Openssh KDF testing

RAVI PRATAP Singh singh.ravipratap88 at
Wed Apr 2 23:30:05 EST 2014

Hello Everyone,

I am writing code to test derive_keys functionality.

The function signature is:
static u_char *
derive_key(Kex *kex, int id, u_int need, u_char *hash, u_int hashlen,
    BIGNUM *shared_secret)

Now, the input which is provided to us is
K(share_secret) as an array of characters.
H(Hash) as an array of characters.
Session_id as an array of characters

Now, first I converted hash and session_id in binary form using hex2bin

For shared secret, the bignum structure is like

struct bignum_st
       BN_ULONG *d;    /* Pointer to an array of 'BN_BITS2' bit chunks. */
       int top;        /* Index of last used d +1. */
       /* The next are internal book keeping for bn_expand. */
       int dmax;       /* Size of the d array. */
       int neg;        /* one if the number is negative */
       int flags;

My doubt is how to fill the shared_secret structure ( which is of BIGNUM
type) elements  ? from the array of characters, K.

For H and session_id I converted them to bin. For K what should be done?

I need to pass these three values to the derive_key function which will
return below six outputs
Initial IV (client to server)  ......for id = 'A'
Initial IV (server to client)  ......for id = 'B'
Encryption key (client to server).....for id = 'C'
Encryption key (server to client) .....for id = 'D'
Integrity key (client to server) .....for id = 'E'
Integrity key (server to client) .....for id = 'F'

Please help me in understanding SSH key derivation.

Ravi Pratap

More information about the openssh-unix-dev mailing list