From c3ccf22079c232f9ea1e4a3486a185028322f678 Mon Sep 17 00:00:00 2001
From: Dolph Flynn <96876199+DolphFlynn@users.noreply.github.com>
Date: Wed, 14 Feb 2024 18:31:43 +0000
Subject: [PATCH 1/2] Bump version to 2.2.

---
 BappManifest.bmf | 4 ++--
 README.md        | 2 +-
 build.gradle     | 2 +-
 3 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/BappManifest.bmf b/BappManifest.bmf
index 2386ee3..6a25796 100644
--- a/BappManifest.bmf
+++ b/BappManifest.bmf
@@ -2,12 +2,12 @@ Uuid: 26aaa5ded2f74beea19e2ed8345a93dd
 ExtensionType: 1
 Name: JWT Editor
 RepoName: jwt-editor
-ScreenVersion: 2.1.1
+ScreenVersion: 2.2
 SerialVersion: 6
 MinPlatformVersion: 8
 ProOnly: False
 Author: Fraser Winterborn and Dolph Flynn.
 ShortDescription: Edit, sign, verify, encrypt and decrypt JSON Web Tokens (JWTs).
-EntryPoint: build/libs/jwt-editor-2.1.1.jar
+EntryPoint: build/libs/jwt-editor-2.2.jar
 BuildCommand: ./gradlew jar
 SupportedProducts: Pro, Community
diff --git a/README.md b/README.md
index f6e19c7..690212f 100644
--- a/README.md
+++ b/README.md
@@ -152,7 +152,7 @@ This option is automatically enabled if it is detected that the original JWT did
 *JWT Editor* can be built from source.
 * Ensure that Java JDK 17 or newer is installed
 * From root of project, run the command `./gradlew jar`
-* This should place the JAR file `jwt-editor-2.1.1.jar` within the `build/libs` directory
+* This should place the JAR file `jwt-editor-2.2.jar` within the `build/libs` directory
 * This can be loaded into Burp Suite by navigating to the `Extensions` tab, `Installed` sub-tab, clicking `Add` and loading the JAR file
 * This BApp is using the newer Montoya API so it's best to use the latest version of Burp Suite (try the earlier adopter channel if there are issues with the latest stable release)
 
diff --git a/build.gradle b/build.gradle
index 1a27f7a..3304ff2 100644
--- a/build.gradle
+++ b/build.gradle
@@ -3,7 +3,7 @@ plugins {
 }
 
 group = 'com.blackberry'
-version = '2.1.1'
+version = '2.2'
 description = 'jwt-editor'
 
 repositories {

From 7bed75e912c19082b85580b63488304fc219dc03 Mon Sep 17 00:00:00 2001
From: Dolph Flynn <96876199+DolphFlynn@users.noreply.github.com>
Date: Wed, 14 Feb 2024 18:34:43 +0000
Subject: [PATCH 2/2] Add checkbox to control JWS resigning within payload
 processor rule.

---
 .../java/burp/intruder/IntruderConfig.java    |  3 +-
 .../burp/intruder/JWSPayloadProcessor.java    |  5 +-
 .../blackberry/jwteditor/utils/Constants.java |  5 --
 .../jwteditor/view/config/ConfigView.form     | 27 +++++++--
 .../jwteditor/view/config/ConfigView.java     | 60 +++++++++++--------
 5 files changed, 59 insertions(+), 41 deletions(-)
 delete mode 100644 src/main/java/com/blackberry/jwteditor/utils/Constants.java

diff --git a/src/main/java/burp/intruder/IntruderConfig.java b/src/main/java/burp/intruder/IntruderConfig.java
index ad4d222..70cf77a 100644
--- a/src/main/java/burp/intruder/IntruderConfig.java
+++ b/src/main/java/burp/intruder/IntruderConfig.java
@@ -19,7 +19,6 @@
 package burp.intruder;
 
 import static burp.intruder.FuzzLocation.PAYLOAD;
-import static com.blackberry.jwteditor.utils.Constants.INTRUDER_NO_SIGNING_KEY_ID_LABEL;
 import static org.apache.commons.lang3.StringUtils.isNotEmpty;
 
 public class IntruderConfig {
@@ -67,6 +66,6 @@ public void setResign(boolean resign) {
     }
 
