diff --git a/library/ssl_tls12_client.c b/library/ssl_tls12_client.c
index b882d47a5c..2129da122d 100644
--- a/library/ssl_tls12_client.c
+++ b/library/ssl_tls12_client.c
@@ -2083,7 +2083,6 @@ start_processing:
 #if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT)
         if (pk_alg == MBEDTLS_PK_RSASSA_PSS) {
             ret = mbedtls_pk_verify_new(pk_alg, peer_pk,
-                                        peer_pk,
                                         md_alg, hash, hashlen,
                                         p, sig_len);
         } else
diff --git a/library/ssl_tls13_generic.c b/library/ssl_tls13_generic.c
index 372bf84608..15731ca150 100644
--- a/library/ssl_tls13_generic.c
+++ b/library/ssl_tls13_generic.c
@@ -963,7 +963,7 @@ static int ssl_tls13_write_certificate_verify_body(mbedtls_ssl_context *ssl,
 
         MBEDTLS_SSL_DEBUG_BUF(3, "verify hash", verify_hash, verify_hash_len);
 
-        if ((ret = mbedtls_pk_sign_ext(pk_type, own_key,
+        if ((ret = mbedtls_pk_sign_ext((mbedtls_pk_sigalg_t) pk_type, own_key,
                                        md_alg, verify_hash, verify_hash_len,
                                        p + 4, (size_t) (end - (p + 4)), &signature_len)) != 0) {
             MBEDTLS_SSL_DEBUG_MSG(2, ("CertificateVerify signature failed with %s",