Ureader.com  
Microsoft software help and Community
   home   |   control panel login   |   archive   |  
 
platform
active.directory
adsi
adsi.iis-admin
base
com_ole
complus_mts
component_svcs
database
directx
gdi
graphics_mm
internet.client
internet.server
internet.server.isapi-dev
localization
mapi
messaging
msi
mslayerforunicode
multimedia
networking
networking.ipv6
sdk_install
security
shell
telephony.tapi_2
telephony.tapi_3
telephony.tsp
telephony.wte
tools
ui
ui_shell
win_base_svcs
win16
  
 
date: Sat, 16 Aug 2008 07:40:00 -0700,    group: microsoft.public.platformsdk.security        back       


SSH key exchange    
I am trying to implement SSH transport layer using crypto API and i have an 
issue. Specifically my problem is that when i pass the server, my DH public 
key i.e client computed 'e' the server disconnects the connection. The 
SSH_MSG_KEXDH_INIT message containing the public key which the MS DH provider 
gives me is this

char peer0_2[] = {
0x00, 0x00, 0x00, 0x8c, 0x0a, 0x1e, 0xb1, 0x69, 
0xeb, 0x6d, 0xc8, 0xe9, 0xd2, 0xd1, 0xc7, 0x5f, 
0xab, 0x6d, 0x44, 0x40, 0x94, 0x56, 0x51, 0xdf, 
0xce, 0x9c, 0xac, 0x02, 0x01, 0x0b, 0x48, 0xdb, 
0xb0, 0xda, 0xd0, 0xdf, 0x43, 0xec, 0x34, 0x67, 
0xca, 0xdd, 0x65, 0xfd, 0xb6, 0x08, 0x3c, 0xb1, 
0x6f, 0xd6, 0x41, 0xba, 0x85, 0x21, 0xe5, 0xe0, 
0xb9, 0xe2, 0x1b, 0xf9, 0x76, 0x5e, 0x26, 0xb1, 
0xfb, 0x9d, 0x58, 0xef, 0x76, 0xa2, 0x77, 0x20, 
0xff, 0x4d, 0x45, 0x71, 0x03, 0xff, 0xf8, 0x84, 
0xa1, 0xb5, 0xc3, 0x6b, 0xca, 0xdf, 0x81, 0x98, 
0xb7, 0xa6, 0xd7, 0xc7, 0x8c, 0x85, 0xec, 0xfc, 
0x63, 0x7c, 0xbe, 0x39, 0x0f, 0x1c, 0xc7, 0x8a, 
0x73, 0xcc, 0x7f, 0x4d, 0x80, 0xb2, 0x1b, 0x87, 
0x33, 0x60, 0x8a, 0x7b, 0xd0, 0x60, 0x89, 0x90, 
0x9c, 0x93, 0x73, 0xdb, 0x13, 0x79, 0xe9, 0x67, 
0x30, 0x8d, 0xd7, 0xcb, 0xe9, 0x85, 0x8f, 0xf0, 
0x19, 0xec, 0xef, 0x19, 0x18, 0xfd, 0x1d, 0xf8 };

And the server responds back with "unexpected end of packet". I see that 
with some other ssh client programs the SSH_MSG_KEXDH_INIT is very small and 
"always" looks like this:

00 00 00 0c   06     1e      00 00  08 00            1e 42 53 7b 43 76

any ideas/pointers as to where i am going wrong ?
date: Sat, 16 Aug 2008 07:40:00 -0700   author:   Neelabh Mam

RE: SSH key exchange    
small correction. MS DH provider does not give me the SSH_MSG_KEXDH_INIT 
message, I extract the 'y' of the key and then construct the 
SSH_MSG_KEXDH_INIT  roughly like this:

CryptExportKey(hKeyClient,NULL,PUBLICKEYBLOB,0,NULL,&lenClientkeyBlob);
pClientPubKeyBlob = (PBYTE)calloc(lenClientkeyBlob,1);