     private boolean isSigningKeyIdValid() {
-        return !INTRUDER_NO_SIGNING_KEY_ID_LABEL.equals(signingKeyId) && isNotEmpty(signingKeyId);
+        return isNotEmpty(signingKeyId);
     }
 }
diff --git a/src/main/java/burp/intruder/JWSPayloadProcessor.java b/src/main/java/burp/intruder/JWSPayloadProcessor.java
index 2d46aac..b15b958 100644
--- a/src/main/java/burp/intruder/JWSPayloadProcessor.java
+++ b/src/main/java/burp/intruder/JWSPayloadProcessor.java
@@ -18,7 +18,7 @@
 
 import static burp.intruder.FuzzLocation.PAYLOAD;
 import static com.blackberry.jwteditor.model.jose.JOSEObjectFinder.parseJOSEObject;
-import static com.blackberry.jwteditor.utils.Constants.INTRUDER_NO_SIGNING_KEY_ID_LABEL;
+import static org.apache.commons.lang3.StringUtils.isNotEmpty;
 
 public class JWSPayloadProcessor implements PayloadProcessor {
     private final Logging logging;
@@ -63,8 +63,7 @@ public PayloadProcessingResult processPayload(PayloadData payloadData) {
     private Optional<Key> loadKey() {
         String keyId = intruderConfig.signingKeyId();
 
-        // only try to load key if the input value is non-empty
-        if (keyId == INTRUDER_NO_SIGNING_KEY_ID_LABEL || keyId == null || keyId.trim().isEmpty()) {
+        if (isNotEmpty(keyId)) {
             return Optional.empty();
         }
 
diff --git a/src/main/java/com/blackberry/jwteditor/utils/Constants.java b/src/main/java/com/blackberry/jwteditor/utils/Constants.java
deleted file mode 100644
index 16571a3..0000000
--- a/src/main/java/com/blackberry/jwteditor/utils/Constants.java
+++ /dev/null
@@ -1,5 +0,0 @@
-package com.blackberry.jwteditor.utils;
-
-public class Constants {
-    public static String INTRUDER_NO_SIGNING_KEY_ID_LABEL = "<do not sign (keep original signature)>";
-}
diff --git a/src/main/java/com/blackberry/jwteditor/view/config/ConfigView.form b/src/main/java/com/blackberry/jwteditor/view/config/ConfigView.form
index 6244926..28f720e 100644
--- a/src/main/java/com/blackberry/jwteditor/view/config/ConfigView.form
+++ b/src/main/java/com/blackberry/jwteditor/view/config/ConfigView.form
@@ -3,7 +3,7 @@
   <grid id="cbd77" binding="mainPanel" layout-manager="GridLayoutManager" row-count="7" column-count="1" same-size-horizontally="false" same-size-vertically="false" hgap="-1" vgap="-1">
     <margin top="10" left="10" bottom="10" right="10"/>
     <constraints>
-      <xy x="48" y="54" width="947" height="758"/>
+      <xy x="48" y="54" width="947" height="945"/>
     </constraints>
     <properties/>
     <border type="none"/>
@@ -173,7 +173,7 @@
               <text value="Intruder"/>
             </properties>
           </component>
-          <grid id="23fd" layout-manager="GridLayoutManager" row-count="3" column-count="3" same-size-horizontally="false" same-size-vertically="false" hgap="-1" vgap="-1">
+          <grid id="23fd" layout-manager="GridLayoutManager" row-count="4" column-count="3" same-size-horizontally="false" same-size-vertically="false" hgap="-1" vgap="-1">
             <margin top="0" left="0" bottom="0" right="0"/>
             <constraints>
               <grid row="2" column="0" row-span="3" col-span="2" vsize-policy="3" hsize-policy="3" anchor="9" fill="0" indent="0" use-parent-layout="false"/>
@@ -214,10 +214,9 @@
                 </constraints>
                 <properties/>
               </component>
-
               <component id="f80c6" class="javax.swing.JLabel">
                 <constraints>
-                  <grid row="2" column="1" row-span="1" col-span="1" vsize-policy="0" hsize-policy="0" anchor="8" fill="0" indent="0" use-parent-layout="false"/>
+                  <grid row="3" column="1" row-span="1" col-span="1" vsize-policy="0" hsize-policy="0" anchor="8" fill="0" indent="0" use-parent-layout="false"/>
                 </constraints>
                 <properties>
                   <horizontalTextPosition value="2"/>
@@ -226,11 +225,10 @@
               </component>
               <component id="1892c" class="javax.swing.JComboBox" binding="comboBoxIntruderSigningKeyId">
                 <constraints>
-                  <grid row="2" column="2" row-span="1" col-span="1" vsize-policy="0" hsize-policy="2" anchor="8" fill="1" indent="0" use-parent-layout="false"/>
+                  <grid row="3" column="2" row-span="1" col-span="1" vsize-policy="0" hsize-policy="2" anchor="8" fill="1" indent="0" use-parent-layout="false"/>
                 </constraints>
                 <properties/>
               </component>
-
               <component id="cd314" class="javax.swing.JLabel" binding="spacerLabel">
                 <constraints>
                   <grid row="0" column="0" row-span="1" col-span="1" vsize-policy="0" hsize-policy="0" anchor="8" fill="0" indent="0" use-parent-layout="false"/>
@@ -239,6 +237,23 @@
                   <text value="    "/>
                 </properties>
               </component>
+              <component id="95dba" class="javax.swing.JLabel">
+                <constraints>
+                  <grid row="2" column="1" row-span="1" col-span="1" vsize-policy="0" hsize-policy="0" anchor="8" fill="0" indent="0" use-parent-layout="false"/>
+                </constraints>
+                <properties>
+                  <text value="Resign:"/>
+                </properties>
+              </component>
+              <component id="4c059" class="javax.swing.JCheckBox" binding="resignIntruderJWS">
+                <constraints>
+                  <grid row="2" column="2" row-span="1" col-span="1" vsize-policy="0" hsize-policy="3" anchor="8" fill="0" indent="0" use-parent-layout="false"/>
+                </constraints>
+                <properties>
+                  <enabled value="true"/>
+                  <text value=""/>
+                </properties>
+              </component>
             </children>
           </grid>
           <grid id="5df6b" layout-manager="GridLayoutManager" row-count="1" column-count="1" same-size-horizontally="false" same-size-vertically="false" hgap="-1" vgap="-1">
diff --git a/src/main/java/com/blackberry/jwteditor/view/config/ConfigView.java b/src/main/java/com/blackberry/jwteditor/view/config/ConfigView.java
index 41c05d4..5909acd 100644
--- a/src/main/java/com/blackberry/jwteditor/view/config/ConfigView.java
+++ b/src/main/java/com/blackberry/jwteditor/view/config/ConfigView.java
@@ -18,7 +18,6 @@
 
