kandi background
Explore Kits

FEBS-Shiro | Spring Boot 2.4.2,Shiro1.6.0 & Layui 2 | Security Framework library

 by   febsteam Java Version: Current License: Apache-2.0

 by   febsteam Java Version: Current License: Apache-2.0

Download this library from

kandi X-RAY | FEBS-Shiro Summary

FEBS-Shiro is a Java library typically used in Security, Security Framework, Spring Boot, Bootstrap, Spring applications. FEBS-Shiro has no bugs, it has build file available, it has a Permissive License and it has medium support. However FEBS-Shiro has 1 vulnerabilities. You can download it from GitHub.
Spring Boot 2.4.2,Shiro1.6.0 & Layui 2.5.6 权限管理系统。预览地址:http://47.104.70.138:8080/login
Support
Support
Quality
Quality
Security
Security
License
License
Reuse
Reuse

kandi-support Support

  • FEBS-Shiro has a medium active ecosystem.
  • It has 5487 star(s) with 2183 fork(s). There are 216 watchers for this library.
  • It had no major release in the last 12 months.
  • There are 8 open issues and 160 have been closed. On average issues are closed in 26 days. There are no pull requests.
  • It has a neutral sentiment in the developer community.
  • The latest version of FEBS-Shiro is current.
FEBS-Shiro Support
Best in #Security Framework
Average in #Security Framework
FEBS-Shiro Support
Best in #Security Framework
Average in #Security Framework

quality kandi Quality

  • FEBS-Shiro has 0 bugs and 0 code smells.
FEBS-Shiro Quality
Best in #Security Framework
Average in #Security Framework
FEBS-Shiro Quality
Best in #Security Framework
Average in #Security Framework

securitySecurity

  • FEBS-Shiro has 1 vulnerability issues reported (0 critical, 1 high, 0 medium, 0 low).
  • FEBS-Shiro code analysis shows 0 unresolved vulnerabilities.
  • There are 0 security hotspots that need review.
FEBS-Shiro Security
Best in #Security Framework
Average in #Security Framework
FEBS-Shiro Security
Best in #Security Framework
Average in #Security Framework

license License

  • FEBS-Shiro is licensed under the Apache-2.0 License. This license is Permissive.
  • Permissive licenses have the least restrictions, and you can use them in most projects.
FEBS-Shiro License
Best in #Security Framework
Average in #Security Framework
FEBS-Shiro License
Best in #Security Framework
Average in #Security Framework

buildReuse

  • FEBS-Shiro releases are not available. You will need to build from source code and install.
  • Build file is available. You can build the component from source.
  • It has 21357 lines of code, 594 functions and 242 files.
  • It has low code complexity. Code complexity directly impacts maintainability of the code.
FEBS-Shiro Reuse
Best in #Security Framework
Average in #Security Framework
FEBS-Shiro Reuse
Best in #Security Framework
Average in #Security Framework
Top functions reviewed by kandi - BETA

kandi has reviewed FEBS-Shiro and discovered the below as its top functions. This is intended to give you an instant insight into FEBS-Shiro implemented functionality, and help decide if they suit your requirements.

  • Sets the system browser info .
  • Extract server info from metric data .
  • Method to execute the job .
  • Imports Excel files .
  • Returns a list of all active users .
  • Bean for Quartz .
  • Determines desensititization fields .
  • Build menu tree .
  • This method invokes a limit on a method
  • Check validation code .

FEBS-Shiro Key Features

Spring Boot 2.4.2,Shiro1.6.0 & Layui 2.5.6 权限管理系统。预览地址:http://47.104.70.138:8080/login

Community Discussions

Trending Discussions on Security Framework
  • How do I parse an x509 certificate and extract its key's signature algorithm?
Trending Discussions on Security Framework

QUESTION

How do I parse an x509 certificate and extract its key's signature algorithm?

Asked 2020-Apr-18 at 14:14

I have an x509 certificate as a file/byte array that I'd like to use to verify the signature provided in a CertificateVerify TLS message. I think I can use SecKeyVerifySignature once I've determined the certificate's key algorithm (SecKeyAlgorithm parameter) and initialized the signedData from the transcript hash (concatenated to the context string, etc.).

openssl x509 reports the certificate's key like

Subject Public Key Info:
    Public Key Algorithm: id-ecPublicKey
        Public-Key: (256 bit)
        pub:
            04:44:58:8c:d0:95:90:14:45:82:db:4f:56:41:7d:
            57:0e:f5:b4:d8:65:04:6c:21:5a:cd:1e:0e:87:10:
            f9:31:c6:fa:b9:ad:b3:a5:e1:df:9f:32:25:4b:a9:
            40:5c:d4:56:0d:bb:55:fd:f4:68:f9:4e:89:70:56:
            b9:1c:4a:ef:93
        ASN1 OID: prime256v1
        NIST CURVE: P-256 

I believe I can parse the certificate with the mechanism described here, eg.

