From 9b1dceb8da56d848f4c0c9c279187f67f7caf9ad Mon Sep 17 00:00:00 2001
From: Pol Henarejos <pol.henarejos@cttc.es>
Date: Mon, 7 Apr 2025 01:24:22 +0200
Subject: [PATCH] Use K1 curve for general authentication.

Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
---
 src/hsm/cmd_general_authenticate.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/src/hsm/cmd_general_authenticate.c b/src/hsm/cmd_general_authenticate.c
index b35ba21..f41fe4f 100644
--- a/src/hsm/cmd_general_authenticate.c
+++ b/src/hsm/cmd_general_authenticate.c
@@ -22,6 +22,7 @@
 #include "oid.h"
 #include "eac.h"
 #include "files.h"
+#include "otp.h"
 
 int cmd_general_authenticate() {
     if (P1(apdu) == 0x0 && P2(apdu) == 0x0) {
@@ -54,6 +55,9 @@ int cmd_general_authenticate() {
             mbedtls_ecdh_context ctx;
             mbedtls_ecdh_init(&ctx);
             mbedtls_ecp_group_id gid = MBEDTLS_ECP_DP_SECP256R1;
+            if (otp_key_2) {
+                gid = MBEDTLS_ECP_DP_SECP256K1;
+            }
             r = mbedtls_ecdh_setup(&ctx, gid);
             if (r != 0) {
                 mbedtls_ecp_keypair_free(&ectx);