On 4/21/05 6:17 AM, "Christian Beaulieu" <[EMAIL PROTECTED]> wrote:
> Išve need getting a strange out of my application when generating > Diffie-Hellman keys. I am using OAKLEY primes for key generation and the > strange thing is that sometimes my key length ends up one byte short of the > expected length. I am just wondering if this is expected behaviour or not. I ran into this recently as well and it's expected. If the resulting key has zero(s) in the most significant digits (1/256 probability of getting a zero) since it will reduce to only use the number of bytes needed. For example, if you had the key 0x00112233, it would result in a 3-byte key rather than 4 bytes because the most significant zero byte can be dropped. Here's how Nils Larsch answered my original question about this: > the dh public key is the result of g**k mod p (k is the private key) > operation and hence may have less than BN_num_bytes(p) bytes (approx. > every 256 key should have <= 127 bytes). ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
