Merge pull request CompassSecurity#73 from CompassSecurity/thort/v2.0.1

emanuelduss · web-flow · commit fcec0fcec888 · 2024-09-11T08:58:54.000+02:00
Thort/v2.0.1
diff --git a/BappManifest.bmf b/BappManifest.bmf
@@ -2,12 +2,12 @@ Uuid: c61cfa893bb14db4b01775554f7b802e
 ExtensionType: 1
 Name: SAML Raider
 RepoName: saml-raider
-ScreenVersion: 2.0.0
+ScreenVersion: 2.0.1
 SerialVersion: 15
 MinPlatformVersion: 0
 ProOnly: False
 Author: Roland Bischofberger / Emanuel Duss / Tobias Hort-Giess
 ShortDescription: Provides a SAML message editor and a certificate management tool to help with testing SAML infrastructures.
-EntryPoint: build/libs/saml-raider-2.0.0.jar
+EntryPoint: build/libs/saml-raider-2.0.1.jar
 BuildCommand: ./gradlew jar
 SupportedProducts: Pro, Community
diff --git a/README.md b/README.md
@@ -79,7 +79,7 @@ Don't forget to rate our extension with as many stars you like :smile:.
 ### Manual Installation
 
 First, download the latest SAML Raider version:
-[saml-raider-2.0.0.jar](https://github.com/SAMLRaider/SAMLRaider/releases/download/v2.0.0/saml-raider-2.0.0.jar).
+[saml-raider-2.0.1.jar](https://github.com/SAMLRaider/SAMLRaider/releases/download/v2.0.1/saml-raider-2.0.1.jar).
 Then, start Burp Suite and click in the `Extensions` tab on `Add`. Choose the
 SAML Raider JAR file to install it and you are ready to go.
 
diff --git a/build.gradle b/build.gradle
@@ -2,7 +2,7 @@ plugins {
 	id "java-library"
 }
 
-version = "2.0.0"
+version = "2.0.1"
 
 repositories {
 	mavenCentral()
@@ -46,4 +46,4 @@ jar {
 
 test {
 	useJUnitPlatform()
-}
+}
diff --git a/gradle/libs.versions.toml b/gradle/libs.versions.toml
@@ -2,7 +2,7 @@
 com-google-guava = "33.2.1-jre"
 com-miglayout = "3.7.4"
 com-sun-xml-security-xml-security-impl = "1.0"
-net-portswigger-burp-extensions-montoya-api = "2023.12.1"
+net-portswigger-burp-extensions-montoya-api = "2024.7"
 org-apache-santuario-xmlsec = "2.1.7"
 org-bouncycastle-bcpkix-jdk15on = "1.52"
 org-junit-jupiter = "5.10.2"
diff --git a/src/main/java/application/SamlTabController.java b/src/main/java/application/SamlTabController.java
@@ -277,11 +277,13 @@ public void setRequestResponse(HttpRequestResponse requestResponse) {
     }
 
     private void setInformationDisplay() {
+        samlGUI.getTextEditorInformation().setContents(ByteArray.byteArray(""));
         SamlPanelInfo infoPanel = samlGUI.getInfoPanel();
         infoPanel.clearAll();
 
         try {
             Document document = xmlHelpers.getXMLDocumentOfSAMLMessage(samlMessage);
+            textEditorInformation.setContents(ByteArray.byteArray(xmlHelpers.getStringOfDocument(xmlHelpers.getXMLDocumentOfSAMLMessage(samlMessage), 2, true).getBytes()));
             NodeList assertions = xmlHelpers.getAssertions(document);
             if (assertions.getLength() > 0) {
                 Node assertion = assertions.item(0);
@@ -292,7 +294,6 @@ private void setInformationDisplay() {
                 infoPanel.setSubjectConfNotAfter(xmlHelpers.getSubjectConfNotAfter(assertion));
                 infoPanel.setSignatureAlgorithm(xmlHelpers.getSignatureAlgorithm(assertion));
                 infoPanel.setDigestAlgorithm(xmlHelpers.getDigestAlgorithm(assertion));
-                textEditorInformation.setContents(ByteArray.byteArray(xmlHelpers.getStringOfDocument(xmlHelpers.getXMLDocumentOfSAMLMessage(samlMessage), 2, true).getBytes()));
             } else {
                 assertions = xmlHelpers.getEncryptedAssertions(document);
                 Node assertion = assertions.item(0);
diff --git a/src/main/java/gui/SamlMain.java b/src/main/java/gui/SamlMain.java
@@ -44,6 +44,7 @@ private void initializeUI() {
         panelActionBottom.setLayout(new BorderLayout(0, 0));
         textEditorAction = BurpExtender.api.userInterface().createRawEditor();
         textEditorAction.setContents(ByteArray.byteArray("<SAMLRaiderFailureInInitialization></SAMLRaiderFailureInInitialization>"));
+        textEditorAction.setEditable(false);
         panelActionBottom.add(textEditorAction.uiComponent(), BorderLayout.CENTER);
 
         JSplitPane splitPaneInformation = new JSplitPane();
@@ -62,7 +63,6 @@ private void initializeUI() {
         panelInformationBottom.setLayout(new BorderLayout(0, 0));
         textEditorInformation = BurpExtender.api.userInterface().createRawEditor();
         textEditorInformation.setContents(ByteArray.byteArray(""));
-        textEditorAction.setEditable(false);
         panelInformationBottom.add(textEditorInformation.uiComponent(), BorderLayout.CENTER);
 
