On 4/1/05 1:57 AM, "Nils Larsch" <[EMAIL PROTECTED]> wrote:
> the dh public key is the result of g**k mod p (k is the private key) > operation and hence may have less than BN_num_bytes(p) bytes (approx. > every 256 key should have <= 127 bytes). I didn't realize that. Thanks for the explanation. Is it safe to BN_clear_free() and NULL out the pub_key and priv_key fields of the DH structure and call DH_generate_key again until it generates a 128-byte key? ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]