From fb0651eda1b0ea45679cbc31ec73467b2c47dded Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Dominik=20Sch=C3=BCrmann?= <dominik@schuermann.eu>
Date: Tue, 16 Mar 2021 15:12:22 +0100
Subject: [PATCH] fix algorithm id for ECDSA auth keys on security keys

---
 .../keychain/securitytoken/SecurityTokenUtils.java          | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/securitytoken/SecurityTokenUtils.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/securitytoken/SecurityTokenUtils.java
index 41051f634..2d249779b 100644
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/securitytoken/SecurityTokenUtils.java
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/securitytoken/SecurityTokenUtils.java
@@ -42,10 +42,10 @@ public class SecurityTokenUtils {
             byte[] oid = new ASN1ObjectIdentifier(secretKey.getCurveOid()).getEncoded();
             byte[] attrs = new byte[1 + (oid.length - 2) + 1];
 
-            if (slot.equals(KeyType.SIGN))
-                attrs[0] = ECKeyFormat.ECAlgorithmFormat.ECDSA_WITH_PUBKEY.getAlgorithmId();
-            else {
+            if (slot.equals(KeyType.ENCRYPT))
                 attrs[0] = ECKeyFormat.ECAlgorithmFormat.ECDH_WITH_PUBKEY.getAlgorithmId();
+            else { // SIGN and AUTH is ECDSA
+                attrs[0] = ECKeyFormat.ECAlgorithmFormat.ECDSA_WITH_PUBKEY.getAlgorithmId();
             }
 
             System.arraycopy(oid, 2, attrs, 1, (oid.length - 2));