From c1472fda5868fca7f00d0534f4663af22b3d8030 Mon Sep 17 00:00:00 2001
From: whwlsfb <whwlsfb@wanghw.cn>
Date: Fri, 17 Mar 2023 12:34:11 +0800
Subject: [PATCH] enhance rsa exponent logic.

---
 .gitignore                                    |  3 ++-
 pom.xml                                       |  2 +-
 src/main/java/burp/BurpExtender.java          |  5 +++--
 src/main/java/burp/rsa/RsaUIHandler.java      | 10 +++++++--
 src/main/java/burp/rsa/RsaUtil.java           |  5 +----
 .../burp/sm3/SM3IntruderPayloadProcessor.java |  2 +-
 src/main/java/burp/sm4/SM4Util.java           |  1 +
 src/main/java/burp/utils/Utils.java           | 21 +++++++++++++++++++
 8 files changed, 38 insertions(+), 11 deletions(-)

diff --git a/.gitignore b/.gitignore
index 794516f..15aa9b2 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,4 +1,5 @@
 /out/
 /target
 /.idea
-/*.iml
\ No newline at end of file
+/*.iml
+dependency-reduced-pom.xml
\ No newline at end of file
diff --git a/pom.xml b/pom.xml
index 41e8582..777a3ea 100644
--- a/pom.xml
+++ b/pom.xml
@@ -115,7 +115,7 @@
         <dependency>
             <groupId>cn.hutool</groupId>
             <artifactId>hutool-crypto</artifactId>
-            <version>5.7.16</version>
+            <version>5.8.8</version>
         </dependency>
         <!-- https://mvnrepository.com/artifact/com.squareup.okhttp3/okhttp -->
         <dependency>
diff --git a/src/main/java/burp/BurpExtender.java b/src/main/java/burp/BurpExtender.java
index 5408ad7..83283ed 100644
--- a/src/main/java/burp/BurpExtender.java
+++ b/src/main/java/burp/BurpExtender.java
@@ -10,6 +10,7 @@
 import burp.utils.BurpCryptoMenuFactory;
 import burp.utils.BurpStateListener;
 import burp.utils.DictLogManager;
+import burp.utils.Utils;
 import burp.zuc.ZUCUIHandler;
 import cn.hutool.crypto.SecureUtil;
 import org.iq80.leveldb.DB;
@@ -85,8 +86,8 @@ public void registerExtenderCallbacks(IBurpExtenderCallbacks callbacks) {
         SecureUtil.disableBouncyCastle();
         this.callbacks = callbacks;
         this.helpers = callbacks.getHelpers();
-        this.stdout = new PrintWriter(callbacks.getStdout(), true);
-        this.stderr = new PrintWriter(callbacks.getStderr(), true);
+        Utils.stdout = this.stdout = new PrintWriter(callbacks.getStdout(), true);
+        Utils.stderr = this.stderr = new PrintWriter(callbacks.getStderr(), true);
         callbacks.setExtensionName("BurpCrypto v" + version);
         callbacks.registerExtensionStateListener(new BurpStateListener(this));
         callbacks.registerContextMenuFactory(new BurpCryptoMenuFactory(this));
diff --git a/src/main/java/burp/rsa/RsaUIHandler.java b/src/main/java/burp/rsa/RsaUIHandler.java
index 66f1b82..9d1bbab 100644
--- a/src/main/java/burp/rsa/RsaUIHandler.java
+++ b/src/main/java/burp/rsa/RsaUIHandler.java
@@ -71,9 +71,10 @@ public JPanel getPanel() {
         modulusText = new JTextField(200);
         modulusText.setMaximumSize(modulusText.getPreferredSize());
 
-        final JLabel label4 = new JLabel("Exponent(HEX): ");
+        final JLabel label4 = new JLabel("Exponent: ");
         exponentText = new JTextField(200);
         exponentText.setMaximumSize(exponentText.getPreferredSize());
+        exponentText.setText("010001");
 
