From 8f18cda28f8d4d7046150ed4888c18ccb2b664fe Mon Sep 17 00:00:00 2001
From: Dmitry Pankratov <dmitry@pankratov.net>
Date: Tue, 17 Sep 2024 00:19:23 +0200
Subject: [PATCH 1/5] Allow PBES2 encoding without NULL value for the algId prf
 parameter

---
 pkcs5/src/pbes2/kdf.rs |  3 ---
 pkcs5/tests/pbes2.rs   | 28 ++++++++++++++++++++++++++++
 2 files changed, 28 insertions(+), 3 deletions(-)

diff --git a/pkcs5/src/pbes2/kdf.rs b/pkcs5/src/pbes2/kdf.rs
index 98fe0ecc1..af39d7580 100644
--- a/pkcs5/src/pbes2/kdf.rs
+++ b/pkcs5/src/pbes2/kdf.rs
@@ -336,9 +336,6 @@ impl TryFrom<AlgorithmIdentifierRef<'_>> for Pbkdf2Prf {
             if !params.is_null() {
                 return Err(params.tag().value_error());
             }
-        } else {
-            // TODO(tarcieri): support OPTIONAL parameters?
-            return Err(Tag::Null.value_error());
         }
 
         match alg.oid {
diff --git a/pkcs5/tests/pbes2.rs b/pkcs5/tests/pbes2.rs
index 53a463881..7da810b21 100644
--- a/pkcs5/tests/pbes2.rs
+++ b/pkcs5/tests/pbes2.rs
@@ -24,6 +24,14 @@ const PBES2_PBKDF2_SHA256_AES256CBC_ALG_ID: &[u8] = &hex!(
      4801650304012a0410b2d02d78b2efd9dff694cf8e0af40925"
 );
 
+/// PBES2 + PBKDF2-SHA256 + AES-256-CBC `AlgorithmIdentifier` example without PRF NULL parameter.
+const PBES2_PBKDF2_SHA256_AES256CBC_ALG_ID_NO_NULL_PARAM: &[u8] = &hex!(
+    "305506092a864886f70d01050d3048302706092a864886f70d01050c301a0408
+     79d982e70df91a8802020800300a06082a864886f70d0209301d060960864801
+     650304012a0410b2d02d78b2efd9dff694cf8e0af40925"
+);
+
+
 /// PBES2 + scrypt + AES-256-CBC `AlgorithmIdentifier` example.
 ///
 /// Generated by OpenSSL and extracted from the `pkcs8` crate's
@@ -96,6 +104,26 @@ fn decode_pbes2_pbkdf2_sha256_aes256cbc() {
     }
 }
 
+/// Decoding test for PBES2 + PBKDF2-SHA256 + AES-256-CBC `AlgorithmIdentifier`
+#[test]
+fn decode_pbes2_pbkdf2_sha256_aes256cbc_without_null_parameter() {
+    let scheme = pkcs5::EncryptionScheme::try_from(PBES2_PBKDF2_SHA256_AES256CBC_ALG_ID_NO_NULL_PARAM).unwrap();
+    let params = scheme.pbes2().unwrap();
+
+    let pbkdf2_params = params.kdf.pbkdf2().unwrap();
+    assert_eq!(pbkdf2_params.salt.as_bytes(), &hex!("79d982e70df91a88"));
+    assert_eq!(pbkdf2_params.iteration_count, 2048);
+    assert_eq!(pbkdf2_params.key_length, None);
+    assert_eq!(pbkdf2_params.prf, pbes2::Pbkdf2Prf::HmacWithSha256);
+
+    match params.encryption {
+        pbes2::EncryptionScheme::Aes256Cbc { iv } => {
+            assert_eq!(iv, hex!("b2d02d78b2efd9dff694cf8e0af40925"));
+        }
+        other => panic!("unexpected encryption scheme: {:?}", other),
+    }
+}
+
 /// Decoding test for PBES2 + scrypt + AES-256-CBC `AlgorithmIdentifier`
 #[test]
 fn decode_pbes2_scrypt_aes256cbc() {

From 7711c94f82f7c78f491ac52e077142ce4a9b4e8c Mon Sep 17 00:00:00 2001
From: Dmitry Pankratov <dmitry@pankratov.net>
Date: Tue, 17 Sep 2024 00:29:23 +0200
Subject: [PATCH 2/5] Formatting

