KeyStore::from_pkcs12 results in panic for Smallstep generated p12 files

[bkoetter]

OS: macOS 14.6.1 on arm64
Rust: 1.81.0
Target: aarch64-apple-darwin
p12-keystore: 0.1.3
OpenSSL: 3.3.2
Smallstep CLI: 0.27.4

Reading a p12 file with KeyStore::from_pkcs12 generated using the following OpenSSL command works fine:

openssl pkcs12 -export -inkey domain.key -in domain.crt -out domain.p12

Reading a p12 file generated using Smallstep CLI results in a panic:

step certificate p12 domain.p12 domain.crt domain.key

Code to trigger behaviour:

use p12_keystore::KeyStore;

fn main() {
    KeyStore::from_pkcs12(
        include_bytes!("/Users/myhome/cert2/domain.p12"), "secPas$4"
    ).unwrap();
}

Output:

thread 'main' panicked at src/main.rs:6:7:
called `Result::unwrap()` on an `Err` value: DerError(Error { kind: Value { tag: Tag(0x05: NULL) }, position: None })
stack backtrace:
   0: rust_begin_unwind
             at /rustc/eeb90cda1969383f56a2637cbd3037bdf598841c/library/std/src/panicking.rs:665:5
   1: core::panicking::panic_fmt
             at /rustc/eeb90cda1969383f56a2637cbd3037bdf598841c/library/core/src/panicking.rs:74:14
   2: core::result::unwrap_failed
             at /rustc/eeb90cda1969383f56a2637cbd3037bdf598841c/library/core/src/result.rs:1679:5
   3: core::result::Result<T,E>::unwrap
             at /rustc/eeb90cda1969383f56a2637cbd3037bdf598841c/library/core/src/result.rs:1102:23
   4: learning_rust::main
             at ./src/main.rs:4:5
   5: core::ops::function::FnOnce::call_once
             at /rustc/eeb90cda1969383f56a2637cbd3037bdf598841c/library/core/src/ops/function.rs:250:5
note: Some details are omitted, run with `RUST_BACKTRACE=full` for a verbose backtrace.

Process finished with exit code 101

[ancwrd1]

Could you attach a sample p12 file which triggers this error?

[bkoetter]

cert2.tar.gz
Find the sample files attached. Using the same password to encrypt the p12 and the key file: secPas$4

[ancwrd1]

The problem is that the p12 generated by Smallstep CLI does not contain a value for the parameter field of the "prf" algorithm identifier (see attached pictures). It is should be present and set to NULL, at least according to various RFCs (https://datatracker.ietf.org/doc/html/rfc4231#section-3.1).

That's what Smallstep produces:

Anyway, I guess it's not much helpful in resolution, so there are few possibilities here: it can be reported as a bug in Smallstep project, it can be reported as an enhancement request in the https://github.com/RustCrypto/formats, or I can add a workaround in here, which requires a bit of copy/paste and code duplication from RustCrypto/pkcs5.

[bkoetter]

@ancwrd1 Thank you so much for folllowing up on this issue and determining the root cause.
I understand from your RustCrypto/formats PR that according to RFC4231 the NULL parameter is not a mandatoy requirement. I think that raising this as an enhancement request in the https://github.com/RustCrypto/formats would be the right approach. Thanks for already doing so.

[ancwrd1]

The related PR is merged, I am closing this issue.

[ancwrd1]

On a second thought, it's not added yet to this project, so let's keep it opened.