ExternalVendorCode/go-attestation
1
0
Fork 0
mirror of https://github.com/google/go-attestation.git synced 2025-01-27 14:19:20 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Preserve error logic in getPrimaryKeyHandle (#296)

Browse Source 
In `wrappedTPM20.getPrimaryKeyHandle()`, preserve any error from the
short-circuit `tpm2.ReadPublic()` logic, so that we can return it
alongside any failure in `tpm2.CreatePrimary()`

Co-authored-by: Justin King-Lacroix <justinkl@google.com>
This commit is contained in:
Mike Gerow 2022-11-04 14:57:37 -07:00 committed by GitHub
parent 0dc056af7d
commit b93151db1f
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
attest/wrapped_tpm20.go
View File

@ -89,6 +89,7 @@ func (t *wrappedTPM20) getPrimaryKeyHandle(pHnd tpmutil.Handle) (tpmutil.Handle,
// Found the persistent handle, assume it's the key we want.
return pHnd, false, nil
}
rerr := err // Preserve this failure for later logging, if needed
var keyHnd tpmutil.Handle
switch pHnd {
@ -102,7 +103,7 @@ func (t *wrappedTPM20) getPrimaryKeyHandle(pHnd tpmutil.Handle) (tpmutil.Handle,
keyHnd, _, err = tpm2.CreatePrimary(t.rwc, tpm2.HandleEndorsement, tpm2.PCRSelection{}, "", "", tmpl)
}
if err != nil {
return 0, false, fmt.Errorf("CreatePrimary failed: %v", err)
return 0, false, fmt.Errorf("ReadPublic failed (%v), and then CreatePrimary failed: %v", rerr, err)
}
defer tpm2.FlushContext(t.rwc, keyHnd)