Fix SSH X25519 shared secret encoding for exchange hash

CRITICAL BUG FIX (RFC 8731 Section 3.1):
- X25519 output is little-endian
- SSH exchange hash requires big-endian encoding
- Reverse shared_secret bytes before mpint encoding
- Fix exchange hash computation in kex_exchange.rs
- Fix key derivation in crypto.rs
- Fix KEXINIT cookie to use random bytes

This resolves the fundamental encoding mismatch that caused
'Corrupted MAC on input' errors.

Next: verify signature verification after exchange hash fix.

markbase-core/src/ssh_server/kex.rs

@@ -97,8 +97,9 @@ impl KexProposal {
         payload.write_u8(PacketType::SSH_MSG_KEXINIT as u8)?;
         
         // Cookie（16字节随机数，OpenSSH要求）
-        // 简化：使用固定值（实际应随机生成）
-        let cookie = [0u8; 16];
+        let mut cookie = [0u8; 16];
+        use rand::Rng;
+        rand::thread_rng().fill(&mut cookie);
         payload.write_all(&cookie)?;
         
         // 10个算法列表（SSH string格式：length + data）