---
 pkcs5/tests/pbes2.rs | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/pkcs5/tests/pbes2.rs b/pkcs5/tests/pbes2.rs
index 7da810b21..f0dc8cda7 100644
--- a/pkcs5/tests/pbes2.rs
+++ b/pkcs5/tests/pbes2.rs
@@ -31,7 +31,6 @@ const PBES2_PBKDF2_SHA256_AES256CBC_ALG_ID_NO_NULL_PARAM: &[u8] = &hex!(
      650304012a0410b2d02d78b2efd9dff694cf8e0af40925"
 );
 
-
 /// PBES2 + scrypt + AES-256-CBC `AlgorithmIdentifier` example.
 ///
 /// Generated by OpenSSL and extracted from the `pkcs8` crate's
@@ -107,7 +106,9 @@ fn decode_pbes2_pbkdf2_sha256_aes256cbc() {
 /// Decoding test for PBES2 + PBKDF2-SHA256 + AES-256-CBC `AlgorithmIdentifier`
 #[test]
 fn decode_pbes2_pbkdf2_sha256_aes256cbc_without_null_parameter() {
-    let scheme = pkcs5::EncryptionScheme::try_from(PBES2_PBKDF2_SHA256_AES256CBC_ALG_ID_NO_NULL_PARAM).unwrap();
+    let scheme =
+        pkcs5::EncryptionScheme::try_from(PBES2_PBKDF2_SHA256_AES256CBC_ALG_ID_NO_NULL_PARAM)
+            .unwrap();
     let params = scheme.pbes2().unwrap();
 
     let pbkdf2_params = params.kdf.pbkdf2().unwrap();

From 3571e5431cfcac7770b0330bc680e5d2a0de6810 Mon Sep 17 00:00:00 2001
From: Dmitry Pankratov <dmitry@pankratov.net>
Date: Tue, 17 Sep 2024 08:19:07 +0200
Subject: [PATCH 3/5] Added a test vector for the new unit test and a note
 about application.

---
 ...aes-256-cbc_hmacWithSHA256_algid-no-param.der | Bin 0 -> 95 bytes
 pkcs5/tests/pbes2.rs                             |  15 +++++++++------
 2 files changed, 9 insertions(+), 6 deletions(-)
 create mode 100644 pkcs5/tests/examples/pbes2_aes-256-cbc_hmacWithSHA256_algid-no-param.der

diff --git a/pkcs5/tests/examples/pbes2_aes-256-cbc_hmacWithSHA256_algid-no-param.der b/pkcs5/tests/examples/pbes2_aes-256-cbc_hmacWithSHA256_algid-no-param.der
new file mode 100644
index 0000000000000000000000000000000000000000..d14bf88a313f591f8229745fb97c29d0a138b3bc
GIT binary patch
literal 95
zcmXqrW#iOp^Jx3d%gD-W5MZE>;PMzKu?X-8t+KrCd@<Sf_BPR_Z=|!Bm^c^=xY#%#
ndYCv3WZ5_q+B_IjnOPXMSOj+M3R2gOGElQk`XTkG>UstMsTvxM

literal 0
HcmV?d00001

diff --git a/pkcs5/tests/pbes2.rs b/pkcs5/tests/pbes2.rs
index f0dc8cda7..1af208745 100644
--- a/pkcs5/tests/pbes2.rs
+++ b/pkcs5/tests/pbes2.rs
@@ -25,10 +25,13 @@ const PBES2_PBKDF2_SHA256_AES256CBC_ALG_ID: &[u8] = &hex!(
 );
 
 /// PBES2 + PBKDF2-SHA256 + AES-256-CBC `AlgorithmIdentifier` example without PRF NULL parameter.
+///
+/// Generated by Smallstep CLI
+/// `tests/examples/pbes2_aes-256-cbc_hmacWithSHA256_algid-no-param.der` test vector.
 const PBES2_PBKDF2_SHA256_AES256CBC_ALG_ID_NO_NULL_PARAM: &[u8] = &hex!(
-    "305506092a864886f70d01050d3048302706092a864886f70d01050c301a0408
-     79d982e70df91a8802020800300a06082a864886f70d0209301d060960864801
-     650304012a0410b2d02d78b2efd9dff694cf8e0af40925"
+    "305d06092a864886f70d01050d3050302f06092a864886f70d01050c30220410
+     0c12aa39d743d1633ddbb615a5ec1b6a02020800300a06082a864886f70d0209
+     301d060960864801650304012a0410baba52272b5a30263d62f81ae27ad768"
 );
 
 /// PBES2 + scrypt + AES-256-CBC `AlgorithmIdentifier` example.
@@ -103,7 +106,7 @@ fn decode_pbes2_pbkdf2_sha256_aes256cbc() {
     }
 }
 
