Create SSH ED25519 key with BouncyCastle for Rency SSH.NET in C#

Question

I have to generate the public and the private keys with BouncyCastle in ED25519 version (NOT RSA) and I not able to generate it correct. I have try with:

var gen = new Ed25519KeyPairGenerator();
var param = new Ed25519KeyGenerationParameters(new SecureRandom());
gen.Init(param);
AsymmetricCipherKeyPair pair = gen.GenerateKeyPair();
string publicKey = string.Empty;
string privateKey = string.Empty;
using (TextWriter textWriter = new StringWriter())
 {
    var wr = new Org.BouncyCastle.OpenSsl.PemWriter(textWriter);
    wr.WriteObject(pair.Private);
    wr.Writer.Flush();
    privateKey = textWriter.ToString().Replace("PRIVATE", "OPENSSH PRIVATE");
    }

    using (var textWriter = new StringWriter())
 {
   var wr = new Org.BouncyCastle.OpenSsl.PemWriter(textWriter);
   wr.WriteObject(pair.Public);
   wr.Writer.Flush();
   publicKey = textWriter.ToString().Replace("PUBLIC", "OPENSSH PUBLIC");
  }

but when I add the private key in:

var buf = new MemoryStream(Encoding.UTF8.GetBytes(privateKey));
var privateKeyFile = new PrivateKeyFile(buf, string.Empty);

But when I try to add the private key in the ssh method, an exception is thrown (malformed key.. ecc). In particular if i generate this key:

-----BEGIN OPENSSH PRIVATE KEY----- MFECAQEwBQYDK2VwBCIEICJ/5KrMI49gUFvVIvjpquDDaCrRf+VkrBqmyjjYCXKd gSEAk0u1yhkqEWCIwOoGJCtJBV3Ai/uA9B8cRiXQvq6DmEc= -----END OPENSSH PRIVATE KEY-----

the error is 'This openssh key does not contain the 'openssh-key-v1' format magic header

Someone can help me?

Thanks

Answer 1

This has been resolved in https://github.com/sshnet/SSH.NET/pull/496

    using Org.BouncyCastle.Crypto.Generators;
    using Org.BouncyCastle.Crypto.Parameters;
    using Org.BouncyCastle.Crypto.Utilities;
    using Org.BouncyCastle.Security;
    using Renci.SshNet;

    public string GenerateEd25519PrivateKey()
    {
        var generator = new Ed25519KeyPairGenerator();
        var parameters = new Ed25519KeyGenerationParameters(new SecureRandom());
        generator.Init(parameters);
        var keyPair = generator.GenerateKeyPair();

        var keyInfo = PrivateKeyInfoFactory.CreatePrivateKeyInfo(keyPair.Private);
        var pubKey = Convert.ToBase64String(keyInfo.GetDerEncoded());
        // Add this to ~/.ssh/authorized_keys
        var authorizedKey = $"ssh-ed25519 {pubKey} generated-{DateTime.Today:yyyy-MM-dd}";

        var ppk = new StringBuilder();
        ppk.AppendLine("-----BEGIN OPENSSH PRIVATE KEY-----");
        var bytes = OpenSshPrivateKeyUtilities.EncodePrivateKey(keyPair.Private);
        ppk.AppendLine(Convert.ToBase64String(bytes, Base64FormattingOptions.InsertLineBreaks));
        ppk.AppendLine("-----END OPENSSH PRIVATE KEY-----");
        return ppk.ToString();
    }

    public PrivateKeyFile ToPrivateKeyFile(string privateKey)
    {
        using var memory = new MemoryStream(Encoding.UTF8.GetBytes(privateKey));
        return new PrivateKeyFile(memory);
    }