DH keys exchanged - encoding?
Markus Friedl
markus at openbsd.org
Fri Jul 5 00:04:42 EST 2002
On Thu, Jul 04, 2002 at 02:55:04PM +0100, Manik Surtani wrote:
> Hi,
>
> Could anyone pls help by telling me how the DH pubkey from the server
> (f) is encoded when it is sent back to me? I understand that it comes
> across as an mpint, but after I decode the mpint into the bytes that
> make up the number, what does this number represent? Is it a X509
> encoded key? Or is it something else?
how is this related to x.509? it's just a
multiple precision integers in two's complement format
check draft-ietf-secsh-architecture-XX again:
mpint
Represents multiple precision integers in two's complement format,
stored as a string, 8 bits per byte, MSB first. Negative numbers
have the value 1 as the most significant bit of the first byte of
the data partition. If the most significant bit would be set for
a positive number, the number MUST be preceded by a zero byte.
Unnecessary leading bytes with the value 0 or 255 MUST NOT be
included. The value zero MUST be stored as a string with zero
bytes of data.
By convention, a number that is used in modular computations in
Z_n SHOULD be represented in the range 0 <= x < n.
Examples:
value (hex) representation (hex)
---------------------------------------------------------------
0 00 00 00 00
9a378f9b2e332a7 00 00 00 08 09 a3 78 f9 b2 e3 32 a7
80 00 00 00 02 00 80
-1234 00 00 00 02 ed cc
-deadbeef 00 00 00 05 ff 21 52 41 11
More information about the openssh-unix-dev
mailing list