ES256K1 is disabled by default for compatibility. It can be enabled via Pico Commissioner.

Fixes #109.

Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>

src/fido/cbor_get_info.c

@@ -102,6 +102,9 @@ int cbor_get_info() {
 #ifdef MBEDTLS_EDDSA_C
     curves++;
 #endif
+    if (phy_data.enabled_curves & PHY_CURVE_SECP256K1) {
+        curves++;
+    }
     CBOR_CHECK(cbor_encoder_create_array(&mapEncoder, &arrayEncoder, curves));
     CBOR_CHECK(COSE_public_key(FIDO2_ALG_ES256, &arrayEncoder, &mapEncoder2));
 #ifdef MBEDTLS_EDDSA_C
@@ -109,7 +112,9 @@ int cbor_get_info() {
 #endif
     CBOR_CHECK(COSE_public_key(FIDO2_ALG_ES384, &arrayEncoder, &mapEncoder2));
     CBOR_CHECK(COSE_public_key(FIDO2_ALG_ES512, &arrayEncoder, &mapEncoder2));
-    CBOR_CHECK(COSE_public_key(FIDO2_ALG_ES256K, &arrayEncoder, &mapEncoder2));
+    if (!phy_data.enabled_curves_present || (phy_data.enabled_curves & PHY_CURVE_SECP256K1)) {
+        CBOR_CHECK(COSE_public_key(FIDO2_ALG_ES256K, &arrayEncoder, &mapEncoder2));
+    }
 
     CBOR_CHECK(cbor_encoder_close_container(&mapEncoder, &arrayEncoder));
 

src/fido/cbor_make_credential.c

@@ -217,7 +217,7 @@ int cbor_make_credential(const uint8_t *data, size_t len) {
                 curve = FIDO2_CURVE_P521;
             }
         }
-        else if (pubKeyCredParams[i].alg == FIDO2_ALG_ES256K) {
+        else if (pubKeyCredParams[i].alg == FIDO2_ALG_ES256K && (phy_data.enabled_curves & PHY_CURVE_SECP256K1)) {
             if (curve <= 0) {
                 curve = FIDO2_CURVE_P256K1;
             }