Use dynamic memory allocation where appropriate (FN_DHK_LEN is sort of
an assumption, for example).

Do sessions (with a uniqueid) need to be handled in the protocol
code?  In the client code?

Implement a full keygen (even though it probably won't ever be used).
