Fix EcdsaVerify.CheckECDsa when cert is OpenSSL

Certificate OID friendly name is not cross-platform. The certificate on Windows is of type ECDsaCng while on Ubuntu it is of type ECDsaOpenSsl. This causes the friendly names to differ, where it's `nistP256` with ECDsaCng and `ECDSA_P256` with ECDsaOpenSsl. The OID value is the same with both. Signed-off-by: Alan Chung Ma <[email protected]>
Yubico · Apr 18, 2024 · 752ed65 · 752ed65
1 parent 3363144
commit 752ed65
Showing 1 changed file with 3 additions and 3 deletions.
diff --git a/Yubico.YubiKey/src/Yubico/YubiKey/Cryptography/EcdsaVerify.cs b/Yubico.YubiKey/src/Yubico/YubiKey/Cryptography/EcdsaVerify.cs
@@ -405,10 +405,10 @@ private static ECDsa CheckECDsa(ECDsa toCheck)
         {
             ECParameters eccParams = toCheck.ExportParameters(false);
 
-            int coordinateLength = eccParams.Curve.Oid.FriendlyName switch
+            int coordinateLength = eccParams.Curve.Oid.Value. switch
             {
-                NameP256 => (P256EncodedPointLength - 1) / 2,
-                NameP384 => (P384EncodedPointLength - 1) / 2,
+                OidP256 => (P256EncodedPointLength - 1) / 2,
+                OidP384 => (P384EncodedPointLength - 1) / 2,
                 _ => -1,
             };