pkcs5: allow empty algId prf parameter for PBES2 params (#1521)

RustCrypto · Sep 17, 2024 · 895dbdf · 895dbdf
1 parent 6bbfc46
commit 895dbdf
Show file tree

Hide file tree

Showing 3 changed files with 35 additions and 3 deletions.
diff --git a/pkcs5/src/pbes2/kdf.rs b/pkcs5/src/pbes2/kdf.rs
@@ -336,9 +336,6 @@ impl TryFrom<AlgorithmIdentifierRef<'_>> for Pbkdf2Prf {
             if !params.is_null() {
                 return Err(params.tag().value_error());
             }
-        } else {
-            // TODO(tarcieri): support OPTIONAL parameters?
-            return Err(Tag::Null.value_error());
         }
 
         match alg.oid {

diff --git a/pkcs5/tests/examples/pbes2_aes-256-cbc_hmacWithSHA256_algid-no-param.der b/pkcs5/tests/examples/pbes2_aes-256-cbc_hmacWithSHA256_algid-no-param.der
diff --git a/pkcs5/tests/pbes2.rs b/pkcs5/tests/pbes2.rs
@@ -24,6 +24,16 @@ const PBES2_PBKDF2_SHA256_AES256CBC_ALG_ID: &[u8] = &hex!(
      4801650304012a0410b2d02d78b2efd9dff694cf8e0af40925"
 );
 
+/// PBES2 + PBKDF2-SHA256 + AES-256-CBC `AlgorithmIdentifier` example without PRF NULL parameter.
+///
+/// Generated by Smallstep CLI: `step certificate p12 out.p12 in.crt in.key`, extracted from PKCS#12.
+/// `tests/examples/pbes2_aes-256-cbc_hmacWithSHA256_algid-no-param.der` test vector.
+const PBES2_PBKDF2_SHA256_AES256CBC_ALG_ID_NO_NULL_PARAM: &[u8] = &hex!(
+    "305d06092a864886f70d01050d3050302f06092a864886f70d01050c30220410
+     0c12aa39d743d1633ddbb615a5ec1b6a02020800300a06082a864886f70d0209
+     301d060960864801650304012a0410baba52272b5a30263d62f81ae27ad768"
+);
+
 /// PBES2 + scrypt + AES-256-CBC `AlgorithmIdentifier` example.
 ///
 /// Generated by OpenSSL and extracted from the `pkcs8` crate's
@@ -96,6 +106,31 @@ fn decode_pbes2_pbkdf2_sha256_aes256cbc() {
     }
 }
 
+/// Decoding test for PBES2 + PBKDF2-SHA256 + AES-256-CBC `AlgorithmIdentifier` without NULL prf parameter
+#[test]
+fn decode_pbes2_pbkdf2_sha256_aes256cbc_without_null_parameter() {
+    let scheme =
+        pkcs5::EncryptionScheme::try_from(PBES2_PBKDF2_SHA256_AES256CBC_ALG_ID_NO_NULL_PARAM)
+            .unwrap();
+    let params = scheme.pbes2().unwrap();
+
+    let pbkdf2_params = params.kdf.pbkdf2().unwrap();
+    assert_eq!(
+        pbkdf2_params.salt.as_bytes(),
+        &hex!("0C12AA39D743D1633DDBB615A5EC1B6A")
+    );
+    assert_eq!(pbkdf2_params.iteration_count, 2048);
+    assert_eq!(pbkdf2_params.key_length, None);
+    assert_eq!(pbkdf2_params.prf, pbes2::Pbkdf2Prf::HmacWithSha256);
+
+    match params.encryption {
+        pbes2::EncryptionScheme::Aes256Cbc { iv } => {
+            assert_eq!(iv, hex!("BABA52272B5A30263D62F81AE27AD768"));
+        }
+        other => panic!("unexpected encryption scheme: {:?}", other),
+    }
+}
+
 /// Decoding test for PBES2 + scrypt + AES-256-CBC `AlgorithmIdentifier`
 #[test]
 fn decode_pbes2_scrypt_aes256cbc() {