From edc8292d9951cb69bae38c8f88aa3078d7c438ae Mon Sep 17 00:00:00 2001
From: Adam Piper <adam.piper@portswigger.net>
Date: Sun, 8 Jan 2017 11:30:08 +0900
Subject: [PATCH 1/3] Add BApp metadata files.

---
 BappDescription.html | 29 +++++++++++++++++++++++++++++
 BappManifest.bmf     | 11 +++++++++++
 2 files changed, 40 insertions(+)
 create mode 100644 BappDescription.html
 create mode 100644 BappManifest.bmf

diff --git a/BappDescription.html b/BappDescription.html
new file mode 100644
index 0000000..8f57760
--- /dev/null
+++ b/BappDescription.html
@@ -0,0 +1,29 @@
+<p>SAML Raider is a Burp Suite extension for testing SAML infrastructures. It contains two core features - a SAML message editor and an X.509 certificate manager.</p>
+<p>The message editor provides the following capabilities:</p>
+<ul>
+    <li>Sign SAML Messages</li>
+    <li>Sign SAML Assertions</li>
+    <li>Remove Signatures</li>
+    <li>Edit SAML Messages (Supported Messages: SAMLRequest and SAMLResponse)</li>
+    <li>Preview eight common XSW Attacks</li>
+    <li>Execute eight common XSW Attacks</li>
+    <li>Send certificate to SAML Raider Certificate Management</li>
+    <li>Undo all changes of a SAML Message</li>
+    <li>Supported Profiles: SAML Webbrowser Single Sign-on Profile, Web Services Security SAML Token Profile</li>
+    <li>Supported Bindings: POST Binding, Redirect Binding, SOAP Binding, URI Binding</li>
+</ul>
+
+<p>The certificate manager provides the following capabilities:</p>
+<ul>
+    <li>Import X.509 certificates (PEM and DER format)</li>
+    <li>Import X.509 certificate chains</li>
+    <li>Export X.509 certificates (PEM format)</li>
+    <li>Delete imported X.509 certificates</li>
+    <li>Display informations of X.509 certificates</li>
+    <li>Import private keys (PKCD#8 in DER format and traditional RSA in PEM Format)</li>
+    <li>Export private keys (traditional RSA Key PEM Format)</li>
+    <li>Cloning X.509 certificates</li>
+    <li>Cloning X.509 certificate chains</li>
+    <li>Create new X.509 certificates</li>
+    <li> Editing and self-sign existing X.509 certificates</li>
+</ul>
\ No newline at end of file
diff --git a/BappManifest.bmf b/BappManifest.bmf
new file mode 100644
index 0000000..53a4602
--- /dev/null
+++ b/BappManifest.bmf
@@ -0,0 +1,11 @@
+Uuid: c61cfa893bb14db4b01775554f7b802e
+ExtensionType: 1
+Name: SAML Raider
+ScreenVersion: 1.2.1
+SerialVersion: 4
+MinPlatformVersion: 0
+ProOnly: False
+Author: Roland Bischofberger / Emanuel Duss
+ShortDescription: Provides a SAML message editor and a certificate management tool to help with testing SAML infrastructures.
+EntryPoint: target/saml-raider-1.2.1-SNAPSHOT-jar-with-dependencies.jar
+BuildCommand: mvn package -DskipTests=true -Dmaven.javadoc.skip=true -B

From 7a9ff3181a8281176c4613df896a28d7c9db758d Mon Sep 17 00:00:00 2001
From: Adam Piper <adam.piper@portswigger.net>
Date: Mon, 13 Feb 2017 21:41:18 +0900
Subject: [PATCH 2/3] Add RepoName to BappManifest

---
 BappManifest.bmf | 1 +
 1 file changed, 1 insertion(+)

diff --git a/BappManifest.bmf b/BappManifest.bmf
index 53a4602..2962b91 100644
--- a/BappManifest.bmf
+++ b/BappManifest.bmf
@@ -1,6 +1,7 @@
 Uuid: c61cfa893bb14db4b01775554f7b802e
 ExtensionType: 1
 Name: SAML Raider
+RepoName: saml-raider
 ScreenVersion: 1.2.1
 SerialVersion: 4
 MinPlatformVersion: 0

From 69844d1dc883de2ae8142d2282c5c0cc1e9a2edd Mon Sep 17 00:00:00 2001
From: Paul Johnston <paul.johnston@portswigger.net>
Date: Tue, 26 Mar 2019 16:01:54 +0000
Subject: [PATCH 3/3] Include javax.xml so extension works on OpenJDK 11

