CRITICAL BUG FIX (RFC 8731 Section 3.1):
- X25519 output is little-endian
- SSH exchange hash requires big-endian encoding
- Reverse shared_secret bytes before mpint encoding
- Fix exchange hash computation in kex_exchange.rs
- Fix key derivation in crypto.rs
- Fix KEXINIT cookie to use random bytes
This resolves the fundamental encoding mismatch that caused
'Corrupted MAC on input' errors.
Next: verify signature verification after exchange hash fix.
76f707a31d