Notice (2018-05-24): bugzilla.xamarin.com is now in
Please join us on
Visual Studio Developer Community and in the
Mono organizations on
GitHub to continue tracking issues. Bugzilla will remain
available for reference in read-only mode. We will continue to work
on open Bugzilla bugs, copy them to the new locations
as needed for follow-up, and add the new items under Related
Our sincere thanks to everyone who has contributed on this bug
tracker over the years. Thanks also for your understanding as we
make these adjustments and improvements for the future.
Please create a new report on
Developer Community or GitHub with
your current version information, steps to reproduce, and relevant error
messages or log files if you are hitting an issue that looks similar to
this resolved bug and you do not yet see a matching new report.
Created attachment 3993 [details]
the certificate which can be used to reproduce the issue
There is CryptographicException (unsupported hash algorithm) when trying to build certificate which uses SHA512 RSA algorithm.
Here is a code to reproduce this issue (on iOS device):
public class Application
static void Main (string args)
UIApplication.Main (args, null, "AppDelegate");
public partial class AppDelegate : UIApplicationDelegate
public override bool FinishedLaunching (UIApplication app, NSDictionary options)
window = new UIWindow (UIScreen.MainScreen.Bounds);
window.RootViewController = new UIViewController();
X509Certificate2 cert = new X509Certificate2("rebex-sha256.cer");
X509Chain chain = new X509Chain (false);
new UIAlertView("Error in Mono.", ex.ToString(), null, "OK", null).Show();
Complete stack trace:
System.ArgumentException: certificate ---> System.Security.Cryptography.CryptographicException: Unsupported hash algorithm: 1.2.840.1135184.108.40.206
at Mono.Security.X509.X509Certificate.VerifySignature (System.Security.Cryptography.RSA rsa) [0x000b4] in /Developer/MonoTouch/Source/mono/mcs/class/Mono.Security/Mono.Security.X509/X509Certificate.cs:511
at Mono.Security.X509.X509Certificate.VerifySignature (System.Security.Cryptography.AsymmetricAlgorithm aa) [0x0001c] in /Developer/MonoTouch/Source/mono/mcs/class/Mono.Security/Mono.Security.X509/X509Certificate.cs:522
at System.Security.Cryptography.X509Certificates.X509Chain.IsSignedWith (System.Security.Cryptography.X509Certificates.X509Certificate2 signed, System.Security.Cryptography.AsymmetricAlgorithm pubkey) [0x0000f] in /Developer/MonoTouch/Source/mono/mcs/class/System/System.Security.Cryptography.X509Certificates/X509Chain.cs:702
at System.Security.Cryptography.X509Certificates.X509Chain.Process (Int32 n) [0x00085] in /Developer/MonoTouch/Source/mono/mcs/class/System/System.Security.Cryptography.X509Certificates/X509Chain.cs:530
at System.Security.Cryptography.X509Certificates.X509Chain.ValidateChain (X509ChainStatusFlags flag) [0x00093] in /Developer/MonoTouch/Source/mono/mcs/class/System/System.Security.Cryptography.X509Certificates/X509Chain.cs:506
at System.Security.Cryptography.X509Certificates.X509Chain.Build (System.Security.Cryptography.X509Certificates.X509Certificate2 certificate) [0x0001f] in /Developer/MonoTouch/Source/mono/mcs/class/System/System.Security.Cryptography.X509Certificates/X509Chain.cs:115
--- End of inner exception stack trace ---
For X.509 certificates the SHA2 algorithms are, right now, only supported on Mono 3.x (which means Xamarin.iOS 6.3.x).
The code is being updated (including support for RIPEMD160 certificates ). Once that's completed I'll look if I can backport this into mono 2.10 (which would add support for them in Xamarin.iOS 6.2.x).
 bug #11703
Fixed in cb7798f30e27d6cc7a802de8c38c030d581ddf9d (master)
QA: unit test added
It should be available in the next maintenance (non-hotfix) release after 6.2.6.