To create an SshPrivateKey
from a BouncyCastle EC key pair, you have to encode the key pair into a DER-encoded PKCS #8 format - this results i na byte array (or a file) that can be loaded into SshPrivateKey
.
With the C# version of BouncyCastle, this can be achieved by the following code:
public static byte[] BouncyPrivateKeyParametersToPkcs8(Org.BouncyCastle.Crypto.Parameters.ECPrivateKeyParameters parameters)
{
if (parameters == null)
{
throw new ArgumentNullException("parameters");
}
if (parameters.AlgorithmName != "ECDSA")
{
throw new CryptographicException("Not an ECDSA key.");
}
if (parameters.PublicKeyParamSet == null)
{
throw new CryptographicException("Not a named curve keypair.");
}
var bcPrivateKeyInfo = Org.BouncyCastle.Pkcs.PrivateKeyInfoFactory.CreatePrivateKeyInfo(parameters);
return bcPrivateKeyInfo.GetDerEncoded();
}
Then, just load the resulting byte array into SshPrivateKey
:
byte[] pkcs8 = BouncyPrivateKeyParametersToPkcs8(bcPrivateKey);
var sshPrivateKey = new SshPrivateKey(pkcs8);