-/// Decoding test for PBES2 + PBKDF2-SHA256 + AES-256-CBC `AlgorithmIdentifier`
+/// Decoding test for PBES2 + PBKDF2-SHA256 + AES-256-CBC `AlgorithmIdentifier` without NULL prf parameter
 #[test]
 fn decode_pbes2_pbkdf2_sha256_aes256cbc_without_null_parameter() {
     let scheme =
@@ -112,14 +115,14 @@ fn decode_pbes2_pbkdf2_sha256_aes256cbc_without_null_parameter() {
     let params = scheme.pbes2().unwrap();
 
     let pbkdf2_params = params.kdf.pbkdf2().unwrap();
-    assert_eq!(pbkdf2_params.salt.as_bytes(), &hex!("79d982e70df91a88"));
+    assert_eq!(pbkdf2_params.salt.as_bytes(), &hex!("0C12AA39D743D1633DDBB615A5EC1B6A"));
     assert_eq!(pbkdf2_params.iteration_count, 2048);
     assert_eq!(pbkdf2_params.key_length, None);
     assert_eq!(pbkdf2_params.prf, pbes2::Pbkdf2Prf::HmacWithSha256);
 
     match params.encryption {
         pbes2::EncryptionScheme::Aes256Cbc { iv } => {
-            assert_eq!(iv, hex!("b2d02d78b2efd9dff694cf8e0af40925"));
+            assert_eq!(iv, hex!("BABA52272B5A30263D62F81AE27AD768"));
         }
         other => panic!("unexpected encryption scheme: {:?}", other),
     }

From 1d90a9f1cf2bf9d595a2b3ce3101f718a0e94264 Mon Sep 17 00:00:00 2001
From: Dmitry Pankratov <dmitry@pankratov.net>
Date: Tue, 17 Sep 2024 08:21:17 +0200
Subject: [PATCH 4/5] Formatted sources

---
 pkcs5/tests/pbes2.rs | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/pkcs5/tests/pbes2.rs b/pkcs5/tests/pbes2.rs
index 1af208745..0da961304 100644
--- a/pkcs5/tests/pbes2.rs
+++ b/pkcs5/tests/pbes2.rs
@@ -115,7 +115,10 @@ fn decode_pbes2_pbkdf2_sha256_aes256cbc_without_null_parameter() {
     let params = scheme.pbes2().unwrap();
 
     let pbkdf2_params = params.kdf.pbkdf2().unwrap();
-    assert_eq!(pbkdf2_params.salt.as_bytes(), &hex!("0C12AA39D743D1633DDBB615A5EC1B6A"));
+    assert_eq!(
+        pbkdf2_params.salt.as_bytes(),
+        &hex!("0C12AA39D743D1633DDBB615A5EC1B6A")
+    );
     assert_eq!(pbkdf2_params.iteration_count, 2048);
     assert_eq!(pbkdf2_params.key_length, None);
     assert_eq!(pbkdf2_params.prf, pbes2::Pbkdf2Prf::HmacWithSha256);

From 947af76b1d4d9acc44f738a2c6bd591bc316b4e8 Mon Sep 17 00:00:00 2001
From: Dmitry Pankratov <dmitry@pankratov.net>
Date: Tue, 17 Sep 2024 09:09:04 +0200
Subject: [PATCH 5/5] Additional comment

---
 pkcs5/tests/pbes2.rs | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pkcs5/tests/pbes2.rs b/pkcs5/tests/pbes2.rs
index 0da961304..cf6dbb85a 100644
--- a/pkcs5/tests/pbes2.rs
+++ b/pkcs5/tests/pbes2.rs
@@ -26,7 +26,7 @@ const PBES2_PBKDF2_SHA256_AES256CBC_ALG_ID: &[u8] = &hex!(
 
 /// PBES2 + PBKDF2-SHA256 + AES-256-CBC `AlgorithmIdentifier` example without PRF NULL parameter.
 ///
-/// Generated by Smallstep CLI
+/// Generated by Smallstep CLI: `step certificate p12 out.p12 in.crt in.key`, extracted from PKCS#12.
 /// `tests/examples/pbes2_aes-256-cbc_hmacWithSHA256_algid-no-param.der` test vector.
 const PBES2_PBKDF2_SHA256_AES256CBC_ALG_ID_NO_NULL_PARAM: &[u8] = &hex!(
     "305d06092a864886f70d01050d3050302f06092a864886f70d01050c30220410