 package com.blackberry.jwteditor.view.config;
 
-import burp.api.montoya.logging.Logging;
 import burp.api.montoya.ui.UserInterface;
 import burp.config.BurpConfig;
 import burp.intruder.FuzzLocation;
@@ -26,27 +25,22 @@
 import burp.proxy.HighlightColor;
 import burp.proxy.ProxyConfig;
 import burp.scanner.ScannerConfig;
-
 import com.blackberry.jwteditor.model.keys.Key;
 import com.blackberry.jwteditor.model.keys.KeysModel;
 import com.blackberry.jwteditor.model.keys.KeysModelListener;
 import com.blackberry.jwteditor.view.utils.DocumentAdapter;
-import static com.blackberry.jwteditor.utils.Constants.INTRUDER_NO_SIGNING_KEY_ID_LABEL;
 
 import javax.swing.*;
-
-import org.apache.commons.lang3.ArrayUtils;
-
 import java.awt.*;
-import java.util.Arrays;
+import java.util.List;
+import java.util.Optional;
 
 import static java.awt.Font.BOLD;
 
 
-/**
- *  Config panel
- */
 public class ConfigView implements KeysModelListener {
+    private final IntruderConfig intruderConfig;
+
     private JPanel mainPanel;
     private JCheckBox checkBoxHighlightJWT;
     private JLabel labelHighlightColor;
@@ -63,11 +57,14 @@ public class ConfigView implements KeysModelListener {
     private JLabel scannerLabel;
     private JPanel intruderPanel;
     private JLabel spacerLabel;
+    private JCheckBox resignIntruderJWS;
     private KeysModel keysModel;
 
