Re: DH keys exchanged - encoding?

To: Markus Friedl <markus%openbsd.org@localhost>
Subject: Re: DH keys exchanged - encoding?
From: Manik Surtani <manik.surtani%conchango.com@localhost>
Date: Thu, 04 Jul 2002 15:08:05 +0100

Its just that when I try and construct a PublicKey object using the JCElibraries, it expects the bytes in a X509 encoding.

When I do this manually (i.e., using the DH algos directly and NOT usingJCE), everything works well. But I'd prefer to use JCE and all thecrypto libraries provided, rather than to rewrite it all.

Perhaps what is needed then is for me to write an X509 encoder/decoderso that I could use JCE with this?




Markus Friedl wrote:

On Thu, Jul 04, 2002 at 02:55:04PM +0100, Manik Surtani wrote:

Hi,
Could anyone pls help by telling me how the DH pubkey from the server(f) is encoded when it is sent back to me? I understand that it comesacross as an mpint, but after I decode the mpint into the bytes thatmake up the number, what does this number represent? Is it a X509encoded key? Or is it something else?

how is this related to x.509? it's just a

	multiple precision integers in two's complement format

check draft-ietf-secsh-architecture-XX again:

   mpint

      Represents multiple precision integers in two's complement format,
      stored as a string, 8 bits per byte, MSB first.  Negative numbers
      have the value 1 as the most significant bit of the first byte of
      the data partition.  If the most significant bit would be set for
      a positive number, the number MUST be preceded by a zero byte.
      Unnecessary leading bytes with the value 0 or 255 MUST NOT be
      included.  The value zero MUST be stored as a string with zero
      bytes of data.

      By convention, a number that is used in modular computations in
      Z_n SHOULD be represented in the range 0 <= x < n.

       Examples:
       value (hex)        representation (hex)
       ---------------------------------------------------------------
       0                  00 00 00 00
       9a378f9b2e332a7    00 00 00 08 09 a3 78 f9 b2 e3 32 a7
       80                 00 00 00 02 00 80
       -1234              00 00 00 02 ed cc
       -deadbeef          00 00 00 05 ff 21 52 41 11

_____________________________________________________________________
This message has been checked for all known viruses by the MessageLabs Virus Control Centre.



--
Manik Surtani
Conchango
'Innovative Change in Business'

T 44 (0) 1784 221829
M 44 (0) 7786 702 706
E manik.surtani%conchango.com@localhost

http://www.conchango.com

The information contained in this message is confidential and is
intended for the addressee only. If you have received this message in
error, please notify us as soon as possible. The unauthorised use,
disclosure, copying or alteration of this message is forbidden.


_____________________________________________________________________
This message has been checked for all known viruses by the MessageLabs Virus Control Centre.

References:
- DH keys exchanged - encoding?
  - From: Manik Surtani
- Re: DH keys exchanged - encoding?
  - From: Markus Friedl

Prev by Date: Re: DH keys exchanged - encoding?
Next by Date: Clarification : Implicit server authentication
Previous by Thread: Re: DH keys exchanged - encoding?
Next by Thread: Clarification : Implicit server authentication
Indexes:

Home | Main Index | Thread Index | Old Index