From d950de0ae48a449165735c5c69a7451c7ca482b1 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=D0=BD=D0=B0=D0=B1?= <nabijaczleweli@nabijaczleweli.xyz>
Date: Sun, 4 Dec 2022 00:31:49 +0100
Subject: [PATCH] Actually copy in the CreatePrimary parameters to the right
 slots

This mimicks tpm2-tools; I don't think it matters any, since I'm pretty
sure these are just unused for our application, but
---
 src/fd.cpp   | 4 ----
 src/tpm2.cpp | 4 ++++
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/src/fd.cpp b/src/fd.cpp
index b6c04c5..8f3fe13 100644
--- a/src/fd.cpp
+++ b/src/fd.cpp
@@ -197,9 +197,7 @@ static int get_key_material_raw(const char * whom, bool again, bool newkey, uint
 	// Read the key material
 	size_t buflen{};
 	errno      = 0;
-printf("pretline buf=%s (%p); bl=%d\n", buf, (void *)buf, (int)buflen);
 	auto bytes = getline((char **)&buf, &buflen, stdin);
-printf("\ngetline returned: %d; errnp=%d; buf=%s (%p); bl=%d\n\n", (int)bytes, errno, buf, (void *)buf, (int)buflen);
 	switch(bytes) {
 		case -1:
 			if(errno != 0)
@@ -258,7 +256,6 @@ int read_new_passphrase(const char * whom, uint8_t *& buf, size_t & len_out, siz
 	TRY_MAIN(get_key_material_dispatch(whom, false, true, first_passphrase, first_passphrase_len));
 	quickscope_wrapper first_passphrase_deleter{[&] { free(first_passphrase); }};
 
-printf("fp=%s; fps=%zu\n", first_passphrase, first_passphrase_len);
 	if(first_passphrase_len != 0 && first_passphrase_len < MIN_PASSPHRASE_LEN)
 		return fprintf(stderr, "Passphrase too short (min %u)\n", MIN_PASSPHRASE_LEN), __LINE__;
 	if(first_passphrase_len > max_len)
@@ -272,7 +269,6 @@ printf("fp=%s; fps=%zu\n", first_passphrase, first_passphrase_len);
 	if(second_passphrase_len != first_passphrase_len || memcmp(first_passphrase, second_passphrase, first_passphrase_len))
 		return fprintf(stderr, "Provided keys do not match.\n"), __LINE__;
 
-printf("sp=%s; sps=%zu\n", second_passphrase, second_passphrase_len);
 	if(second_passphrase_len) {
 		buf               = second_passphrase;
 		second_passphrase = nullptr;
diff --git a/src/tpm2.cpp b/src/tpm2.cpp
index 35c34b6..132f864 100644
--- a/src/tpm2.cpp
+++ b/src/tpm2.cpp
@@ -335,6 +335,10 @@ int tpm2_seal(const char * dataset, ESYS_CONTEXT * tpm2_ctx, ESYS_TR tpm2_sessio
 		pub.publicArea.parameters.rsaDetail.scheme.scheme         = TPM2_ALG_NULL;
 		pub.publicArea.parameters.rsaDetail.keyBits               = 2048;
 		pub.publicArea.parameters.rsaDetail.exponent              = 0;
+		pub.publicArea.parameters.asymDetail.scheme.scheme        = TPM2_ALG_NULL;
+		pub.publicArea.parameters.symDetail.sym.algorithm         = TPM2_ALG_AES;
+		pub.publicArea.parameters.symDetail.sym.keyBits.sym       = 128;
+		pub.publicArea.parameters.symDetail.sym.mode.sym          = TPM2_ALG_CFB;
 		TRY_MAIN(try_or_passphrase("create primary encryption key", "TPM2 owner hierarchy", tpm2_ctx, TPM2_RC_BAD_AUTH, ESYS_TR_RH_OWNER, [&] {
 			return Esys_CreatePrimary(tpm2_ctx, ESYS_TR_RH_OWNER, tpm2_session, ESYS_TR_NONE, ESYS_TR_NONE, &primary_sens, &pub, &metadata, &pcrs, &primary_handle,
 			                          nullptr, nullptr, nullptr, nullptr);