+ /*
+ * To be acceptable to our createkey(), the private blob must
+ * contain a valid mpint, i.e. without the top bit set. But
+ * the input private string may have the top bit set, so we
+ * prefix a zero byte to ensure createkey() doesn't fail for
+ * that reason.
+ */
+ PUT_32BIT(q, privlen+1);
+ q[4] = 0;
+ memcpy(q+5, priv, privlen);