Github上的弱密钥错误，使用C＃生成4096 RSAkey

Question

我正在使用C＃和标准加密库根据RFC4716（或者至少我是这么认为）生成一个4096位的RSA密钥，但是git hub说我有一个大小错误的密钥，当我输入时返回以下错误尝试将其添加到与我的帐户关联的密钥中。

这是生成密钥的代码：

public static void GenerateKeys()
    {
        // Create the CspParameters object and set the key container   
        // name used to store the RSA key pair.  
        CspParameters cp = new CspParameters();
        //cp.KeyContainerName = ContainerName;

        CspKeyContainerInfo info = new CspKeyContainerInfo(cp);
        //string filename = info.UniqueKeyContainerName;

        // Create a new instance of RSACryptoServiceProvider that accesses  
        // the key container MyKeyContainerName.  
        RSACryptoServiceProvider rsa = new RSACryptoServiceProvider(4096, cp);
        var test = rsa.KeySize;

        using (StreamWriter privateKeyWriter = new StreamWriter(GitStandard.PrivateSSHKeyPath))
        {
            ExportPrivateKey(rsa, privateKeyWriter);
        }

        using (StreamWriter publicKeyWriter = new StreamWriter(GitStandard.PublicSSHKeyPath))
        {

            ExportPublicKeyOpenSSH(rsa, publicKeyWriter);
        }
    }

方法ExportPublicKeyOpenSSH是对this thread with answers on how to convert the key to RFC4716中代码的一个小修改，我唯一不同的做法是在模数转换之前添加零（0）。

private static void ExportPublicKeyOpenSSH(RSACryptoServiceProvider csp, TextWriter outputStream)
        {
            var parameters = csp.ExportParameters(false);


            byte[] sshrsa_bytes = Encoding.Default.GetBytes("ssh-rsa");
            //initializing modulus array
            byte[] n = new Byte[parameters.Modulus.Length + 1];
            //adding initial zero before modulus to conform with OpenSSH
            n[0] = 0;
            System.Buffer.BlockCopy(parameters.Modulus, 0, n, 1, parameters.Modulus.Length);
            //byte[] n = parameters.Modulus;
            byte[] e = parameters.Exponent;
            System.Array.Resize<Byte>(ref n, n.Length + 1);
            string base64;
            using (var stream = new MemoryStream())
            {
                stream.Write(ToBytes(sshrsa_bytes.Length), 0, 4);
                stream.Write(sshrsa_bytes, 0, sshrsa_bytes.Length);
                stream.Write(ToBytes(e.Length), 0, 4);
                stream.Write(e, 0, e.Length);
                stream.Write(ToBytes(n.Length), 0, 4);
                stream.Write(n, 0, n.Length);
                stream.Flush();
                base64 = Convert.ToBase64String(stream.ToArray());
            }
            var result = string.Format("ssh-rsa {0}", base64);
            outputStream.Write(result);
        }

生成的密钥是什么样的

  

SSH-RSA   AAAAB3NzaC1yc2EAAAADAQABAAACAgD171Y9VeinRALRfU8adS2K0vYHGfKkQwqs8SOQbhURFNtazupsocmpW96dYF346UVVCiKQCYrCW6t0QpGE3ch7onqTvXBszA9mfcuLX9hlhesJqFyUTHxDUopCc2tc5fWYuZ4MeySKuOetBEmPfN3Eu + SWC8j3VS9YzIDjwhkBPcJoxOnv3l7pSxEzGBGQXwdGmL8TFxxsBhue1ajralYPXgJo1nra70ChHcr8PfJvIXigBYCkwnb0KuofbPyhHETo4fNJqCPa1rLjnKoz5iTpyak2SWnhD5FX0 / t4juaL / OKNE4YSaAqpWwA9VS1i + y7doeSRc22tm5LHgSLmlxg6h5lPKm5emB840eMLOPvZLS / 4uODzFPMo4NFC2ZwNwdlXhcQE9EVtz9EZox1isKpJgShqJPh0sHVH9RnCuBSxW5N79KtsvcXI2zAiLBczKukqU2rTkvYdV1Wkx4zHSvLe42PQuJvSwhwW1tlgyFemd2aRwGDltQyGTPNOZ28E6SGgvxYtB4nvcu8gLyxob4Hz3ysohDB0Z9ZEismSK / 8eSeMrBPosTBO77tsjUk1L8v2lHXQ + p1raLpd3ETeae7vZjt6zMFCIhNKDvdJL9b0mIKLB26PMhWG4DzSTJGeIANjiNryWK7y0gdgdPs5953H1EJVRQ0wd2ceFFg2 + kpqlrQA =

使用命令ssh-keygen -l -f custom_rsa.pub测试密钥的有效性。

$ ssh-keygen -l -f custom_rsa.pub
4104 SHA256:uGO4sHOXXuX1waf+8jrdsWr3/57npF5AuUKUgYVWbCI no comment (RSA)

Answer 1

您调整n的大小以在左侧添加0（通过从索引1开始手动复制）并在右侧添加0（通过Array.Resize）。后者可能会让你陷入困境。

此外，（无关）您可能不应该使用Encoding.Default，而是使用您想要的任何编码。可能是Encoding.ASCII。