Hi, Could anyone pls help by telling me how the DH pubkey from the server (f) is encoded when it is sent back to me? I understand that it comes across as an mpint, but after I decode the mpint into the bytes that make up the number, what does this number represent? Is it a X509 encoded key? Or is it something else? The reason for my question: I am trying to write a ssh client in Java, using JCE for the crypto. When I get the server key, and use the raw bytes to create an X509EncodedKeySpec, I get errors relating to invalid data ... Help appreciated. Cheers, -- Manik Surtani Conchango 'Innovative Change in Business' T 44 (0) 1784 221829 M 44 (0) 7786 702 706 E manik.surtani at conchango.com http://www.conchango.com The information contained in this message is confidential and is intended for the addressee only. If you have received this message in error, please notify us as soon as possible. The unauthorised use, disclosure, copying or alteration of this message is forbidden. _____________________________________________________________________ This message has been checked for all known viruses by the MessageLabs Virus Control Centre.
On Thu, Jul 04, 2002 at 02:55:04PM +0100, Manik Surtani wrote:> Hi, > > Could anyone pls help by telling me how the DH pubkey from the server > (f) is encoded when it is sent back to me? I understand that it comes > across as an mpint, but after I decode the mpint into the bytes that > make up the number, what does this number represent? Is it a X509 > encoded key? Or is it something else?how is this related to x.509? it's just a multiple precision integers in two's complement format check draft-ietf-secsh-architecture-XX again: mpint Represents multiple precision integers in two's complement format, stored as a string, 8 bits per byte, MSB first. Negative numbers have the value 1 as the most significant bit of the first byte of the data partition. If the most significant bit would be set for a positive number, the number MUST be preceded by a zero byte. Unnecessary leading bytes with the value 0 or 255 MUST NOT be included. The value zero MUST be stored as a string with zero bytes of data. By convention, a number that is used in modular computations in Z_n SHOULD be represented in the range 0 <= x < n. Examples: value (hex) representation (hex) --------------------------------------------------------------- 0 00 00 00 00 9a378f9b2e332a7 00 00 00 08 09 a3 78 f9 b2 e3 32 a7 80 00 00 00 02 00 80 -1234 00 00 00 02 ed cc -deadbeef 00 00 00 05 ff 21 52 41 11
Seemingly Similar Threads
- Silly question on DH key exch in ssh
- Java, JCE and OpenSSH
- [PATCH] curve25519-sha256@libssh.org key exchange proposal
- [PATCH] sshsig: check hashalg before selecting the RSA signature algorithm
- [protoype] Problem with Effects on draggable element if revert is true