As part of the support for TPM 2.0, different values for the kNonceSize constant in Attestation have been assigned depending on whether the code is compiled with USE_TPM2 or not.
This affected the signing code for enterprise and simple challenges by making it so they would incorrectly use a 32 bytes nonce with TPM 2.0.
The size of the nonces used for signing challenges should not change depending on the version of the TPM and should always be 20 bytes. This is expected by DRM servers and other servers (e.g. DM server).
Comment 1 by bugdroid1@chromium.org
, Aug 23 2016