Openssh KDF testing
RAVI PRATAP Singh
singh.ravipratap88 at gmail.com
Wed Apr 2 23:30:05 EST 2014
Hello Everyone,
I am writing code to test derive_keys functionality.
The function signature is:
static u_char *
derive_key(Kex *kex, int id, u_int need, u_char *hash, u_int hashlen,
BIGNUM *shared_secret)
Now, the input which is provided to us is
K(share_secret) as an array of characters.
H(Hash) as an array of characters.
Session_id as an array of characters
Now, first I converted hash and session_id in binary form using hex2bin
function.
For shared secret, the bignum structure is like
struct bignum_st
{
BN_ULONG *d; /* Pointer to an array of 'BN_BITS2' bit chunks. */
int top; /* Index of last used d +1. */
/* The next are internal book keeping for bn_expand. */
int dmax; /* Size of the d array. */
int neg; /* one if the number is negative */
int flags;
};
My doubt is how to fill the shared_secret structure ( which is of BIGNUM
type) elements ? from the array of characters, K.
For H and session_id I converted them to bin. For K what should be done?
I need to pass these three values to the derive_key function which will
return below six outputs
Initial IV (client to server) ......for id = 'A'
Initial IV (server to client) ......for id = 'B'
Encryption key (client to server).....for id = 'C'
Encryption key (server to client) .....for id = 'D'
Integrity key (client to server) .....for id = 'E'
Integrity key (server to client) .....for id = 'F'
Please help me in understanding SSH key derivation.
Thanks
Ravi Pratap
More information about the openssh-unix-dev
mailing list