I understand that this is a potentially breaking change but I don't see
this change (uncompressed -> compressed) noted anywhere. If this would
be a breaking change then the OpenSSL 3 implementation would clash with
existing OpenSSL <3 deployments. Does the DPP work you mention only
target the OpenSSL 3 implementation? Do you know of protocols that
explicitly mandate one format or the other?
On 02/02/2025 19:50, Jouni Malinen wrote:
On Thu, Apr 04, 2024 at 08:16:13PM +0200, Juliusz Sosinowicz wrote:
OpenSSL <3.0 uses ECC keys in the uncompressed format. We should keep it that way for compatibility. The wolfSSL backend also uses the uncompressed format.
I don't really want to change behavior with OpenSSL for this without
significant amount of additional testing (which I'm unlikely to find
time for any time soon) since this area has been quite a mess in the
past especially with the DPP requirements of various constructions there
using either compressed or uncompressed format. In practice, if this
were ever to be done as a generic change, there would need to be
explicit format conversion routines in all places where a protocol
definition mandates a specific format to be used. Testing this would
likely need explicit checks of the correct format being used as well
since otherwise it would be way too easy to break something subtle that
might seem to work with some crypto libraries but would not be compliant
with the protocol definition.
_______________________________________________
Hostap mailing list
Hostap@xxxxxxxxxxxxxxxxxxx
http://lists.infradead.org/mailman/listinfo/hostap
