diff --git a/src/hsm/kek.c b/src/hsm/kek.c
index 2b0e7c0..2c1f260 100644
--- a/src/hsm/kek.c
+++ b/src/hsm/kek.c
@@ -589,8 +589,16 @@ int dkek_decode_key(uint8_t id, void *key_ctx, const uint8_t *in, size_t in_len,
             mbedtls_ecdsa_free(ecdsa);
             return CCID_EXEC_ERROR;
         }
+        ofs += len;
 
-        r = mbedtls_ecp_mul(&ecdsa->grp, &ecdsa->Q, &ecdsa->d, &ecdsa->grp.G, random_gen, NULL);
+        //Q
+        len = get_uint16_t(kb, ofs); ofs += 2;
+        r = mbedtls_ecp_point_read_binary(&ecdsa->grp, &ecdsa->Q, kb + ofs, len);
+        if (r != 0) {
+            mbedtls_ecdsa_free(ecdsa);
+            return CCID_EXEC_ERROR;
+        }
+        r = mbedtls_ecp_check_pub_priv(ecdsa, ecdsa, random_gen, NULL);
         if (r != 0) {
             mbedtls_ecdsa_free(ecdsa);
             return CCID_EXEC_ERROR;