CryptExportKey(hKeyClient,NULL,PUBLICKEYBLOB,0,pClientPubKeyBlob,&lenClientkeyBlob))

eClient = (PBYTE)calloc(1024,1);
eLen    = lenClientkeyBlob - (sizeof(PUBLICKEYSTRUC)+sizeof(DHPUBKEY));
memmove(eClient,pClientPubKeyBlob+sizeof(PUBLICKEYSTRUC)+sizeof(DHPUBKEY),eLen);


"Neelabh Mam" wrote:

> I am trying to implement SSH transport layer using crypto API and i have an 
> issue. Specifically my problem is that when i pass the server, my DH public 
> key i.e client computed 'e' the server disconnects the connection. The 
> SSH_MSG_KEXDH_INIT message containing the public key which the MS DH provider 
> gives me is this
> 
> char peer0_2[] = {
> 0x00, 0x00, 0x00, 0x8c, 0x0a, 0x1e, 0xb1, 0x69, 
> 0xeb, 0x6d, 0xc8, 0xe9, 0xd2, 0xd1, 0xc7, 0x5f, 
> 0xab, 0x6d, 0x44, 0x40, 0x94, 0x56, 0x51, 0xdf, 
> 0xce, 0x9c, 0xac, 0x02, 0x01, 0x0b, 0x48, 0xdb, 
> 0xb0, 0xda, 0xd0, 0xdf, 0x43, 0xec, 0x34, 0x67, 
> 0xca, 0xdd, 0x65, 0xfd, 0xb6, 0x08, 0x3c, 0xb1, 
> 0x6f, 0xd6, 0x41, 0xba, 0x85, 0x21, 0xe5, 0xe0, 
> 0xb9, 0xe2, 0x1b, 0xf9, 0x76, 0x5e, 0x26, 0xb1, 
> 0xfb, 0x9d, 0x58, 0xef, 0x76, 0xa2, 0x77, 0x20, 
> 0xff, 0x4d, 0x45, 0x71, 0x03, 0xff, 0xf8, 0x84, 
> 0xa1, 0xb5, 0xc3, 0x6b, 0xca, 0xdf, 0x81, 0x98, 
> 0xb7, 0xa6, 0xd7, 0xc7, 0x8c, 0x85, 0xec, 0xfc, 
> 0x63, 0x7c, 0xbe, 0x39, 0x0f, 0x1c, 0xc7, 0x8a, 
> 0x73, 0xcc, 0x7f, 0x4d, 0x80, 0xb2, 0x1b, 0x87, 
> 0x33, 0x60, 0x8a, 0x7b, 0xd0, 0x60, 0x89, 0x90, 
> 0x9c, 0x93, 0x73, 0xdb, 0x13, 0x79, 0xe9, 0x67, 
> 0x30, 0x8d, 0xd7, 0xcb, 0xe9, 0x85, 0x8f, 0xf0, 
> 0x19, 0xec, 0xef, 0x19, 0x18, 0xfd, 0x1d, 0xf8 };
> 
> And the server responds back with "unexpected end of packet". I see that 
> with some other ssh client programs the SSH_MSG_KEXDH_INIT is very small and 
> "always" looks like this:
> 
> 00 00 00 0c   06     1e      00 00  08 00            1e 42 53 7b 43 76
> 
> any ideas/pointers as to where i am going wrong ?
> 
> 
>
date: Sat, 16 Aug 2008 07:59:02 -0700   author:   Neelabh Mam

RE: SSH key exchange    
Ok, as of now ssh servers have started accepting my MSCAPI 'e'. i found out 
that i missed to include some mandatory alogorithims in my KEXINIT message 
but more important was e not being sent in proper mpint format. thanks. 
observations on what might be in store, beyond keyexchange are welcome !

