Convert ssh-keys to c# format to encrypt in Windows (c#) and decrypt in Linux (python/shell)

Question

I have public and private key pair generated using ssh-keygen on Centos machine. I need to convert the public key to some format that c# can understand (XML?) so that a windows application in c# can encrypt a message and Centos application (python/shell) can decrypt the message using the corresponding private key. How can this conversion be done?

The sample keys I have are:

Public Key:

ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAnq2b0d3fbUMTN85q0xhHH2grdwwmg/8+1Efu2rKLAN1RiqHnov9wgRpL+l0cK5xpS7Z03+Up81HTJWxfH39WW18K+u3I6gyMBcrLaCdB/mWdJ1ayo0gdUiSz7TNDC1AR1S0BORET0oawF0BrhcYabzegQ1cpiQ4dfiQT9s3fupvQF/ZM5fSLFMK3w8wHxvtZoGGJR3K6aawIdWvz/kP0Tz9XXzr3WSrj6OApiACB/X2AvO0bIXvbVrIOsE74kseVBx2jsdVQeJuwN9EPbj4B6EyPaCNeok3Ua/vBNnxGFYIgS4QXPLXh8TXOKu+GI9QQ5Fl2lHRWh82rjMCsv88Wcw== test@local

Private Key:

-----BEGIN PRIVATE KEY-----
MIIEugIBADANBgkqhkiG9w0BAQEFAASCBKQwggSgAgEAAoIBAQCerZvR3d9tQxM3
zmrTGEcfaCt3DCaD/z7UR+7asosA3VGKoeei/3CBGkv6XRwrnGlLtnTf5SnzUdMl
bF8ff1ZbXwr67cjqDIwFystoJ0H+ZZ0nVrKjSB1SJLPtM0MLUBHVLQE5ERPShrAX
QGuFxhpvN6BDVymJDh1+JBP2zd+6m9AX9kzl9IsUwrfDzAfG+1mgYYlHcrpprAh1
a/P+Q/RPP1dfOvdZKuPo4CmIAIH9fYC87Rshe9tWsg6wTviSx5UHHaOx1VB4m7A3
0Q9uPgHoTI9oI16iTdRr+8E2fEYVgiBLhBc8teHxNc4q74Yj1BDkWXaUdFaHzauM
wKy/zxZzAgEjAoIBAFYjuvzmKNTp5dx3Xo/Z+rlHLYnExHOKj9JS72DHUsX0fLj4
zjPpwLsc52qnkvMaZQvYE498Zzrx56aZ6n7QGO/F4WOlp5T/fzZYJUcrQRUSlyP7
3VFTCJpOcE2Q20CnzyqUxiZLGWOoM7TZ0/gptpQlguK6Sb9uEAKl3vOxlrXBcZHp
LQ+CUdixgtq9m5Fmq1rcZtX53m7bp/5DH7P5uTuNan37Um0zqZJjgQM91wwKXK63
Cv/DErTSWdGeSMSdDkzal8/MzD1NkUf153E7RVMKkrHELH+vo+b+06cGzA4lrYQq
MfCFaiW6y2NKlFmfBGopyh+T6HAhOdF7cbgChSMCgYEAycRoCg9X5WZEzBAWXr5X
69BDHPua5EFbi4PyWks0oIlGDCNTH2LMdokx/RRv3nfc/j6RKoJ1LzmfOJoG/+Iw
AH9QyeSQ6881wTlGBlRxweZ/GcrglQMrwDQHjVMoO6jmC5umfaFre8rBN5EJhFEF
TKsIxU4LZoqJTyp5n1cq3WUCgYEAyVQ/CseEKdvzjt1l202i7sptePeSSeLWzjgL
bMXXhUrMXqStF7PxyTcR0wHN4XzrvNC56dVb9XGqS5QkZSt2REsRwiYOgKRC1eXG
DerlzcclxbQcyH4G88RUrgB9ahynhDWq0dLAbLiISFxBrS23UE1UjcjfNlciGkwt
wqni8vcCgYBK8S31G6RN5CguiaHorRlXln9T6Gy7Ljfx/c8LmEa/SO4hw/pNfHfU
QZY5bf2qZwjwuCdKTbZ/QUnEkPtJGX+LJ/lvj2kHIRP3T8mNUpCnGxlEGCeHzfpO
tD1Rv80deT+Ap4b7dnhhLg1AhlP98jUrGvShDlwBg+nbk28Aq1kQZwKBgEUG8QsC
k7aUjgUYtTU/MIxiqTDJ6QNjt1ylgEKM+W+HXAMxJWc2YYbRDWzqrPzaX3PvyraS
S2oYV6TiVZ8HlkNM8CVO4Gaet9ROx4++QClLl+wDPRGKS4bG+HYsDb37Mh6zUIJ0
JLePubJoxg99Y2v9QY+ylaw7IaKdxoviebJjAoGAZNYtOpG3b9IIIGRvEyfC2m5b
v1+6QggQ/1AThLdSpBaR/mU+rQ120aUcNc60aLILmoub+DjRwoDHuO9Qnu4krwJI
WOV9mrBEJfcuNT+dDDJ2MGFqBSwitH2CenTWvbyCMfXOB7Bn8PqMlW5M/6AVv/Nf
lytOwERMgIc67pKkC+c=
-----END PRIVATE KEY-----

I was able to extract PEM formatted public key from the private key using:

openssl rsa -in myPrivateKey -pubout > PublicKey.x509


-----BEGIN PUBLIC KEY-----
MIIBIDANBgkqhkiG9w0BAQEFAAOCAQ0AMIIBCAKCAQEAnq2b0d3fbUMTN85q0xhH
H2grdwwmg/8+1Efu2rKLAN1RiqHnov9wgRpL+l0cK5xpS7Z03+Up81HTJWxfH39W
W18K+u3I6gyMBcrLaCdB/mWdJ1ayo0gdUiSz7TNDC1AR1S0BORET0oawF0BrhcYa
bzegQ1cpiQ4dfiQT9s3fupvQF/ZM5fSLFMK3w8wHxvtZoGGJR3K6aawIdWvz/kP0
Tz9XXzr3WSrj6OApiACB/X2AvO0bIXvbVrIOsE74kseVBx2jsdVQeJuwN9EPbj4B
6EyPaCNeok3Ua/vBNnxGFYIgS4QXPLXh8TXOKu+GI9QQ5Fl2lHRWh82rjMCsv88W
cwIBIw==
-----END PUBLIC KEY-----

All I can have in the windows machine is my Public key and so to encrypt a message in C# I should have the public key in XML format to load it using RSACryptoServiceProvider class. Using other methods such as X509Certificate2 will need both Public and Private keys in the form of a certificate. Given that I have only public key in ssh format, how do I proceed with encryption in C#? The same string will need to be decrypted on the Linux side using corresponding private key.

Thanks!

Answer 1

I found this C# source which shows how to read the PEM public key (i.e. from BEGIN PUBLIC KEY) and build an RSACryptoServiceProvider from it (look for method DecodeX509PublicKey). I haven't tried this code myself, but it's someplace to start.