CFDataRef certData = CFDataCreate(NULL, (const UInt8*) rawCert, len);
SecCertificateRef certificate = SecCertificateCreateWithData(NULL, certData);

And I think I can use SecCertificateCopyKey to extract the key, eg.

SecKeyRef key = SecCertificateCopyKey(certificate);

I can't, however, find a way to extract the key's signature algorithm (Public Key Algorithm). I found SecKeyIsAlgorithmSupported. Do I need to iterate over al the possible SecKeyAlgorithm constants to find the one that the key is using (ie. a SecKeyAlgorithm for id-ecPublicKey)?

ANSWER

Answered 2020-Apr-18 at 14:14

I misunderstood my own goals.

The CertificateVerify message provides a digest of the handshake up to that point. The server uses its certificate's private key to perform that signature. As indicated in the TLS 1.3 specification, the signature algorithm is part of the CertificateVerify structure

struct {
    SignatureScheme algorithm;
    opaque signature<0..2^16-1>;
} CertificateVerify;

I just need to extract it and convert it to a SecKeyAlgorithm. For example (with C++)

SecKeyAlgorithm keyAlgorithm;
// algorithm extracted from CertificateVerify
switch (algorithm) {
  case SignatureScheme::ecdsa_secp256r1_sha256:
    keyAlgorithm = kSecKeyAlgorithmECDSASignatureDigestX962SHA256;
    break;
  case SignatureScheme::rsa_pss_sha256:
    keyAlgorithm = kSecKeyAlgorithmRSASignatureDigestPSSSHA256;
    break;
  case SignatureScheme::ed25519:
  case SignatureScheme::ed448:
  default:
    throw std::runtime_error("unsupported peer cert type");
}

I can then confirm the certificate supports that algorithm

if (!SecKeyIsAlgorithmSupported(key, kSecKeyOperationTypeVerify, keyAlgorithm)) {
  CFRelease(publicKey);
  throw std::runtime_error("Unsupported signature scheme");
}

and finally perform the verification with the signature in the CertificateVerify and the compiled signed data from the handshake

CFErrorRef error;
bool signatureVerified = SecKeyVerifySignature(key, keyAlgorithm, toBeSignedData, signature, &error);
if (!signatureVerified) {
  CFRelease(error); // or use it
  throw std::runtime_error("Signature verification failed");
}

Source https://stackoverflow.com/questions/61150265

Community Discussions, Code Snippets contain sources that include Stack Exchange Network

Vulnerabilities

** DISPUTED ** An issue was discovered in the fileDownload function in the CommonController class in FEBS-Shiro before 2018-11-05. An attacker can download a file via a request of the form /common/download?filename=1.jsp&delete=false. NOTE: the software maintainer disputes the significance of this report because the product uses a JAR archive for deployment, and this contains application.yml with configuration data.

Install FEBS-Shiro

You can download it from GitHub.
You can use FEBS-Shiro like any standard Java library. Please include the the jar files in your classpath. You can also use any IDE and you can run and debug the FEBS-Shiro component as you would do with any other Java program. Best practice is to use a build tool that supports dependency management such as Maven or Gradle. For Maven installation, please refer maven.apache.org. For Gradle installation, please refer gradle.org .

Support

For any new features, suggestions and bugs create an issue on GitHub. If you have any questions check and ask questions on community page Stack Overflow .

DOWNLOAD this Library from

Find, review, and download reusable Libraries, Code Snippets, Cloud APIs from
over 430 million Knowledge Items
Find more libraries
Reuse Solution Kits and Libraries Curated by Popular Use Cases

Save this library and start creating your kit

Share this Page

share link
Consider Popular Security Framework Libraries
Compare Security Framework Libraries with Highest Support
Compare Security Framework Libraries with Highest Quality
Compare Security Framework Libraries with Permissive License
Find, review, and download reusable Libraries, Code Snippets, Cloud APIs from
over 430 million Knowledge Items
Find more libraries
Reuse Solution Kits and Libraries Curated by Popular Use Cases

Save this library and start creating your kit

  • © 2022 Open Weaver Inc.