[Mono-dev] ASN.1 Implementation and Firefox PKCS#12

Sebastien Pouliot sebastien.pouliot at gmail.com
Tue Oct 13 15:29:09 EDT 2009

Hello Claus,

This is a known issue documented in

Sadly using the new parser to re-implement everything ASN.1 related
inside Mono is a large undertaking (and also will break binary
compatibility in Mono.Security.dll) and this is a minor/rare issue so
there are no planned timeframe for a fix.


On Tue, 2009-10-13 at 19:32 +0200, Claus Jørgensen wrote:
> Hi
> When using the PKCS12.LoadFromFile method to load a PKCS#12 file that
> was exported from Firefox, a "Undefined length encoding." exception
> occours, 
> and after stacktracing this boils down to a check of the value of the
> second byte in the file in the ASN.1 class.
> According to this the nLength cannot be equal to 0x80, but in our
> exported certificate from Firefox the second byte value is 80,
> so we tested with pk12util, and it confirms the certificate from
> Firefox is valid.
> This leads me to the conclusion that the ASN.1 implementation is
> wrong, or the exception check was meant to do something else
> originally, 
> and after discussing it with some people on IRC I was suggested to
> mail this mailing list, and Sebastian Pouliot. 
> I must admit looking though the 146 pages of specification on the
> ASN.1 format isn't what I wanted to spend my autumn holiday on, 
> so I hope I can get some more insight though from here.
> Sincerely
>  Claus Jørgensen

More information about the Mono-devel-list mailing list