How to Generate a Public SSH-RSA key & get it to match Putty Gen’s RSA Keys!
Personal Blog: Not representative of Microsoft.
I’ve found that for some reason when generating a 3072 Bit RSA key, PuttyGen would generate a different RSA public key than mine.
After researching, I found that it seems in the source code (link) of the Putty Gen Program it would do .Length + 1 to create the Byte array, adding a leading 0 because of that to the Modulus.
For Microsoft .net RSACryptoServiceProvider it would look like this
RSACryptoServiceProvider RSA = new RSACryptoServiceProvider(3072); //Create 3072 Bit Key
byte[] sshrsa_bytes = Encoding.Default.GetBytes("ssh-rsa");
byte[] n = RSA.ExportParameters(false).Modulus;
byte[] e = RSA.ExportParameters(false).Exponent;
string buffer64;
using (MemoryStream ms = new MemoryStream())
{
ms.Write(ToBytes(sshrsa_bytes.Length), 0, 4);
ms.Write(sshrsa_bytes, 0, sshrsa_bytes.Length);
ms.Write(ToBytes(e.Length), 0, 4);
ms.Write(e, 0, e.Length);
ms.Write(ToBytes(n.Length+1), 0, 4); //Remove the +1 if not Emulating Putty Gen
ms.Write(new byte[] { 0 }, 0, 1); //Add a 0 to Emulate PuttyGen
ms.Write(n, 0, n.Length);
ms.Flush();
buffer64 = Convert.ToBase64String(ms.ToArray());
}
string pubssh = string.Format("ssh-rsa {0} generated-key", buffer64);
Testing the Program:
Program output if…
NO leading 0 added
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgKrIstbg1eQO3VKvHOcDEnx1gGX/8Jn7foWHv2uWbFqlL7AGZQNTz2VWiWntmgCNgg1pTnNKqOGTPpFDDHyqU0kfjL+cv8+j4Dlxr1axLs7KgzSZrW50XrXse3LEhfG1GgO9KwRu8Xt2Gb7X1aABm+bnaZQyxqxwJo9z5a4dTFbMiEQdl6ojBucINY/59j6J9/EuCCuEKV4Dr9IklgRuiIQEjzrzc8Tck32N+FMK/r16FIAwBUbC3szB+3IhDw1D8xS+JVngWUQzvujqPgbDEjJgoIkbcEnlqNO5d+g+BsIhreeVMscWPpDjfme8L3geX93UzNNrbJmpezmErcwMXDYdonVo/JhpE1WRVZswWbl4hCCvx6MFO5GkpEAy7G/jUqSDyk2wWI5Ayg4B58pgphOvzntQBmd+n3LGdKzG2DYH+mRBkFcnEnspHtjWIT64Q/dZmDRjQW1syYICR9Upo9Ynt0c5yNWHjGg+TufBr5xRbiWzlS9NJuRHTA0yXopTdQ== generated-key
WITH a leading 0 added
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCqyLLW4NXkDt1SrxznAxJ8dYBl//CZ+36Fh79rlmxapS+wBmUDU89lVolp7ZoAjYINaU5zSqjhkz6RQwx8qlNJH4y/nL/Po+A5ca9WsS7OyoM0ma1udF617HtyxIXxtRoDvSsEbvF7dhm+19WgAZvm52mUMsascCaPc+WuHUxWzIhEHZeqIwbnCDWP+fY+iffxLggrhCleA6/SJJYEboiEBI8683PE3JN9jfhTCv69ehSAMAVGwt7MwftyIQ8NQ/MUviVZ4FlEM77o6j4GwxIyYKCJG3BJ5ajTuXfoPgbCIa3nlTLHFj6Q435nvC94Hl/d1MzTa2yZqXs5hK3MDFw2HaJ1aPyYaRNVkVWbMFm5eIQgr8ejBTuRpKRAMuxv41Kkg8pNsFiOQMoOAefKYKYTr857UAZnfp9yxnSsxtg2B/pkQZBXJxJ7KR7Y1iE+uEP3WZg0Y0FtbMmCAkfVKaPWJ7dHOcjVh4xoPk7nwa+cUW4ls5UvTSbkR0wNMl6KU3U= generated-key
Putty Gen Output (Matches the leading 0 added code)
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCqyLLW4NXkDt1SrxznAxJ8dYBl//CZ+36Fh79rlmxapS+wBmUDU89lVolp7ZoAjYINaU5zSqjhkz6RQwx8qlNJH4y/nL/Po+A5ca9WsS7OyoM0ma1udF617HtyxIXxtRoDvSsEbvF7dhm+19WgAZvm52mUMsascCaPc+WuHUxWzIhEHZeqIwbnCDWP+fY+iffxLggrhCleA6/SJJYEboiEBI8683PE3JN9jfhTCv69ehSAMAVGwt7MwftyIQ8NQ/MUviVZ4FlEM77o6j4GwxIyYKCJG3BJ5ajTuXfoPgbCIa3nlTLHFj6Q435nvC94Hl/d1MzTa2yZqXs5hK3MDFw2HaJ1aPyYaRNVkVWbMFm5eIQgr8ejBTuRpKRAMuxv41Kkg8pNsFiOQMoOAefKYKYTr857UAZnfp9yxnSsxtg2B/pkQZBXJxJ7KR7Y1iE+uEP3WZg0Y0FtbMmCAkfVKaPWJ7dHOcjVh4xoPk7nwa+cUW4ls5UvTSbkR0wNMl6KU3U= imported-openssh-key
Source Post on StackOverflow (For BouncyCastle) :ย https://stackoverflow.com/questions/15457710/converting-an-rsa-public-key-into-a-rfc-4716-public-key-with-bouncy-castleย
RSA Private Key Used in Testing.. (Do not use anywhere else of course it’s useless)