LibWeb: Fix X448 JWK key export format

The presence of padding in the base64 fields made plenty of WPT tests fail. Additionally, export was performed with the wrong public key. The issue was discovered while implementing `wrapKey` and `unwrapKey` in the next commits.
Author: https://github.com/devgianlu Commit: https://github.com/LadybirdBrowser/ladybird/commit/880401030d0 Pull-request: https://github.com/LadybirdBrowser/ladybird/pull/2915
2024-12-14 11:12:14 +01:00 · 2024-12-14 11:12:14 +01:00 · 880401030d · 2024-12-16 10:36:22 +00:00
commit 880401030d
parent ac99e2791f
2 changed files with 30 additions and 24 deletions
--- a/Libraries/LibWeb/Crypto/CryptoAlgorithms.cpp
+++ b/Libraries/LibWeb/Crypto/CryptoAlgorithms.cpp
@ -5463,12 +5463,18 @@ WebIDL::ExceptionOr<GC::Ref<JS::Object>> X448::export_key(Bindings::KeyFormat fo
        jwk.crv = "X448"_string;

        // 4. Set the x attribute of jwk according to the definition in Section 2 of [RFC8037].
-        jwk.x = TRY_OR_THROW_OOM(m_realm->vm(), encode_base64url(key_data));
+        if (key->type() == Bindings::KeyType::Public) {
+            jwk.x = TRY_OR_THROW_OOM(m_realm->vm(), encode_base64url(key_data, AK::OmitPadding::Yes));
+        } else {
+            ::Crypto::Curves::X448 curve;
+            auto public_key = TRY_OR_THROW_OOM(m_realm->vm(), curve.generate_public_key(key_data));
+            jwk.x = TRY_OR_THROW_OOM(m_realm->vm(), encode_base64url(public_key, AK::OmitPadding::Yes));
+        }

        // 5. If the [[type]] internal slot of key is "private"
        if (key->type() == Bindings::KeyType::Private) {
            // 1. Set the d attribute of jwk according to the definition in Section 2 of [RFC8037].
-            jwk.d = TRY_OR_THROW_OOM(m_realm->vm(), encode_base64url(key_data));
+            jwk.d = TRY_OR_THROW_OOM(m_realm->vm(), encode_base64url(key_data, AK::OmitPadding::Yes));
        }

        // 6. Set the key_ops attribute of jwk to the usages attribute of key.
--- a/Tests/LibWeb/Text/expected/wpt-import/WebCryptoAPI/import_export/okp_importKey_X448.https.any.txt
+++ b/Tests/LibWeb/Text/expected/wpt-import/WebCryptoAPI/import_export/okp_importKey_X448.https.any.txt
@ -2,40 +2,40 @@ Harness status: OK

