From b93151db1fac62d5e693414d692c905b23df06fd Mon Sep 17 00:00:00 2001 From: Mike Gerow Date: Fri, 4 Nov 2022 14:57:37 -0700 Subject: [PATCH] Preserve error logic in getPrimaryKeyHandle (#296) In `wrappedTPM20.getPrimaryKeyHandle()`, preserve any error from the short-circuit `tpm2.ReadPublic()` logic, so that we can return it alongside any failure in `tpm2.CreatePrimary()` Co-authored-by: Justin King-Lacroix --- attest/wrapped_tpm20.go | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/attest/wrapped_tpm20.go b/attest/wrapped_tpm20.go index 5010f2f..11a9a3d 100644 --- a/attest/wrapped_tpm20.go +++ b/attest/wrapped_tpm20.go @@ -89,6 +89,7 @@ func (t *wrappedTPM20) getPrimaryKeyHandle(pHnd tpmutil.Handle) (tpmutil.Handle, // Found the persistent handle, assume it's the key we want. return pHnd, false, nil } + rerr := err // Preserve this failure for later logging, if needed var keyHnd tpmutil.Handle switch pHnd { @@ -102,7 +103,7 @@ func (t *wrappedTPM20) getPrimaryKeyHandle(pHnd tpmutil.Handle) (tpmutil.Handle, keyHnd, _, err = tpm2.CreatePrimary(t.rwc, tpm2.HandleEndorsement, tpm2.PCRSelection{}, "", "", tmpl) } if err != nil { - return 0, false, fmt.Errorf("CreatePrimary failed: %v", err) + return 0, false, fmt.Errorf("ReadPublic failed (%v), and then CreatePrimary failed: %v", rerr, err) } defer tpm2.FlushContext(t.rwc, keyHnd)