X-Git-Url: https://git.zerfleddert.de/cgi-bin/gitweb.cgi/proxmark3-svn/blobdiff_plain/189b81774036217d93272ff7e89b4c60ce7b4ef7..8f831ceb0b38ed2d736584b40261cb6ca565d021:/client/fido/fidocore.c?ds=sidebyside

diff --git a/client/fido/fidocore.c b/client/fido/fidocore.c
index 6e021ea6..6af7671a 100644
--- a/client/fido/fidocore.c
+++ b/client/fido/fidocore.c
@@ -279,7 +279,7 @@ int FIDOCheckDERAndGetKey(uint8_t *der, size_t derLen, bool verbose, uint8_t *pu
 	}
 	
 	// get public key
-	res = ecdsa_public_key_from_pk(&cert.pk, publicKey, publicKeyMaxLen);
+	res = ecdsa_public_key_from_pk(&cert.pk, MBEDTLS_ECP_DP_SECP256R1, publicKey, publicKeyMaxLen);
 	if (res) {
 		PrintAndLog("ERROR: getting public key from certificate 0x%x - %s", (res<0)?-res:res, ecdsa_get_error(res));
 	} else {
@@ -396,9 +396,9 @@ int FIDO2CheckSignature(json_t *root, uint8_t *publickey, uint8_t *sign, size_t
 			clientDataHash, 32,     // Hash of the serialized client data. "$.ClientDataHash" from json
 			NULL, 0);
 		//PrintAndLog("--xbuf(%d)[%d]: %s", res, xbuflen, sprint_hex(xbuf, xbuflen));
-		res = ecdsa_signature_verify(publickey, xbuf, xbuflen, sign, signLen);
+		res = ecdsa_signature_verify(MBEDTLS_ECP_DP_SECP256R1, publickey, xbuf, xbuflen, sign, signLen, true);
 		if (res) {
-			if (res == -0x4e00) {
+			if (res == MBEDTLS_ERR_ECP_VERIFY_FAILED) {
 				PrintAndLog("Signature is NOT VALID.");
 			} else {
 				PrintAndLog("Other signature check error: %x %s", (res<0)?-res:res, ecdsa_get_error(res));