[Mono-dev] certmgr problem

Neale Ferguson neale at sinenomine.net
Fri Oct 16 16:35:36 UTC 2015

When running certmgr to import a key I am getting the following error:

System.Security.Cryptography.CryptographicException: Invalid MAC - file
may have been tampered!

I have verified that the key is ok:

[neale at lneale3 - mono] openssl pkcs12 -info -in /tmp/MonoTestCert.pfx
Enter Import Password:
MAC Iteration 2000
MAC verified OK
PKCS7 Data
Shrouded Keybag: pbeWithSHA1And3-KeyTripleDES-CBC, Iteration 2000
Bag Attributes
    localKeyID: 01 00 00 00
    Microsoft CSP Name: Microsoft Strong Cryptographic Provider
    friendlyName: PvkTmp:171f74c0-49c3-484a-90c0-a9453b04e318
Key Attributes
    X509v3 Key Usage: 10

The calculated MAC that PCKS12.cs is generating is quite different. I
added some debug code:

MAC does not match calculated MAC
	Lengths: 20 20
57 AF 88 DD B6 40 07 24 56 A3 71 1C 25 F1 A9 8F 46 D0 E5 BA
A7 4A 04 50 E5 67 39 5E D9 A6 B7 86 3D 00 09 DE 57 4F 2C FC

Is this a known limitation of mono or some error on my part?


More information about the Mono-devel-list mailing list