From 7ebf05aa38cef008afd46d8b5618938a442b6488 Mon Sep 17 00:00:00 2001
From: Dolph Flynn <96876199+DolphFlynn@users.noreply.github.com>
Date: Thu, 15 Feb 2024 16:29:10 +0000
Subject: [PATCH] Make Intruder payload processor signing algorithm
 configurable.

---
 .../burp/intruder/JWSPayloadProcessor.java    |  8 ++-
 .../jwteditor/view/config/ConfigView.form     | 16 +++++-
 .../jwteditor/view/config/ConfigView.java     | 50 +++++++++++++++++--
 3 files changed, 63 insertions(+), 11 deletions(-)

diff --git a/src/main/java/burp/intruder/JWSPayloadProcessor.java b/src/main/java/burp/intruder/JWSPayloadProcessor.java
index b15b958..11cda73 100644
--- a/src/main/java/burp/intruder/JWSPayloadProcessor.java
+++ b/src/main/java/burp/intruder/JWSPayloadProcessor.java
@@ -18,7 +18,6 @@
 
 import static burp.intruder.FuzzLocation.PAYLOAD;
 import static com.blackberry.jwteditor.model.jose.JOSEObjectFinder.parseJOSEObject;
-import static org.apache.commons.lang3.StringUtils.isNotEmpty;
 
 public class JWSPayloadProcessor implements PayloadProcessor {
     private final Logging logging;
@@ -61,9 +60,7 @@ public PayloadProcessingResult processPayload(PayloadData payloadData) {
     }
 
     private Optional<Key> loadKey() {
-        String keyId = intruderConfig.signingKeyId();
-
-        if (isNotEmpty(keyId)) {
+        if (!intruderConfig.resign()) {
             return Optional.empty();
         }
 
@@ -87,7 +84,8 @@ private JWS createJWS(Base64URL header, Base64URL payload, Base64URL originalSig
             Optional<JWS> result = Optional.empty();
 
             try {
-                result = Optional.of(JWSFactory.sign(key, key.getSigningAlgorithms()[0], header, payload));
+                // TODO - update alg within header
+                result = Optional.of(JWSFactory.sign(key, intruderConfig.signingAlgorithm(), header, payload));
             } catch (SigningException ex) {
                 logging.logToError("Failed to sign JWS: " + ex);
             }
diff --git a/src/main/java/com/blackberry/jwteditor/view/config/ConfigView.form b/src/main/java/com/blackberry/jwteditor/view/config/ConfigView.form
index 28f720e..13c70cc 100644
--- a/src/main/java/com/blackberry/jwteditor/view/config/ConfigView.form
+++ b/src/main/java/com/blackberry/jwteditor/view/config/ConfigView.form
@@ -173,7 +173,7 @@
               <text value="Intruder"/>
             </properties>
           </component>
-          <grid id="23fd" layout-manager="GridLayoutManager" row-count="4" column-count="3" same-size-horizontally="false" same-size-vertically="false" hgap="-1" vgap="-1">
+          <grid id="23fd" layout-manager="GridLayoutManager" row-count="5" column-count="3" same-size-horizontally="false" same-size-vertically="false" hgap="-1" vgap="-1">
             <margin top="0" left="0" bottom="0" right="0"/>
             <constraints>
               <grid row="2" column="0" row-span="3" col-span="2" vsize-policy="3" hsize-policy="3" anchor="9" fill="0" indent="0" use-parent-layout="false"/>
@@ -254,6 +254,20 @@
                   <text value=""/>
                 </properties>
               </component>
+              <component id="2c6" class="javax.swing.JLabel">
+                <constraints>
+                  <grid row="4" column="1" row-span="1" col-span="1" vsize-policy="0" hsize-policy="0" anchor="8" fill="0" indent="0" use-parent-layout="false"/>
+                </constraints>
+                <properties>
+                  <text value="Signing Algorithm:"/>
+                </properties>
+              </component>
+              <component id="734f8" class="javax.swing.JComboBox" binding="comboBoxIntruderSigningAlg">
+                <constraints>
+                  <grid row="4" column="2" row-span="1" col-span="1" vsize-policy="0" hsize-policy="2" anchor="8" fill="1" indent="0" use-parent-layout="false"/>
+                </constraints>
+                <properties/>
+              </component>
             </children>
           </grid>
           <grid id="5df6b" layout-manager="GridLayoutManager" row-count="1" column-count="1" same-size-horizontally="false" same-size-vertically="false" hgap="-1" vgap="-1">
diff --git a/src/main/java/com/blackberry/jwteditor/view/config/ConfigView.java b/src/main/java/com/blackberry/jwteditor/view/config/ConfigView.java
index fa116e4..fc01d61 100644
--- a/src/main/java/com/blackberry/jwteditor/view/config/ConfigView.java
+++ b/src/main/java/com/blackberry/jwteditor/view/config/ConfigView.java
@@ -29,6 +29,7 @@
 import com.blackberry.jwteditor.model.keys.KeysModel;
 import com.blackberry.jwteditor.model.keys.KeysModelListener.SimpleKeysModelListener;
 import com.blackberry.jwteditor.view.utils.DocumentAdapter;
+import com.nimbusds.jose.JWSAlgorithm;
 
