Merge pull request #21 from RUB-NDS/bugfix/manual-tab-double-encoding

Fix double base64 encoding bug within manual tab
RUB-NDS · Feb 2, 2019 · b362229 · b362229
2 parents 49aa194 + 9465652
commit b362229
Show file tree

Hide file tree

Showing 7 changed files with 18 additions and 10 deletions.
diff --git a/.travis.yml b/.travis.yml
@@ -2,12 +2,13 @@ language: java
 
 sudo: false
 
-dist: precise
+dist: trusty
 
 jdk:
   - oraclejdk8
-  - oraclejdk7
+  - oraclejdk9
   - openjdk7
+  - openjdk8
 
 branches:
   only:

diff --git a/CHANGELOG b/CHANGELOG
@@ -1,3 +1,12 @@
+============
+2019-01-09
+============
+
+1.0.2
+Fixing double base64 encoding bug for the signature value within the manual tab
+Issue: https://github.com/RUB-NDS/JOSEPH/issues/20
+
+
 ============
 2017-11-14
 ============

diff --git a/README.md b/README.md
@@ -1,6 +1,6 @@
 # JOSEPH
 ![licence](https://img.shields.io/badge/License-GPLv2-brightgreen.svg)
-[![release](https://img.shields.io/badge/Release-v1.0.1-blue.svg)](https://github.com/RUB-NDS/JOSEPH/releases)
+[![release](https://img.shields.io/badge/Release-v1.0.2-blue.svg)](https://github.com/RUB-NDS/JOSEPH/releases)
 ![status](https://img.shields.io/badge/Status-beta-yellow.svg)
 [![travis](https://travis-ci.org/RUB-NDS/JOSEPH.svg?branch=master)](https://travis-ci.org/RUB-NDS/JOSEPH)
 
@@ -32,8 +32,6 @@ To skip the (unit) tests, use the following command:
 $ mvn clean package -DskipTests
 ```
 
-JOSEPH has been tested with Java 1.7 and 1.8.
-
 ### Troubleshooting
 
 If the _Oracle JDK_ is installed, the used Bouncy Castle JCE provider dependency is not allowed to be loaded from within a newly compiled fat-JAR, as it breaks the needed signature integrity check.
@@ -50,4 +48,4 @@ If this issue arises, please perform the following step(s):
 - In some cases, it is necessary to additionally amend the `/[PATH_TO_JVM]/jre/lib/security/java.security` file and add the following line (preferably directly below the other provider definitions): `security.provider.9=org.bouncycastle.jce.provider.BouncyCastleProvider`. The `9` in this case specifies the priority and should be adjusted to fit into existing definitions.
 
 
-Alternatively, use `target/JOSEPH-1.0.1.jar` and load the `target/lib` folder to your Java Environment under `Extender/Options`.
+Alternatively, use `target/JOSEPH-1.0.2.jar` and load the `target/lib` folder to your Java Environment under `Extender/Options`.
diff --git a/pom.xml b/pom.xml
@@ -3,7 +3,7 @@
     <modelVersion>4.0.0</modelVersion>
     <groupId>eu.dety.burp</groupId>
     <artifactId>JOSEPH</artifactId>
-    <version>1.0.1</version>
+    <version>1.0.2</version>
     <packaging>jar</packaging>
     <inceptionYear>2016</inceptionYear>
     <name>JOSEPH</name>

diff --git a/src/main/java/burp/BurpExtender.java b/src/main/java/burp/BurpExtender.java
@@ -62,7 +62,7 @@ public void registerExtenderCallbacks(IBurpExtenderCallbacks callbacks) {
         String time = dateFormat.format(calObj.getTime());
         stdout.println("+---------------------------------------------------------+");
         stdout.println("|                         JOSEPH                          |");
-        stdout.println("|                     Version 1.0.1                       |");
+        stdout.println("|                     Version 1.0.2                       |");
         stdout.println("|                   Started @ " + time + "                    |");
         stdout.println("+---------------------------------------------------------+");
 

diff --git a/src/main/java/eu/dety/burp/joseph/gui/ManualPanel.java b/src/main/java/eu/dety/burp/joseph/gui/ManualPanel.java
@@ -294,7 +294,7 @@ private void updateButtonActionPerformed(java.awt.event.ActionEvent evt) {// GEN
                         + updatedValues.get("signature"), Logger.LogLevel.DEBUG);
 
                 String output = Decoder.concatComponents(new String[] { Decoder.base64UrlEncode(updatedValues.get("header").getBytes()),
-                        Decoder.base64UrlEncode(updatedValues.get("payload").getBytes()), Decoder.base64UrlEncode(updatedValues.get("signature").getBytes()) });
+                        Decoder.base64UrlEncode(updatedValues.get("payload").getBytes()), updatedValues.get("signature") });
 
                 outputValue.setText(output);
                 jScrollPane2.setVisible(true);

diff --git a/src/main/java/eu/dety/burp/joseph/resources/JOSEPH.properties b/src/main/java/eu/dety/burp/joseph/resources/JOSEPH.properties
@@ -1,6 +1,6 @@
 NAME=JOSEPH
 NAME_LONG=JavaScript Object Signing and Encryption Pentesting Helper
-NAME_WITH_VERSION=JOSEPH v1.0.1
+NAME_WITH_VERSION=JOSEPH v1.0.2
 COPYRIGHT=\u00a9 2016 Dennis Detering
 HELP=Help
 INFO=Info