Does Keychain support importing a PKCS12 certificate encrypted with AES256?

I am attempting to import a PFX/P12 certificate generated by the Windows certificate manager for use with S/MIME into MacOS Catalina Keychain. The certificate is encrypted with AES256. The same certificate and password work correctly when encrypted with 3DES. When the certificated uses AES256, Keychain complains "MAC verification failed during PKCS12 import" after I enter the password. The same error is achieved using the security cli. Any ideas what might be wrong? CLI examples that did not work:

security import ./foo.pfx -f pkcs12
security import ./foo.pfx -t cert -f pkcs12
security import ./foo.pfx -f pkcs12 -k ~/Library/Keychains/login.keychain
security import ./foo.pfx -f pkcs12 -T /usr/bin/codesign -k ~/Library/Keychains/login.keychain

### Update 1: How the Certificates were Created 1. Login with my user on a Windows 10 desktop 2. Open Manager User Certificates 3. Personal -> Certificates -> All Tasks -> Request New Certificate 4. Select the appropriate enrollment policy 5. Right click the certificate and choose "Export..." 6. Select the format: 1. PFX 1. include all certificates 2. enable certificate privacy 7. Set the password 8. Finish At some point in the process I chose AES256 or 3DES from a drop down (only two options available)