From 895dbdfe4a42437ca95d36e8476acd9792d3b26a Mon Sep 17 00:00:00 2001
From: Dmitry Pankratov <dmitry@pankratov.net>
Date: Wed, 18 Sep 2024 01:30:58 +0200
Subject: [PATCH] pkcs5: allow empty algId prf parameter for PBES2 params
 (#1521)

---
 pkcs5/src/pbes2/kdf.rs                        |   3 --
 ...-256-cbc_hmacWithSHA256_algid-no-param.der | Bin 0 -> 95 bytes
 pkcs5/tests/pbes2.rs                          |  35 ++++++++++++++++++
 3 files changed, 35 insertions(+), 3 deletions(-)
 create mode 100644 pkcs5/tests/examples/pbes2_aes-256-cbc_hmacWithSHA256_algid-no-param.der

diff --git a/pkcs5/src/pbes2/kdf.rs b/pkcs5/src/pbes2/kdf.rs
index 98fe0ecc1..af39d7580 100644
--- a/pkcs5/src/pbes2/kdf.rs
+++ b/pkcs5/src/pbes2/kdf.rs
@@ -336,9 +336,6 @@ impl TryFrom<AlgorithmIdentifierRef<'_>> for Pbkdf2Prf {
             if !params.is_null() {
                 return Err(params.tag().value_error());
             }
-        } else {
-            // TODO(tarcieri): support OPTIONAL parameters?
-            return Err(Tag::Null.value_error());
         }
 
         match alg.oid {
diff --git a/pkcs5/tests/examples/pbes2_aes-256-cbc_hmacWithSHA256_algid-no-param.der b/pkcs5/tests/examples/pbes2_aes-256-cbc_hmacWithSHA256_algid-no-param.der
new file mode 100644
index 0000000000000000000000000000000000000000..d14bf88a313f591f8229745fb97c29d0a138b3bc
GIT binary patch
literal 95
zcmXqrW#iOp^Jx3d%gD-W5MZE>;PMzKu?X-8t+KrCd@<Sf_BPR_Z=|!Bm^c^=xY#%#
ndYCv3WZ5_q+B_IjnOPXMSOj+M3R2gOGElQk`XTkG>UstMsTvxM

literal 0
HcmV?d00001

diff --git a/pkcs5/tests/pbes2.rs b/pkcs5/tests/pbes2.rs
index 53a463881..cf6dbb85a 100644
--- a/pkcs5/tests/pbes2.rs
+++ b/pkcs5/tests/pbes2.rs
@@ -24,6 +24,16 @@ const PBES2_PBKDF2_SHA256_AES256CBC_ALG_ID: &[u8] = &hex!(
      4801650304012a0410b2d02d78b2efd9dff694cf8e0af40925"
 );
 
+/// PBES2 + PBKDF2-SHA256 + AES-256-CBC `AlgorithmIdentifier` example without PRF NULL parameter.
+///
+/// Generated by Smallstep CLI: `step certificate p12 out.p12 in.crt in.key`, extracted from PKCS#12.
+/// `tests/examples/pbes2_aes-256-cbc_hmacWithSHA256_algid-no-param.der` test vector.
+const PBES2_PBKDF2_SHA256_AES256CBC_ALG_ID_NO_NULL_PARAM: &[u8] = &hex!(
+    "305d06092a864886f70d01050d3050302f06092a864886f70d01050c30220410
+     0c12aa39d743d1633ddbb615a5ec1b6a02020800300a06082a864886f70d0209
+     301d060960864801650304012a0410baba52272b5a30263d62f81ae27ad768"
+);
+
 /// PBES2 + scrypt + AES-256-CBC `AlgorithmIdentifier` example.
 ///
 /// Generated by OpenSSL and extracted from the `pkcs8` crate's
@@ -96,6 +106,31 @@ fn decode_pbes2_pbkdf2_sha256_aes256cbc() {
     }
 }
 
+/// Decoding test for PBES2 + PBKDF2-SHA256 + AES-256-CBC `AlgorithmIdentifier` without NULL prf parameter
+#[test]
+fn decode_pbes2_pbkdf2_sha256_aes256cbc_without_null_parameter() {
+    let scheme =
+        pkcs5::EncryptionScheme::try_from(PBES2_PBKDF2_SHA256_AES256CBC_ALG_ID_NO_NULL_PARAM)
+            .unwrap();
+    let params = scheme.pbes2().unwrap();
+
+    let pbkdf2_params = params.kdf.pbkdf2().unwrap();
+    assert_eq!(
+        pbkdf2_params.salt.as_bytes(),
+        &hex!("0C12AA39D743D1633DDBB615A5EC1B6A")
+    );
+    assert_eq!(pbkdf2_params.iteration_count, 2048);
+    assert_eq!(pbkdf2_params.key_length, None);
+    assert_eq!(pbkdf2_params.prf, pbes2::Pbkdf2Prf::HmacWithSha256);
+
+    match params.encryption {
+        pbes2::EncryptionScheme::Aes256Cbc { iv } => {
+            assert_eq!(iv, hex!("BABA52272B5A30263D62F81AE27AD768"));
+        }
+        other => panic!("unexpected encryption scheme: {:?}", other),
+    }
+}
+
 /// Decoding test for PBES2 + scrypt + AES-256-CBC `AlgorithmIdentifier`
 #[test]
 fn decode_pbes2_scrypt_aes256cbc() {