         final JLabel label5 = new JLabel("X509 Key(Base64): ");
         x509Text = new JTextField(200);
@@ -100,7 +101,12 @@ public JPanel getPanel() {
                         return;
                     }
                     try {
-                        config.Exponent = new BigInteger(exponentText.getText(), 16);
+                        String exponentStr = exponentText.getText();
+                        if (Utils.isNumeric(exponentStr) && Utils.isPrime(Integer.parseInt(exponentStr))) {
+                            config.Exponent = new BigInteger(exponentStr, 10);
+                        } else {
+                            config.Exponent = new BigInteger(exponentStr, 16);
+                        }
                     } catch (Exception ex) {
                         JOptionPane.showMessageDialog(mainPanel, "Exponent error!");
                         return;
diff --git a/src/main/java/burp/rsa/RsaUtil.java b/src/main/java/burp/rsa/RsaUtil.java
index b8c2478..c854b71 100644
--- a/src/main/java/burp/rsa/RsaUtil.java
+++ b/src/main/java/burp/rsa/RsaUtil.java
@@ -1,6 +1,5 @@
 package burp.rsa;
 
-import burp.utils.OutFormat;
 import burp.utils.Utils;
 import cn.hutool.crypto.asymmetric.AsymmetricCrypto;
 import cn.hutool.crypto.asymmetric.KeyType;
@@ -9,9 +8,6 @@
 import java.security.KeyFactory;
 import java.security.spec.RSAPublicKeySpec;
 
-import static burp.utils.Utils.base64;
-import static burp.utils.Utils.hex;
-
 public class RsaUtil {
     private RsaConfig config;
     private AsymmetricCrypto crypto;
@@ -33,6 +29,7 @@ public String encrypt(byte[] inputArray) throws Exception {
     }
 
     private IllegalStateException fail(Exception e) {
+        e.printStackTrace(Utils.stderr);
         return new IllegalStateException(e);
     }
 }
diff --git a/src/main/java/burp/sm3/SM3IntruderPayloadProcessor.java b/src/main/java/burp/sm3/SM3IntruderPayloadProcessor.java
index 27c2692..837a9f6 100644
--- a/src/main/java/burp/sm3/SM3IntruderPayloadProcessor.java
+++ b/src/main/java/burp/sm3/SM3IntruderPayloadProcessor.java
@@ -42,7 +42,7 @@ public byte[] processPayload(final byte[] currentPayload, final byte[] originalP
         } catch (Exception e) {
             this.parent.callbacks.issueAlert(e.toString());
             this.parent.stderr.println();
-            e.printStackTrace(this.parent.stderr);
+            e.printStackTrace(Utils.stderr);
             return null;
         }
     }
diff --git a/src/main/java/burp/sm4/SM4Util.java b/src/main/java/burp/sm4/SM4Util.java
index 6d016ad..75d2751 100644
--- a/src/main/java/burp/sm4/SM4Util.java
+++ b/src/main/java/burp/sm4/SM4Util.java
@@ -40,6 +40,7 @@ public String decrypt(String cipherText) {
     }
 
     private IllegalStateException fail(Exception e) {
+        e.printStackTrace(Utils.stderr);
         return new IllegalStateException(e);
     }
 }
diff --git a/src/main/java/burp/utils/Utils.java b/src/main/java/burp/utils/Utils.java
index b4d1cad..c163777 100644
--- a/src/main/java/burp/utils/Utils.java
+++ b/src/main/java/burp/utils/Utils.java
@@ -8,6 +8,7 @@
 import org.apache.commons.httpclient.methods.GetMethod;
 import org.apache.http.client.methods.HttpGet;
 
+import java.io.PrintWriter;
 import java.io.UnsupportedEncodingException;
 import java.math.BigInteger;
 import java.security.KeyFactory;
@@ -21,11 +22,31 @@
 public class Utils {
     private static MessageDigest md;
     private static Random rand = new Random();
+    public static PrintWriter stdout = null;
+    public static PrintWriter stderr = null;
 
     public static int GetRandomNumber(int min, int max) {
         return rand.nextInt(max - min + 1) + min;
     }
+    public static boolean isPrime(int n) {
+        if (n <= 1) {
+            return false;
+        }
+
+        for (int i = 2; i <= Math.sqrt(n); i++) {
+            if (n % i == 0) {
+                return false;
+            }
+        }
 
+        return true;
+    }
+    public static boolean isNumeric(String str) {
+        if (str == null || str.length() == 0) {
+            return false;
+        }
+        return str.matches("^[0-9]+$");
+    }
     public static byte[] HTTPGet(String uri) {
         HttpClient client = new HttpClient();
         byte[] resp = null;