"Neelabh Mam" wrote:

> small correction. MS DH provider does not give me the SSH_MSG_KEXDH_INIT 
> message, I extract the 'y' of the key and then construct the 
> SSH_MSG_KEXDH_INIT  roughly like this:
> 
> CryptExportKey(hKeyClient,NULL,PUBLICKEYBLOB,0,NULL,&lenClientkeyBlob);
> pClientPubKeyBlob = (PBYTE)calloc(lenClientkeyBlob,1);
> 
> CryptExportKey(hKeyClient,NULL,PUBLICKEYBLOB,0,pClientPubKeyBlob,&lenClientkeyBlob))
> 
> eClient = (PBYTE)calloc(1024,1);
> eLen    = lenClientkeyBlob - (sizeof(PUBLICKEYSTRUC)+sizeof(DHPUBKEY));
> memmove(eClient,pClientPubKeyBlob+sizeof(PUBLICKEYSTRUC)+sizeof(DHPUBKEY),eLen);
> 
> 
> "Neelabh Mam" wrote:
> 
> > I am trying to implement SSH transport layer using crypto API and i have an 
> > issue. Specifically my problem is that when i pass the server, my DH public 
> > key i.e client computed 'e' the server disconnects the connection. The 
> > SSH_MSG_KEXDH_INIT message containing the public key which the MS DH provider 
> > gives me is this
> > 
> > char peer0_2[] = {
> > 0x00, 0x00, 0x00, 0x8c, 0x0a, 0x1e, 0xb1, 0x69, 
> > 0xeb, 0x6d, 0xc8, 0xe9, 0xd2, 0xd1, 0xc7, 0x5f, 
> > 0xab, 0x6d, 0x44, 0x40, 0x94, 0x56, 0x51, 0xdf, 
> > 0xce, 0x9c, 0xac, 0x02, 0x01, 0x0b, 0x48, 0xdb, 
> > 0xb0, 0xda, 0xd0, 0xdf, 0x43, 0xec, 0x34, 0x67, 
> > 0xca, 0xdd, 0x65, 0xfd, 0xb6, 0x08, 0x3c, 0xb1, 
> > 0x6f, 0xd6, 0x41, 0xba, 0x85, 0x21, 0xe5, 0xe0, 
> > 0xb9, 0xe2, 0x1b, 0xf9, 0x76, 0x5e, 0x26, 0xb1, 
> > 0xfb, 0x9d, 0x58, 0xef, 0x76, 0xa2, 0x77, 0x20, 
> > 0xff, 0x4d, 0x45, 0x71, 0x03, 0xff, 0xf8, 0x84, 
> > 0xa1, 0xb5, 0xc3, 0x6b, 0xca, 0xdf, 0x81, 0x98, 
> > 0xb7, 0xa6, 0xd7, 0xc7, 0x8c, 0x85, 0xec, 0xfc, 
> > 0x63, 0x7c, 0xbe, 0x39, 0x0f, 0x1c, 0xc7, 0x8a, 
> > 0x73, 0xcc, 0x7f, 0x4d, 0x80, 0xb2, 0x1b, 0x87, 
> > 0x33, 0x60, 0x8a, 0x7b, 0xd0, 0x60, 0x89, 0x90, 
> > 0x9c, 0x93, 0x73, 0xdb, 0x13, 0x79, 0xe9, 0x67, 
> > 0x30, 0x8d, 0xd7, 0xcb, 0xe9, 0x85, 0x8f, 0xf0, 
> > 0x19, 0xec, 0xef, 0x19, 0x18, 0xfd, 0x1d, 0xf8 };
> > 
> > And the server responds back with "unexpected end of packet". I see that 
> > with some other ssh client programs the SSH_MSG_KEXDH_INIT is very small and 
> > "always" looks like this:
> > 
> > 00 00 00 0c   06     1e      00 00  08 00            1e 42 53 7b 43 76
> > 
> > any ideas/pointers as to where i am going wrong ?
> > 
> > 
> >
date: Sun, 17 Aug 2008 03:56:01 -0700   author:   Neelabh Mam

Google
 
Web ureader.com


    COPYRIGHT 2007, YARDI TECHNOLOGY LIMITED, ALL RIGHT RESERVE  |   contact us