         JTabbedPane tabbedPane = new JTabbedPane();
diff --git a/src/test/java/application/ImportReadExportCertificateTest.java b/src/test/java/application/ImportReadExportCertificateTest.java
@@ -196,12 +196,10 @@ public void signatureValueIsCorrect() throws IOException, ParseException, Certif
     @Test
     public void exportedCertificateHashIsCorrect(@TempDir Path tempDir) throws IOException, KeyStoreException, NoSuchAlgorithmException, CertificateException {
         String outputFile = tempDir.resolve("exported.pem").toString();
-
+        this.certificateTabController.exportCertificate(this.certificate, outputFile);
         String outputExpected = "-----BEGIN CERTIFICATE-----MIIGJjCCBQ6gAwIBAgIUTWsBgOGCuRA3PeIxfJJ1lHAuiTUwDQYJKoZIhvcNAQEFBQAwazELMAkGA1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxHzAdBgNVBAsTFnd3dy5xdW92YWRpc2dsb2JhbC5jb20xIDAeBgNVBAMTF1F1b1ZhZGlzIEdsb2JhbCBTU0wgSUNBMB4XDTEyMDgxNTEwNTY0OVoXDTE1MDgxNTEwNTY0OVowgYExCzAJBgNVBAYTAkNIMRMwEQYDVQQIEwpTdC4gR2FsbGVuMRMwEQYDVQQHEwpSYXBwZXJzd2lsMR4wHAYDVQQKExVIb2Noc2NodWxlIFJhcHBlcnN3aWwxEzARBgNVBAsTCklULVN5c3RlbXMxEzARBgNVBAMTCnd3dy5oc3IuY2gwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCZOGior5F+1mhwqlBiIn3IAdURR1XxLYjr1vqwj+o+hrDG6RIbECaA/RGziVDbiVs6LGti8B/64cwHXZRHGUkCp+Gw7vpEfPDBuFpgHwbapU6WtvIDDRnOAg6G1u62Sgly2WHb3JWegr4NtWvQqLVS19Q3GmkmgiobLMkju116kHPdzrd4GqDSjBa23t5dwuX1mfG9uD/5lU3wu/u2dV+5IhihKlGblTMSOVL9kRdq3CRqMo7+bwilpYa7cyEn5iMQaMuD5CzLOfPe/iRJzZ2693ek9/rt3S1LwtGUHqKS+KY6j4CalQwx5LeQqHw8B9dgLvuRUAquw9geHgmANpjvAYsbN7r/rJ8FxV/sCOZ+80u7R5s/aSaWfrunf4UrSLZC3QGeRva0+jSUmqnQ5w/COQPscZO1BT6ClOzOGmeMJt1Qa09JjpjToTBujEjE1HXBR/BRyMpq0sajxQpdLm53TbzPnfPxZsyGxQZU7hR1Q+Z7JxytGqyuCp2FSn/vZ0cDPCjUm4n9WzWL93vz0VAKDUUdO2gqWiDPdk7tmYRULoMUId/xUnkWpm+/Smk1akAlXMeKjURLXX+P6BBhuAz/0crdWj1Fvi9V7631m06U3QsYNg6qEUKfKAwwN1eZpoU41AknDEE7Ep65TyPwrWkMcf0SMd9n01W+5W1euEcILwIDAQABo4IBqTCCAaUwdAYIKwYBBQUHAQEEaDBmMCoGCCsGAQUFBzABhh5odHRwOi8vb2NzcC5xdW92YWRpc2dsb2JhbC5jb20wOAYIKwYBBQUHMAKGLGh0dHA6Ly90cnVzdC5xdW92YWRpc2dsb2JhbC5jb20vcXZzc2xpY2EuY3J0MC4GA1UdEQQnMCWCCnd3dy5oc3IuY2iCCmxvZy5oc3IuY2iBC3Jvb3RAaHNyLmNoMFEGA1UdIARKMEgwRgYMKwYBBAG+WAACZAEBMDYwNAYIKwYBBQUHAgEWKGh0dHA6Ly93d3cucXVvdmFkaXNnbG9iYWwuY29tL3JlcG9zaXRvcnkwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAfBgNVHSMEGDAWgBQyTaFP6vCumbbumwcshAgRUIvifjA7BgNVHR8ENDAyMDCgLqAshipodHRwOi8vY3JsLnF1b3ZhZGlzZ2xvYmFsLmNvbS9xdnNzbGljYS5jcmwwHQYDVR0OBBYEFHjRxyuQCYIPx1gmApOod9ESOMCrMA0GCSqGSIb3DQEBBQUAA4IBAQB07i+XiQxFzCH8BCy7Ri2bR9bnZ4LWXfHScAoxip8s0r396J2DuGSxC1umprjDFOJALDq5cAh/C7h3/EiNGH0xyRk+tHsTv6zRsPuajR1H4oSGTpsQ2tRXUPU22QP+sbdEdV/Wc66j6o0k4vTJltp4Rhk7ger0xZZKPsRYbOag3cO12H8xFGBVvtsqpSb0dQsApDGEo4tldwEb3DDoZb9Xb4fIMFrYKbOGuL0UG3Nb3urnNDeM6199F1n/tiEcXtzMiQR0fJ32IvGtCMthyfH5Qhz1lLTv1B3vHsb1ggI1ggh//jNgmZOLVsx1hw2KEtlcIKZ9I03MsuwQiLHejIy+-----END CERTIFICATE-----";
-
         byte[] outputData = Files.readAllBytes(Paths.get(outputFile));
         String outputString = CertificateHelper.byteArrayToString(outputData).replaceAll("\r", "").replace("\n", "");
-
         assertEquals(outputExpected, outputString);
     }
 