 Found 54 tests

-26 Pass
-28 Fail
+46 Pass
+8 Fail
 Pass	Good parameters: X448 bits (spki, buffer(68), {name: X448}, true, [])
 Pass	Good parameters: X448 bits (spki, buffer(68), X448, true, [])
-Fail	Good parameters: X448 bits (jwk, object(kty, crv, x), {name: X448}, true, [])
-Fail	Good parameters: X448 bits (jwk, object(kty, crv, x), X448, true, [])
-Fail	Good parameters with ignored JWK alg: X448 (jwk, object(kty, crv, x), {name: X448}, true, [])
-Fail	Good parameters with ignored JWK alg: X448 (jwk, object(kty, crv, x), X448, true, [])
+Pass	Good parameters: X448 bits (jwk, object(kty, crv, x), {name: X448}, true, [])
+Pass	Good parameters: X448 bits (jwk, object(kty, crv, x), X448, true, [])
+Pass	Good parameters with ignored JWK alg: X448 (jwk, object(kty, crv, x), {name: X448}, true, [])
+Pass	Good parameters with ignored JWK alg: X448 (jwk, object(kty, crv, x), X448, true, [])
 Pass	Good parameters: X448 bits (raw, buffer(56), {name: X448}, true, [])
 Pass	Good parameters: X448 bits (raw, buffer(56), X448, true, [])
 Fail	Good parameters: X448 bits (pkcs8, buffer(72), {name: X448}, true, [deriveKey])
 Fail	Good parameters: X448 bits (pkcs8, buffer(72), X448, true, [deriveKey])
-Fail	Good parameters: X448 bits (jwk, object(crv, d, x, kty), {name: X448}, true, [deriveKey])
-Fail	Good parameters: X448 bits (jwk, object(crv, d, x, kty), X448, true, [deriveKey])
-Fail	Good parameters with ignored JWK alg: X448 (jwk, object(crv, d, x, kty), {name: X448}, true, [deriveKey])
-Fail	Good parameters with ignored JWK alg: X448 (jwk, object(crv, d, x, kty), X448, true, [deriveKey])
+Pass	Good parameters: X448 bits (jwk, object(crv, d, x, kty), {name: X448}, true, [deriveKey])
+Pass	Good parameters: X448 bits (jwk, object(crv, d, x, kty), X448, true, [deriveKey])
+Pass	Good parameters with ignored JWK alg: X448 (jwk, object(crv, d, x, kty), {name: X448}, true, [deriveKey])
+Pass	Good parameters with ignored JWK alg: X448 (jwk, object(crv, d, x, kty), X448, true, [deriveKey])
 Fail	Good parameters: X448 bits (pkcs8, buffer(72), {name: X448}, true, [deriveBits, deriveKey])
 Fail	Good parameters: X448 bits (pkcs8, buffer(72), X448, true, [deriveBits, deriveKey])
-Fail	Good parameters: X448 bits (jwk, object(crv, d, x, kty), {name: X448}, true, [deriveBits, deriveKey])
-Fail	Good parameters: X448 bits (jwk, object(crv, d, x, kty), X448, true, [deriveBits, deriveKey])
-Fail	Good parameters with ignored JWK alg: X448 (jwk, object(crv, d, x, kty), {name: X448}, true, [deriveBits, deriveKey])
-Fail	Good parameters with ignored JWK alg: X448 (jwk, object(crv, d, x, kty), X448, true, [deriveBits, deriveKey])
+Pass	Good parameters: X448 bits (jwk, object(crv, d, x, kty), {name: X448}, true, [deriveBits, deriveKey])
+Pass	Good parameters: X448 bits (jwk, object(crv, d, x, kty), X448, true, [deriveBits, deriveKey])
+Pass	Good parameters with ignored JWK alg: X448 (jwk, object(crv, d, x, kty), {name: X448}, true, [deriveBits, deriveKey])
+Pass	Good parameters with ignored JWK alg: X448 (jwk, object(crv, d, x, kty), X448, true, [deriveBits, deriveKey])
 Fail	Good parameters: X448 bits (pkcs8, buffer(72), {name: X448}, true, [deriveBits])
 Fail	Good parameters: X448 bits (pkcs8, buffer(72), X448, true, [deriveBits])
-Fail	Good parameters: X448 bits (jwk, object(crv, d, x, kty), {name: X448}, true, [deriveBits])
-Fail	Good parameters: X448 bits (jwk, object(crv, d, x, kty), X448, true, [deriveBits])
-Fail	Good parameters with ignored JWK alg: X448 (jwk, object(crv, d, x, kty), {name: X448}, true, [deriveBits])
-Fail	Good parameters with ignored JWK alg: X448 (jwk, object(crv, d, x, kty), X448, true, [deriveBits])
+Pass	Good parameters: X448 bits (jwk, object(crv, d, x, kty), {name: X448}, true, [deriveBits])
+Pass	Good parameters: X448 bits (jwk, object(crv, d, x, kty), X448, true, [deriveBits])
+Pass	Good parameters with ignored JWK alg: X448 (jwk, object(crv, d, x, kty), {name: X448}, true, [deriveBits])
+Pass	Good parameters with ignored JWK alg: X448 (jwk, object(crv, d, x, kty), X448, true, [deriveBits])
 Fail	Good parameters: X448 bits (pkcs8, buffer(72), {name: X448}, true, [deriveKey, deriveBits, deriveKey, deriveBits])
 Fail	Good parameters: X448 bits (pkcs8, buffer(72), X448, true, [deriveKey, deriveBits, deriveKey, deriveBits])
-Fail	Good parameters: X448 bits (jwk, object(crv, d, x, kty), {name: X448}, true, [deriveKey, deriveBits, deriveKey, deriveBits])
-Fail	Good parameters: X448 bits (jwk, object(crv, d, x, kty), X448, true, [deriveKey, deriveBits, deriveKey, deriveBits])
-Fail	Good parameters with ignored JWK alg: X448 (jwk, object(crv, d, x, kty), {name: X448}, true, [deriveKey, deriveBits, deriveKey, deriveBits])
-Fail	Good parameters with ignored JWK alg: X448 (jwk, object(crv, d, x, kty), X448, true, [deriveKey, deriveBits, deriveKey, deriveBits])
+Pass	Good parameters: X448 bits (jwk, object(crv, d, x, kty), {name: X448}, true, [deriveKey, deriveBits, deriveKey, deriveBits])
+Pass	Good parameters: X448 bits (jwk, object(crv, d, x, kty), X448, true, [deriveKey, deriveBits, deriveKey, deriveBits])
+Pass	Good parameters with ignored JWK alg: X448 (jwk, object(crv, d, x, kty), {name: X448}, true, [deriveKey, deriveBits, deriveKey, deriveBits])
+Pass	Good parameters with ignored JWK alg: X448 (jwk, object(crv, d, x, kty), X448, true, [deriveKey, deriveBits, deriveKey, deriveBits])
 Pass	Good parameters: X448 bits (spki, buffer(68), {name: X448}, false, [])
 Pass	Good parameters: X448 bits (spki, buffer(68), X448, false, [])
 Pass	Good parameters: X448 bits (jwk, object(kty, crv, x), {name: X448}, false, [])