]
xsc
commented
10 years ago @mathiasp lein deps :tree would indeed be helpful. Alternatively, just use pandect 0.3.0 which does not ship with BouncyCastle-based hashes/HMACs. The list of supported functions for that version can be found here.
The whole problem stems from BouncyCastle offering different artifacts depending on whether you're intending to use them with JDK 1.2, JDK 1.3, ... With the latest releases, however, there is only one package left for everything >= JDK 1.5 which is the one that pandect uses but which conflicts with every library that includes one of the dedicated artifacts. (They contain the same classes but since compilation settings differ, so does the signature...)
If you are able to narrow down the problem, maybe prompt the respective developers to upgrade their BouncyCastle dependency.
Sorry I can't do more!
mathiasp
commented
10 years ago No problem, and sorry I didn't close this, it's obviously a problem in my config. I discovered that I had environ in my .lein/profiles.clj and my project.clj, that's why lein deps :tree bombed.
Just fyi: I'm now using buddy, since it includes scrypt and hmac and I've decided to use it for authorization anyway.
Thanks for your help,
Mathias
org.bouncycastle.crypto.digests.SHA3Digest"'s signer information does not match signer information of other classes in the same package, compiling:(pandect/core.clj:35:1)
Thanks for pandect, looks like it can be useful for my current project.
I just tried to use it and got the above error.
This happens with pandect 3.1 and 3.2; 3.0 works fine...
I really do not know enough about java libraries here, can you enlighten me how to fix this?
Thanks, Mathias