Subject: Re: SSH2 host key length and hash compute

Re: SSH2 host key length and hash compute

From: Kalpesh Parekh <kalpesh.ork2_at_gmail.com>
Date: Mon, 8 Jul 2013 08:49:11 -0700

See this link

http://tools.ietf.org/html/rfc4253#page-15

Per the link, DSA signature is encoded as follows:
string "ssh-dss"
string dss_signature_blob

RSA signature is encoded as follows:
string "ssh-rsa"
string rsa_signature_blob

On Mon, Jul 8, 2013 at 8:48 AM, Kalpesh Parekh <kalpesh.ork2_at_gmail.com>wrote:

> First, apologies for not replying inline to the emails.
>
> After your suggestions Alex, here is what I could determine.
>
> I printed out the hex code for the session key for both RSA and DSA types
> in my setup.
>
> Here are the first few bytes:
> (RSA) 00 00 00 07 73 73 68 2D 72 73 61 00 00 00 01 23 00 00 00 81
>
> (DSA) 00 00 00 07 73 73 68 2D 64 73 73 00 00 00 81
>
> As you mentioned, the first four bytes indicate, the length of the
> identifier (7 in this case)
> 73 73 68 2D 72 73 61=ssh-rsa
> 73 73 68 2D 64 73 73=ssh-dsa
>
> The next four bytes for RSA indicates some sort of value. In my case it is
> #. For DSA, it indicates (length of the key + 1) verified through
> ssh-keygen -l command.
> For RSA, the last four bytes printed above indicate (length of the key +
> 1).
>
>
>
>
> My next target is to decode the signature blobs. I feel like I am close
> and can close this if any one can help.
>
>
>
>
>
>
>
>
> On Thu, Jul 4, 2013 at 3:07 AM, Kalpesh Parekh <kalpesh.ork2_at_gmail.com>wrote:
>
>> Thanks Alex,
>>
>> So far it has been helpful.
>>
>> So based on the RFC, I understand that the host key received from the
>> server has following components
>> K_S || f || s
>>
>> I need to parse the K_S part for RSA key. How do I do that.
>>
>> Also, how can I implement a generic logic for getting the bit strength
>> from the host key.
>>
>>
>
>

_______________________________________________
libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel
Received on 2013-07-08