On Wed, Feb 22, 2006 at 03:34:05AM -0700, <Kyle Hamilton>: ~> > Ok, but I need to know its upper bound limit in order to reject bad headers ~> > where the skey_len is > of the maximum allowed value. ~> > What is it for a key of 1024 bits? ~> > 700 bytes are sufficient? ~> ~> My "best-practice" suggestion is to not constrain it, and try to ~> handle it regardless, no matter what the size is said to be. I know ~> people paranoid enough to use 4096-bit keys. ~> (1981: "640k should be enough for anybody." -Bill Gates) Why ~> constrain your users to arbitrary limits?
I'm not constraining users. The number of bits of the privkey are defined in a protocol, therefore the packets must be maximum of a pre-defined length. This is why I need to know the maximum size of a packed privkey of 1024 bits (especially when the packets have to be unpacked and read). The same holds for the pubkey. ~> > Does the pkey_len change too? ~> > With a key of 1024 I've only got pkey of 140 bytes (packed). ~> ~> 1024 bits / 8 bits per byte = 128 bytes. Add a bit more for overhead, ~> and 140 is a reasonable number. So, the 1024 bits public key packed with i2d_RSAPublicKey is always 140 bytes. ^_^ -- :wq! "I don't know nothing" The One Who reached the Thinking Matter '.' [ Alpt --- Freaknet Medialab ] [ GPG Key ID 441CF0EE ] [ Key fingerprint = 8B02 26E8 831A 7BB9 81A9 5277 BFF8 037E 441C F0EE ] ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
