Adding Attack vector for finding vulnerabilities related to JWE

[preetkaran20]

Is your feature request related to a problem? Please describe.

We have currently only handing JWS but we have not handled JWE so under this enhancement we are looking to add:

1. Analysing Vulnerabilities related to JWE by going through various blogs, bug bounties, other scanner add-on's
2. Implement the Attack vectors
3. Adding the Vulnerable code in https://github.com/SasanLabs/VulnerableApp/blob/master/src/main/java/org/sasanlabs/service/vulnerability/jwt/JWTVulnerability.java so that we can test the attack vectors.
4. Add a design document regarding the same.

Code References
Attack vectors: https://github.com/SasanLabs/owasp-zap-jwt-addon/tree/master/src/main/java/org/zaproxy/zap/extension/jwt/attacks
Adding Support for parsing JWE:

owasp-zap-jwt-addon/src/main/java/org/zaproxy/zap/extension/jwt/utils/JWTUtils.java

Line 139 in ec58672

public static boolean isTokenValid(String jwtToken) {

Fuzzer code: https://github.com/SasanLabs/owasp-zap-jwt-addon/blob/master/src/main/java/org/zaproxy/zap/extension/jwt/fuzzer/ui/JWTFuzzPanelView.java
Scan Rule code: https://github.com/SasanLabs/owasp-zap-jwt-addon/blob/master/src/main/java/org/zaproxy/zap/extension/jwt/JWTActiveScanRule.java

Testing the changes
build the addon by running

1. ./gradlew spotlessApply
2. ./gradlew build
   Then go to the ZAP -> File -> Local addon file -> Navigate to project -> build -> bin -> jwt*.zap and done.

[kingthorin]

This seems like a good summary:

A signed JWT is known as a JWS (JSON Web Signature). In fact a JWT does not exist itself — either it has to be a JWS or a JWE (JSON Web Encryption). Its like an abstract class — the JWS and JWE are the concrete implementations.

https://medium.facilelogin.com/jwt-jws-and-jwe-for-not-so-dummies-b63310d201a3

[preetkaran20]

https://auth0.com/blog/critical-vulnerability-in-json-web-encryption/ -> Attack against JWE