---
 .gitignore                                      |  2 ++
 BappManifest.bmf                                |  6 +++---
 pom.xml                                         | 16 +++++++++++++---
 .../application/BurpCertificateBuilder.java     |  4 +---
 src/main/java/helpers/XMLHelpers.java           | 10 +++++-----
 src/main/java/model/BurpCertificateStore.java   |  9 +++++----
 src/test/java/application/HTTPHelpersTest.java  | 17 +++++++----------
 7 files changed, 36 insertions(+), 28 deletions(-)

diff --git a/.gitignore b/.gitignore
index 1bd7945..6655ece 100644
--- a/.gitignore
+++ b/.gitignore
@@ -5,3 +5,5 @@ bin/
 lib/burpsuite_*.jar
 target/
 SAMLRaiderDebug.log
+.idea/
+*.iml
diff --git a/BappManifest.bmf b/BappManifest.bmf
index 2962b91..d9eaf6e 100644
--- a/BappManifest.bmf
+++ b/BappManifest.bmf
@@ -2,11 +2,11 @@ Uuid: c61cfa893bb14db4b01775554f7b802e
 ExtensionType: 1
 Name: SAML Raider
 RepoName: saml-raider
-ScreenVersion: 1.2.1
-SerialVersion: 4
+ScreenVersion: 1.2.2
+SerialVersion: 6
 MinPlatformVersion: 0
 ProOnly: False
 Author: Roland Bischofberger / Emanuel Duss
 ShortDescription: Provides a SAML message editor and a certificate management tool to help with testing SAML infrastructures.
-EntryPoint: target/saml-raider-1.2.1-SNAPSHOT-jar-with-dependencies.jar
+EntryPoint: target/saml-raider-1.2.2-jar-with-dependencies.jar
 BuildCommand: mvn package -DskipTests=true -Dmaven.javadoc.skip=true -B
diff --git a/pom.xml b/pom.xml
index 2fa1d63..25fec7b 100644
--- a/pom.xml
+++ b/pom.xml
@@ -5,7 +5,7 @@
 	<description>SAML2 Burp Suite Extension</description>
 	<groupId>ch.hsr</groupId>
 	<artifactId>saml-raider</artifactId>
-	<version>1.2.1-SNAPSHOT</version>
+	<version>1.2.2</version>
 	<modelVersion>4.0.0</modelVersion>
 	  <properties>
     <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
@@ -41,6 +41,16 @@
 			<artifactId>xml-security-impl</artifactId>
 			<version>1.0</version>
 		</dependency>
+		<dependency>
+			<groupId>xerces</groupId>
+			<artifactId>xercesImpl</artifactId>
+			<version>2.12.0</version>
+		</dependency>
+		<dependency>
+			<groupId>org.apache.santuario</groupId>
+			<artifactId>xmlsec</artifactId>
+			<version>2.1.2</version>
+		</dependency>
 	</dependencies>
 	<build>
 		<plugins>
@@ -48,8 +58,8 @@
 				<artifactId>maven-compiler-plugin</artifactId>
 				<version>3.1</version>
 				<configuration>
-					<source>1.7</source>
-					<target>1.7</target>
+					<source>1.8</source>
+					<target>1.8</target>
 					<descriptorRefs>
 						<descriptorRef>jar-with-dependencies</descriptorRef>
 					</descriptorRefs>
diff --git a/src/main/java/application/BurpCertificateBuilder.java b/src/main/java/application/BurpCertificateBuilder.java
index 89abe73..521e540 100644
--- a/src/main/java/application/BurpCertificateBuilder.java
+++ b/src/main/java/application/BurpCertificateBuilder.java
@@ -49,8 +49,6 @@
 import org.bouncycastle.x509.X509V3CertificateGenerator;
 import org.bouncycastle.x509.extension.X509ExtensionUtil;
 
-import sun.reflect.generics.reflectiveObjects.NotImplementedException;
-
 @SuppressWarnings("deprecation")
 public class BurpCertificateBuilder {
 	X509V3CertificateGenerator certificateGenerator;
@@ -183,7 +181,7 @@ private X509Certificate generateX509Certificate(PrivateKey privateKey) throws Ce
 		// X.509v3 General
 
 		if (version != 3) {
-			throw new NotImplementedException();
+			throw new UnsupportedOperationException("Not implemented yet.");
 		}
 		certificateGenerator = new X509V3CertificateGenerator();
 		certificateGenerator.setSerialNumber(serial);
diff --git a/src/main/java/helpers/XMLHelpers.java b/src/main/java/helpers/XMLHelpers.java
index baacd05..c7f8d39 100644
--- a/src/main/java/helpers/XMLHelpers.java
+++ b/src/main/java/helpers/XMLHelpers.java
@@ -47,11 +47,11 @@
 import org.xml.sax.InputSource;
 import org.xml.sax.SAXException;
 
