On Thu, Apr 04, 2024 at 08:16:13PM +0200, Juliusz Sosinowicz wrote: > OpenSSL <3.0 uses ECC keys in the uncompressed format. We should keep it that way for compatibility. The wolfSSL backend also uses the uncompressed format. I don't really want to change behavior with OpenSSL for this without significant amount of additional testing (which I'm unlikely to find time for any time soon) since this area has been quite a mess in the past especially with the DPP requirements of various constructions there using either compressed or uncompressed format. In practice, if this were ever to be done as a generic change, there would need to be explicit format conversion routines in all places where a protocol definition mandates a specific format to be used. Testing this would likely need explicit checks of the correct format being used as well since otherwise it would be way too easy to break something subtle that might seem to work with some crypto libraries but would not be compliant with the protocol definition. -- Jouni Malinen PGP id EFC895FA _______________________________________________ Hostap mailing list Hostap@xxxxxxxxxxxxxxxxxxx http://lists.infradead.org/mailman/listinfo/hostap
