The data type definitions of HMAC challenge request and response do not match the code

[Chounoki]

tpm-fw-attestation-reference-code/go/pkg/host/host.go

Lines 39 to 55 in f157e1b

	type SolveChallengeReq struct {
	// The restricted HMAC key public area (TPM2B_PUBLIC contents)
	Public util.HexBytes
	// The wrapped restricted HMAC key sensitive area (TPM2B_PRIVATE contents)
	Duplicate util.HexBytes
	// The seed for the import of the restricted HMAC key under the EK (TPM2B_ENCRYPTED_SECRET contents)
	InSymSeed util.HexBytes
	}
	type SolveChallengeRsp struct {
	// The attested AK public area (TPM2B_PUBLIC contents)
	AKPub util.HexBytes
	// The attestation structure for Certify (TPM2B_ATTEST contents)
	CertifyInfo util.HexBytes
	// The signature over the attestation structure (TPM2B_SIGNATURE contents)
	Signature util.HexBytes
	}

As shown above, the data types of the fields are defined as TPM2B_XXXXX. According to the TPM 2.0 standard part 2: structures, TPM2B_XXXXX data type should always have 2 bytes of header filled with the size of the actual data.

However, if you check the code, the data fields of the HMAC challenge request and the HMAC challenge response are actually populated without those 2 bytes header.

I think we should either fix the definition to clarify they are not the TPM2B_XXXXX data types since they do not contain the 2 bytes header, or alternatively we should fix the code to make sure each field is actually the wire format of TPM2B_XXXXX by appending the 2 bytes header.