Adding support for Elliptic Curve based vulnerabilities

[preetkaran20]

Is your feature request related to a problem? Please describe. Currently, we only handle JWT signed using HMAC or RSA but we have not handled the JWT's signed by Elliptic Curve ES384 etc.

Describe the solution you'd like

1. Analyse the Vulnerabilities related to EC
2. Adding attack vectors related to that
3. Adding Custom payload support for EC based keys
4. Adding the Vulnerable code in https://github.com/SasanLabs/VulnerableApp/blob/master/src/main/java/org/sasanlabs/service/vulnerability/jwt/JWTVulnerability.java so that we can test the attack vectors.
5. Add a design document regarding the same.

JWT Configurations

Testing the changes, in case some implementation/poc is required build the addon by running

1. ./gradlew spotlessApply
2. ./gradlew build Then go to the ZAP -> File -> Local addon file -> Navigate to project -> build -> bin -> jwt*.zap and done.