On Tue Jul 16, 2024 at 2:53 PM EEST, Jarkko Sakkinen wrote: > > - u8 name[AUTH_MAX_NAMES][2 + SHA512_DIGEST_SIZE]; > > + u8 name[AUTH_MAX_NAMES][2 + HASH_MAX_DIGESTSIZE]; Ouch, we definitely do not want 2-dimensional arrays. I missed this in the hmac review. Why this is based on count (AUTH_MAX_NAMES) rather than space? Is that value from the specs? You could just as well replace name and name_h with a single tpm_buf instance in "sized" mode and return -E2BIG from the functions that use it. Right, those don't return anything but void, which should be also fixed. BR, Jarkko