From: Dan Streetman <ddstreet@ieee.org>
Date: Thu, 8 Jun 2023 18:06:46 +0000 (-0400)
Subject: tpm2: replace magic number in hmac_sensitive initialization
X-Git-Tag: v254-rc1~20^2~9
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=180444b8851a8654771361b1494b5db286d8724e;p=thirdparty%2Fsystemd.git

tpm2: replace magic number in hmac_sensitive initialization

Instead of setting hmac_sensitive.sensitive.data.size to '32' use the actual
hash size as set in the hmac_template.
---

diff --git a/src/shared/tpm2-util.c b/src/shared/tpm2-util.c
index aaaff81309a..fd645789f87 100644
--- a/src/shared/tpm2-util.c
+++ b/src/shared/tpm2-util.c
@@ -2973,7 +2973,7 @@ int tpm2_seal(const char *device,
 
         TPM2B_SENSITIVE_CREATE hmac_sensitive = {
                 .size = sizeof(hmac_sensitive.sensitive),
-                .sensitive.data.size = 32,
+                .sensitive.data.size = hmac_template.publicArea.unique.keyedHash.size,
         };
 
         CLEANUP_ERASE(hmac_sensitive);