esys: remove trailing zeros in auth value.

JuergenReppSIT · JuergenReppSIT · commit 9ef067dc70a4 · 2023-07-18T21:47:35.000+02:00
Esys_TR_SetAuth doesn't remove trailing zeros, but when the TPM calculates an HMAC, the trailing zeros are removed. Fixes: tpm2-software#2664 Signed-off-by: Juergen Repp <juergen_repp@web.de>
diff --git a/src/tss2-esys/esys_tr.c b/src/tss2-esys/esys_tr.c
@@ -481,6 +481,12 @@ Esys_TR_SetAuth(ESYS_CONTEXT * esys_context, ESYS_TR esys_handle,
             name_alg = esys_object->rsrc.misc.rsrc_nv_pub.nvPublic.nameAlg;
         }
         esys_object->auth = *authValue;
+
+        /* Remove trailing zeroes */
+        while (esys_object->auth.size > 0 &&
+               esys_object->auth.buffer[esys_object->auth.size - 1] == 0) {
+            esys_object->auth.size -= 1;
+        }
         /* Adapt auth value to hash for large auth values. */
         if (name_alg != TPM2_ALG_NULL) {
             r = iesys_hash_long_auth_values(&esys_context->crypto_backend,