 import javax.swing.*;
 import java.awt.*;
@@ -40,6 +41,7 @@
 
 public class ConfigView {
     private final IntruderConfig intruderConfig;
+    private final KeysModel keysModel;
 
     private JPanel mainPanel;
     private JCheckBox checkBoxHighlightJWT;
@@ -58,7 +60,7 @@ public class ConfigView {
     private JPanel intruderPanel;
     private JLabel spacerLabel;
     private JCheckBox resignIntruderJWS;
-    private KeysModel keysModel;
+    private JComboBox comboBoxIntruderSigningAlg;
 
     public ConfigView(BurpConfig burpConfig, UserInterface userInterface, boolean isProVersion, KeysModel keysModel) {
         this.keysModel = keysModel;
@@ -87,7 +89,15 @@ public ConfigView(BurpConfig burpConfig, UserInterface userInterface, boolean is
         comboBoxPayloadPosition.addActionListener(e -> intruderConfig.setFuzzLocation((FuzzLocation) comboBoxPayloadPosition.getSelectedItem()));
 
         updateSigningKeyList();
-        comboBoxIntruderSigningKeyId.addActionListener(e -> intruderConfig.setSigningKeyId((String) comboBoxIntruderSigningKeyId.getSelectedItem()));
+        comboBoxIntruderSigningKeyId.addActionListener(e -> {
+            String newSigningKeyId = (String) comboBoxIntruderSigningKeyId.getSelectedItem();
+
+            if (!intruderConfig.signingKeyId().equals(newSigningKeyId)) {
+                intruderConfig.setSigningKeyId(newSigningKeyId);
+                updateSigningAlgorithmList();
+            }
+        });
+        comboBoxIntruderSigningAlg.addActionListener(e -> intruderConfig.setSigningAlgorithm((JWSAlgorithm) comboBoxIntruderSigningAlg.getSelectedItem()));
         resignIntruderJWS.addActionListener(e -> intruderConfig.setResign(resignIntruderJWS.isSelected()));
         keysModel.addKeyModelListener(new SimpleKeysModelListener(this::updateSigningKeyList));
 
@@ -117,34 +127,64 @@ public ConfigView(BurpConfig burpConfig, UserInterface userInterface, boolean is
     private void updateSigningKeyList() {
         List<Key> signingKeys = keysModel.getSigningKeys();
         String[] signingKeyIds = signingKeys.stream().map(Key::getID).toArray(String[]::new);
-        String selectedSigningId = intruderConfig.signingKeyId();
+        String modelSelectedSigningId = intruderConfig.signingKeyId();
 
+        String viewSelectedKeyId = (String) comboBoxIntruderSigningKeyId.getSelectedItem();
         comboBoxIntruderSigningKeyId.setModel(new DefaultComboBoxModel<>(signingKeyIds));
 
         if (signingKeys.isEmpty()) {
             resignIntruderJWS.setSelected(false);
             resignIntruderJWS.setEnabled(false);
             comboBoxIntruderSigningKeyId.setEnabled(false);
+            comboBoxIntruderSigningAlg.setEnabled(false);
             intruderConfig.setResign(false);
             intruderConfig.setSigningKeyId(null);
         } else {
             resignIntruderJWS.setEnabled(true);
             comboBoxIntruderSigningKeyId.setEnabled(true);
+            comboBoxIntruderSigningAlg.setEnabled(true);
 
             Optional<Key> selectedKey = signingKeys.stream()
-                    .filter(k -> k.getID().equals(selectedSigningId))
+                    .filter(k -> k.getID().equals(modelSelectedSigningId))
                     .findFirst();
 
+
             if (selectedKey.isPresent()) {
+                Key key = selectedKey.get();
+
                 resignIntruderJWS.setSelected(intruderConfig.resign());
-                comboBoxIntruderSigningKeyId.setSelectedItem(selectedKey.get());
+                comboBoxIntruderSigningKeyId.setSelectedItem(key.getID());
+
+                if (!modelSelectedSigningId.equals(viewSelectedKeyId)) {
+                    comboBoxIntruderSigningAlg.setModel(new DefaultComboBoxModel(key.getSigningAlgorithms()));
+                    comboBoxIntruderSigningAlg.setSelectedIndex(0);
+                }
             } else {
                 resignIntruderJWS.setSelected(false);
                 comboBoxIntruderSigningKeyId.setSelectedIndex(0);
+
+                Key key = signingKeys.get(0);
+                comboBoxIntruderSigningAlg.setModel(new DefaultComboBoxModel(key.getSigningAlgorithms()));
             }
         }
     }
 
+    private void updateSigningAlgorithmList() {
+        Key key = keysModel.getSigningKeys().stream()
+                .filter(k -> k.getID().equals(intruderConfig.signingKeyId()))
+                .findFirst()
+                .orElseThrow();
+
+        JWSAlgorithm[] signingAlgorithms = key.getSigningAlgorithms();
+        comboBoxIntruderSigningAlg.setModel(new DefaultComboBoxModel(signingAlgorithms));
+
+        if (signingAlgorithms.length > 0) {
+            JWSAlgorithm algorithm = signingAlgorithms[0];
+            comboBoxIntruderSigningAlg.setSelectedItem(algorithm);
+            intruderConfig.setSigningAlgorithm(algorithm);
+        }
+    }
+
     /**
      * Custom list cell renderer to color rows of combo box drop down list.
      */