search for: mpint

Am 02.11.2013 um 11:38 schrieb Aris Adamantiadis <aris at 0xbadc0de.be>: > RFC4251 describes mpint to be multi-size and with positive values having > MSB clear, so it's clearly incompatible with raw string. > > Since you both agreed on the curve25519 implementation to use, I'll work > today on Markus' patch to make the changes Damien wanted. What do you want to change i...

...uint32 checkint uint32 checkint string privatekey1 string comment1 ... Therefore, I expect each private key to be wrapped in a single large SSH-2 "string", inside which I expect a second layer of data marshalling such as the key type string and various mpints. However, in fact, this doesn't seem to be true: as far as I can see, the individual pieces of the private key just appear at the top level of the encrypted string, and whoever is reading the file must recognise the key type (either here or in the prior sequence of public keys) and use it to...

Hi, Could anyone pls help by telling me how the DH pubkey from the server (f) is encoded when it is sent back to me? I understand that it comes across as an mpint, but after I decode the mpint into the bytes that make up the number, what does this number represent? Is it a X509 encoded key? Or is it something else? The reason for my question: I am trying to write a ssh client in Java, using JCE for the crypto. When I get the server key, and use the r...

...I'm developing an open source Java SSH (v2) client API, and need a bit of help. 1) After receiving the KEXDH_RESPONSE packet, reading SSH Transport Layer Protocol (March 2002), Section 5.2, Output from Key Exchange: do I assume that, in HASH (K || H || "A" || session_id), H is a mpint? The spec states that K is a mpint but doesnt specify for H. 2) Also, how do I communicate my public key to the server? From the spec, I gather that the next packet to send is a SSH_MSG_NEWKEYS with no data following ... am I wrong? Help is very much appreciated... -- Manik Surtani Conchan...

e.g. can we make it throw warnings etc. rsa-sha2-256 and rsa-sha2-512 are fine, they use PSS. On Sun, Jan 20, 2019 at 1:55 AM Yegor Ievlev <koops1997 at gmail.com> wrote: > > Also can we do anything with ssh-rsa? It uses both SHA-1 and > deprecated PKCS#1 padding. If it's used to sign certificates, there's > no additional protection of SHA-2 hashing before SHA-1

It should be compatible with the original patch. However I think that the shared secret should be encoded as a string, too. What does libssh do? > Am 02.11.2013 um 05:46 schrieb Damien Miller <djm at mindrot.org>: > >> On Fri, 1 Nov 2013, Markus Friedl wrote: >> >> Here are three versions (patch against openbsd cvs) >> >> 1) repace nacl w/libsodium,

I am working on a port of Openssh 3.8p1 after already having done a port of Openssh 3.5p1. There are a couple of new lines in buffer_get_bignum2() that are causing me problems: if (len > 0 && (bin[0] & 0x80)) fatal("buffer_get_bignum2: negative numbers not supported"); The "& 0x80" check is not relevant in ebcdic. Does anyone

...ent") > uint32 counter > byte[32] ecdsa_signature (in X9.62 format). The signature is more than 32 bytes here, though. The middleware library returns the signature as an (r, s) pair, where each is a 32-byte string value that is later converted to integers and then encoded as a pair of MPInts. I suspect the hardware might be returning (r, s) as DER encoded in some cases and that the middleware library is hiding that, but either way the text above isn?t quite right. Later, in the description of the sk_enroll() call, you show a ?challenge? argument, but it?s not clear how that?s used. Ar...

Hi, As of this morning, OpenSSH now has experimental U2F/FIDO support, with U2F being added as a new key type "sk-ecdsa-sha2-nistp256 at openssh.com" or "ecdsa-sk" for short (the "sk" stands for "security key"). If you're not familiar with U2F, this is an open standard for making inexpensive hardware security tokens. These are easily the cheapest way