     public ConfigView(BurpConfig burpConfig, UserInterface userInterface, boolean isProVersion, KeysModel keysModel) {
-        ProxyConfig proxyConfig = burpConfig.proxyConfig();
         this.keysModel = keysModel;
+        this.intruderConfig = burpConfig.intruderConfig();
+
+        ProxyConfig proxyConfig = burpConfig.proxyConfig();
         keysModel.addKeyModelListener(this);
 
         checkBoxHighlightJWT.setSelected(proxyConfig.highlightJWT());
@@ -81,8 +78,6 @@ public ConfigView(BurpConfig burpConfig, UserInterface userInterface, boolean is
         comboBoxHighlightColor.setEnabled(proxyConfig.highlightJWT());
         comboBoxHighlightColor.addActionListener(e -> proxyConfig.setHighlightColor((HighlightColor) comboBoxHighlightColor.getSelectedItem()));
 
-        IntruderConfig intruderConfig = burpConfig.intruderConfig();
-
         intruderParameterName.setText(intruderConfig.fuzzParameter());
         intruderParameterName.getDocument().addDocumentListener(
                 new DocumentAdapter(e -> intruderConfig.setFuzzParameter(intruderParameterName.getText()))
@@ -93,8 +88,8 @@ public ConfigView(BurpConfig burpConfig, UserInterface userInterface, boolean is
         comboBoxPayloadPosition.addActionListener(e -> intruderConfig.setFuzzLocation((FuzzLocation) comboBoxPayloadPosition.getSelectedItem()));
 
         this.updateSigningKeyList();
-        comboBoxIntruderSigningKeyId.setSelectedItem(intruderConfig.signingKeyId());
         comboBoxIntruderSigningKeyId.addActionListener(e -> intruderConfig.setSigningKeyId((String) comboBoxIntruderSigningKeyId.getSelectedItem()));
+        resignIntruderJWS.addActionListener(e -> intruderConfig.setResign(resignIntruderJWS.isSelected()));
 
         ScannerConfig scannerConfig = burpConfig.scannerConfig();
 
@@ -120,18 +115,33 @@ public ConfigView(BurpConfig burpConfig, UserInterface userInterface, boolean is
     }
 
     public void updateSigningKeyList() {
-        String[] noSigningKey = {INTRUDER_NO_SIGNING_KEY_ID_LABEL};
-        String[] signingKeyIds = this.keysModel.getSigningKeys().stream().map(key -> key.getID()).toArray(String[]::new);
-        String[] items = ArrayUtils.addAll(noSigningKey, signingKeyIds);
-
-        String currentSelection = (String) comboBoxIntruderSigningKeyId.getSelectedItem();
-        boolean resetSelection = currentSelection != null && !Arrays.stream(items).anyMatch(currentSelection::equals);
-
-        comboBoxIntruderSigningKeyId.setModel(new DefaultComboBoxModel<>(items));
-        if (resetSelection) {
-            comboBoxIntruderSigningKeyId.setSelectedItem(INTRUDER_NO_SIGNING_KEY_ID_LABEL);
+        List<Key> signingKeys = keysModel.getSigningKeys();
+        String[] signingKeyIds = signingKeys.stream().map(Key::getID).toArray(String[]::new);
+        String selectedSigningId = intruderConfig.signingKeyId();
+
+        comboBoxIntruderSigningKeyId.setModel(new DefaultComboBoxModel<>(signingKeyIds));
+
+        if (signingKeys.isEmpty()) {
+            resignIntruderJWS.setSelected(false);
+            resignIntruderJWS.setEnabled(false);
+            comboBoxIntruderSigningKeyId.setEnabled(false);
+            intruderConfig.setResign(false);
+            intruderConfig.setSigningKeyId(null);
         } else {
-            comboBoxIntruderSigningKeyId.setSelectedItem(currentSelection);
+            resignIntruderJWS.setEnabled(true);
+            comboBoxIntruderSigningKeyId.setEnabled(true);
+
+            Optional<Key> selectedKey = signingKeys.stream()
+                    .filter(k -> k.getID().equals(selectedSigningId))
+                    .findFirst();
+
+            if (selectedKey.isPresent()) {
+                resignIntruderJWS.setSelected(intruderConfig.resign());
+                comboBoxIntruderSigningKeyId.setSelectedItem(selectedKey.get());
+            } else {
+                resignIntruderJWS.setSelected(false);
+                comboBoxIntruderSigningKeyId.setSelectedIndex(0);
+            }
         }
     }