From f5ee2b67e1c2cdaa2ab0fc25e1ed2f74a611f8e6 Mon Sep 17 00:00:00 2001
From: Juergen Repp <juergen_repp@web.de>
Date: Wed, 21 Aug 2024 18:56:02 +0200
Subject: [PATCH] FAPI: Fix Fapi_ChangeAuth for keys.

The keystore has to be updated after Fapi_ChangeAuth for key
objects because the private field is changed.
If not an HMAC error is produced when this key is used.
Fixes: #2890

Signed-off-by: Juergen Repp <juergen_repp@web.de>
---
 src/tss2-fapi/api/Fapi_ChangeAuth.c | 8 --------
 1 file changed, 8 deletions(-)

diff --git a/src/tss2-fapi/api/Fapi_ChangeAuth.c b/src/tss2-fapi/api/Fapi_ChangeAuth.c
index 479e1e544..89d33ad8b 100644
--- a/src/tss2-fapi/api/Fapi_ChangeAuth.c
+++ b/src/tss2-fapi/api/Fapi_ChangeAuth.c
@@ -420,16 +420,8 @@ Fapi_ChangeAuth_Finish(
             object = command->key_object;
 
             if (strlen(command->authValue) > 0) {
-                if (object->misc.key.with_auth == TPM2_YES) {
-                     context->state = ENTITY_CHANGE_AUTH_CLEANUP;
-                     return TSS2_FAPI_RC_TRY_AGAIN;
-                }
                 object->misc.key.with_auth = TPM2_YES;
             } else {
-                if (object->misc.key.with_auth == TPM2_NO) {
-                     context->state = ENTITY_CHANGE_AUTH_CLEANUP;
-                     return TSS2_FAPI_RC_TRY_AGAIN;
-                }
                 object->misc.key.with_auth = TPM2_NO;
             }
             fallthrough;