Hi, I am most likely missing something here since OWE appears to work reliably between wpa_supplicant and hostapd, but I am confused in how either sides compute the full public key using only the X coordinate sent in the associate frame. It is my understanding that compressed coordinates also require the Y sign bit in order to uncompress into a full X/Y coordinates (the full public key). In both wpa_s/hostapd only the X coordinate is sent, and not including the Y sign bit. I see that openSSL is used to uncompress the point to regain the full public key, but when this is done "y_bit" is hard coded to zero. See: hostapd/src/crypto/crypto_openssl.c:crypto_ecdh_set_peerkey I am by no means an ECC expert, but from what I have researched I don't see how you can reliably choose the correct Y coordinate without knowing the original Y sign bit. Hard coding this to zero *shouldn't* work (yet it appears to). Again, I must be missing something here otherwise OWE would only work ~50% of the time. Could someone clarify how this works? Thanks, James _______________________________________________ Hostap mailing list Hostap@xxxxxxxxxxxxxxxxxxx http://lists.infradead.org/mailman/listinfo/hostap