-import com.sun.org.apache.xml.internal.security.Init;
-import com.sun.org.apache.xml.internal.security.signature.XMLSignature;
-import com.sun.org.apache.xml.internal.security.transforms.Transforms;
-import com.sun.org.apache.xml.internal.serialize.OutputFormat;
-import com.sun.org.apache.xml.internal.serialize.XMLSerializer;
+import org.apache.xml.security.Init;
+import org.apache.xml.security.signature.XMLSignature;
+import org.apache.xml.security.transforms.Transforms;
+import org.apache.xml.serialize.OutputFormat;
+import org.apache.xml.serialize.XMLSerializer;
 
 public class XMLHelpers {
 	
diff --git a/src/main/java/model/BurpCertificateStore.java b/src/main/java/model/BurpCertificateStore.java
index d62cd16..feb1e19 100644
--- a/src/main/java/model/BurpCertificateStore.java
+++ b/src/main/java/model/BurpCertificateStore.java
@@ -6,6 +6,7 @@
 import java.util.List;
 
 import javax.swing.tree.DefaultMutableTreeNode;
+import javax.swing.tree.TreeNode;
 
 public class BurpCertificateStore {
 
@@ -57,9 +58,9 @@ public void addCertificateChain(List<BurpCertificate> burpCertificateChain) {
 	 */
 	public void removeCertificate(BurpCertificate burpCertificate) {
 		@SuppressWarnings("unchecked")
-		Enumeration<DefaultMutableTreeNode> en = rootNode.depthFirstEnumeration();
+		Enumeration<TreeNode> en = rootNode.depthFirstEnumeration();
 		while (en.hasMoreElements()) {
-			DefaultMutableTreeNode foundNode = en.nextElement();
+			DefaultMutableTreeNode foundNode = (DefaultMutableTreeNode) en.nextElement();
 			if (foundNode.getUserObject() instanceof BurpCertificate) {
 				if (foundNode.getUserObject() == burpCertificate) {
 					foundNode.removeFromParent();
@@ -95,9 +96,9 @@ public DefaultMutableTreeNode getRootNode() {
 	public List<BurpCertificate> getBurpCertificatesWithPrivateKey() {
 		List<BurpCertificate> certificatesWithPrivateKey = new LinkedList<>();
 		@SuppressWarnings("unchecked")
-		Enumeration<DefaultMutableTreeNode> en = rootNode.depthFirstEnumeration();
+		Enumeration<TreeNode> en = rootNode.depthFirstEnumeration();
 		while (en.hasMoreElements()) {
-			DefaultMutableTreeNode foundNode = en.nextElement();
+			DefaultMutableTreeNode foundNode = (DefaultMutableTreeNode) en.nextElement();
 			if (foundNode.getUserObject() instanceof BurpCertificate) {
 				BurpCertificate b = (BurpCertificate) foundNode.getUserObject();
 				if (b.hasPrivateKey()) {
diff --git a/src/test/java/application/HTTPHelpersTest.java b/src/test/java/application/HTTPHelpersTest.java
index 6c8f367..f0054be 100644
--- a/src/test/java/application/HTTPHelpersTest.java
+++ b/src/test/java/application/HTTPHelpersTest.java
@@ -1,16 +1,13 @@
 package application;
 
-import static org.junit.Assert.assertEquals;
 import helpers.HTTPHelpers;
+import org.junit.Test;
 
 import java.io.IOException;
-import java.io.UnsupportedEncodingException;
+import java.util.Base64;
 import java.util.zip.DataFormatException;
 
-import org.junit.Test;
-
-import sun.misc.BASE64Decoder;
-import sun.misc.BASE64Encoder;
+import static org.junit.Assert.assertEquals;
 
 public class HTTPHelpersTest {
 	HTTPHelpers helpers = new HTTPHelpers();
@@ -19,15 +16,15 @@ public class HTTPHelpersTest {
 	String decompressed = "<samlp:LogoutResponse xmlns:samlp=\"urn:oasis:names:tc:SAML:2.0:protocol\" xmlns:saml=\"urn:oasis:names:tc:SAML:2.0:assertion\" ID=\"_6acb7c41720ef5f00c4c32f6016cb39d7f1c09a888\" Version=\"2.0\" IssueInstant=\"2015-07-19T13:34:02Z\" Destination=\"http://samluelsp/simplesaml/module.php/saml/sp/saml2-logout.php/default-sp\" InResponseTo=\"_9268bb72d0db244ef79cd309265edebbdee77d9b98\"><saml:Issuer>http://samluelidp</saml:Issuer><samlp:Status><samlp:StatusCode Value=\"urn:oasis:names:tc:SAML:2.0:status:Success\"/></samlp:Status></samlp:LogoutResponse>";
 	
 	@Test
-	public void testInflate() throws UnsupportedEncodingException, IOException, DataFormatException {
-		byte[] valueDecoded = (new BASE64Decoder()).decodeBuffer(compressed);
+	public void testInflate() throws IOException, DataFormatException {
+		byte[] valueDecoded = Base64.getDecoder().decode(compressed);
 		assertEquals(decompressed, new String(helpers.decompress(valueDecoded, true), "UTF-8"));
 	}
 	
 	@Test
-	public void testDeflate() throws UnsupportedEncodingException, IOException, DataFormatException {
+	public void testDeflate() throws IOException {
 		byte [] valueCompressed = helpers.compress(decompressed.getBytes("UTF-8"), true);
-		String result = (new BASE64Encoder()).encode(valueCompressed);
+		String result = Base64.getEncoder().encodeToString(valueCompressed);
 		result = result.replaceAll("\\r?\\n", "");
 		assertEquals(compressed, result);
 	}