Skip to content

Commit

Permalink
FAPI: Fix Fapi_ChangeAuth for keys.
Browse files Browse the repository at this point in the history
The keystore has to be updated after Fapi_ChangeAuth for key
objects because the private field is changed.
If not an HMAC error is produced when this key is used.
Fixes: #2890

Signed-off-by: Juergen Repp <[email protected]>
  • Loading branch information
JuergenReppSIT authored and AndreasFuchsTPM committed Aug 22, 2024
1 parent c641c77 commit f5ee2b6
Showing 1 changed file with 0 additions and 8 deletions.
8 changes: 0 additions & 8 deletions src/tss2-fapi/api/Fapi_ChangeAuth.c
Original file line number Diff line number Diff line change
Expand Up @@ -420,16 +420,8 @@ Fapi_ChangeAuth_Finish(
object = command->key_object;

if (strlen(command->authValue) > 0) {
if (object->misc.key.with_auth == TPM2_YES) {
context->state = ENTITY_CHANGE_AUTH_CLEANUP;
return TSS2_FAPI_RC_TRY_AGAIN;
}
object->misc.key.with_auth = TPM2_YES;
} else {
if (object->misc.key.with_auth == TPM2_NO) {
context->state = ENTITY_CHANGE_AUTH_CLEANUP;
return TSS2_FAPI_RC_TRY_AGAIN;
}
object->misc.key.with_auth = TPM2_NO;
}
fallthrough;
Expand Down

0 comments on commit f5ee2b6

Please sign in to comment.