From 124bd115a1342d9b4a7536fa62acedee279a12c9 Mon Sep 17 00:00:00 2001
From: Ben Wiederhake <BenWiederhake.GitHub@gmx.de>
Date: Fri, 25 Oct 2024 05:38:46 +0200
Subject: [PATCH] LibWeb: Fix crash when importing malformed RSAOAEP key

This fixes a crash in WPT:
WebCryptoAPI/import_export/rsa_importKey.https.any

This allows us to pass 240 tests!
---
 ...ubtleCrypto-import-rsaoaep-minimal_jwk.txt |  4 ++++
 ...btleCrypto-import-rsaoaep-minimal_jwk.html | 23 +++++++++++++++++++
 .../LibWeb/Crypto/CryptoAlgorithms.cpp        | 10 ++++----
 3 files changed, 33 insertions(+), 4 deletions(-)
 create mode 100644 Tests/LibWeb/Text/expected/Crypto/SubtleCrypto-import-rsaoaep-minimal_jwk.txt
 create mode 100644 Tests/LibWeb/Text/input/Crypto/SubtleCrypto-import-rsaoaep-minimal_jwk.html

diff --git a/Tests/LibWeb/Text/expected/Crypto/SubtleCrypto-import-rsaoaep-minimal_jwk.txt b/Tests/LibWeb/Text/expected/Crypto/SubtleCrypto-import-rsaoaep-minimal_jwk.txt
new file mode 100644
index 00000000000..c45436a2e4c
--- /dev/null
+++ b/Tests/LibWeb/Text/expected/Crypto/SubtleCrypto-import-rsaoaep-minimal_jwk.txt
@@ -0,0 +1,4 @@
+true
+RSA-OAEP
+SHA-1
+1,0,1
diff --git a/Tests/LibWeb/Text/input/Crypto/SubtleCrypto-import-rsaoaep-minimal_jwk.html b/Tests/LibWeb/Text/input/Crypto/SubtleCrypto-import-rsaoaep-minimal_jwk.html
new file mode 100644
index 00000000000..617d75bb0c6
--- /dev/null
+++ b/Tests/LibWeb/Text/input/Crypto/SubtleCrypto-import-rsaoaep-minimal_jwk.html
@@ -0,0 +1,23 @@
+<!DOCTYPE html>
+<script src="../include.js"></script>
+<script>
+    asyncTest(async done => {
+        var subtle = self.crypto.subtle;
+        var key = await subtle.importKey(
+            "jwk",
+            {
+                kty: "RSA",
+                n: "zZn4sRGfjQos56yL_Qy1R9NI-THMnFynn94g5RxA6wGrJh4BJT3x6I9x0IbpS3q-d4ORA6R2vuDMh8dDFRr9RDH6XY-gUScc9U5Jz3UA2KmVfsCbnUPvcAmMV_ENA7_TF0ivVjuIFodyDTx7EKHNVTrHHSlrbt7spbmcivs23Zc",
+                e: "AQAB",
+            },
+            { name: "RSA-OAEP", hash: "SHA-1" },
+            true,
+            ["encrypt", "wrapKey"]
+        );
+        println(key.extractable);
+        println(key.algorithm.name);
+        println(key.algorithm.hash);
+        println(key.algorithm.publicExponent);
+        done();
+    });
+</script>
diff --git a/Userland/Libraries/LibWeb/Crypto/CryptoAlgorithms.cpp b/Userland/Libraries/LibWeb/Crypto/CryptoAlgorithms.cpp
index 7a7aa7f0963..d3197ef9e53 100644
--- a/Userland/Libraries/LibWeb/Crypto/CryptoAlgorithms.cpp
+++ b/Userland/Libraries/LibWeb/Crypto/CryptoAlgorithms.cpp
@@ -660,9 +660,11 @@ WebIDL::ExceptionOr<JS::NonnullGCPtr<CryptoKey>> RSAOAEP::import_key(Web::Crypto
 
         // 6. If the key_ops field of jwk is present, and is invalid according to the requirements of JSON Web Key [JWK]
         //    or does not contain all of the specified usages values, then throw a DataError.
-        for (auto const& usage : usages) {
-            if (!jwk.key_ops->contains_slow(Bindings::idl_enum_to_string(usage)))
-                return WebIDL::DataError::create(m_realm, MUST(String::formatted("Missing key_ops field: {}", Bindings::idl_enum_to_string(usage))));
+        if (jwk.key_ops.has_value()) {
+            for (auto const& usage : usages) {
+                if (!jwk.key_ops->contains_slow(Bindings::idl_enum_to_string(usage)))
+                    return WebIDL::DataError::create(m_realm, MUST(String::formatted("Missing key_ops field: {}", Bindings::idl_enum_to_string(usage))));
+            }
         }
         // FIXME: Validate jwk.key_ops against requirements in https://www.rfc-editor.org/rfc/rfc7517#section-4.3
 
@@ -676,7 +678,7 @@ WebIDL::ExceptionOr<JS::NonnullGCPtr<CryptoKey>> RSAOAEP::import_key(Web::Crypto
             //     Let hash be undefined.
         }
         //    ->  If the alg field of jwk is equal to "RSA-OAEP":
-        if (jwk.alg == "RSA-OAEP"sv) {
+        else if (jwk.alg == "RSA-OAEP"sv) {
             //     Let hash be the string "SHA-1".
             hash = "SHA-1"_string;
         }