DH keys exchanged - encoding?

Manik Surtani manik.surtani at conchango.com
Fri Jul 5 00:08:05 EST 2002


Its just that when I try and construct a PublicKey object using the JCE 
libraries, it expects the bytes in a X509 encoding.

When I do this manually (i.e., using the DH algos directly and NOT using 
JCE), everything works well.  But I'd prefer to use JCE and all the 
crypto libraries provided, rather than to rewrite it all.

Perhaps what is needed then is for me to write an X509 encoder/decoder 
so that I could use JCE with this?



Markus Friedl wrote:
> On Thu, Jul 04, 2002 at 02:55:04PM +0100, Manik Surtani wrote:
> 
>>Hi,
>>
>>Could anyone pls help by telling me how the DH pubkey from the server 
>>(f) is encoded when it is sent back to me?  I understand that it comes 
>>across as an mpint, but after I decode the mpint into the bytes that 
>>make up the number, what does this number represent?  Is it a X509 
>>encoded key?  Or is it something else?
> 
> 
> 
> how is this related to x.509? it's just a 
> 
> 	multiple precision integers in two's complement format
> 
> check draft-ietf-secsh-architecture-XX again:
> 
>    mpint
> 
>       Represents multiple precision integers in two's complement format,
>       stored as a string, 8 bits per byte, MSB first.  Negative numbers
>       have the value 1 as the most significant bit of the first byte of
>       the data partition.  If the most significant bit would be set for
>       a positive number, the number MUST be preceded by a zero byte.
>       Unnecessary leading bytes with the value 0 or 255 MUST NOT be
>       included.  The value zero MUST be stored as a string with zero
>       bytes of data.
> 
>       By convention, a number that is used in modular computations in
>       Z_n SHOULD be represented in the range 0 <= x < n.
> 
>        Examples:
>        value (hex)        representation (hex)
>        ---------------------------------------------------------------
>        0                  00 00 00 00
>        9a378f9b2e332a7    00 00 00 08 09 a3 78 f9 b2 e3 32 a7
>        80                 00 00 00 02 00 80
>        -1234              00 00 00 02 ed cc
>        -deadbeef          00 00 00 05 ff 21 52 41 11
> 
> _____________________________________________________________________
> This message has been checked for all known viruses by the MessageLabs Virus Control Centre.


-- 
Manik Surtani
Conchango
'Innovative Change in Business'

T 44 (0) 1784 221829
M 44 (0) 7786 702 706
E manik.surtani at conchango.com

http://www.conchango.com

The information contained in this message is confidential and is
intended for the addressee only. If you have received this message in
error, please notify us as soon as possible. The unauthorised use,
disclosure, copying or alteration of this message is forbidden.


_____________________________________________________________________
This message has been checked for all known viruses by the MessageLabs Virus Control Centre.



More information about the openssh-unix-dev mailing list