Preserve error logic in getPrimaryKeyHandle (#296)

In `wrappedTPM20.getPrimaryKeyHandle()`, preserve any error from the short-circuit `tpm2.ReadPublic()` logic, so that we can return it alongside any failure in `tpm2.CreatePrimary()` Co-authored-by: Justin King-Lacroix <justinkl@google.com>
google · Nov 4, 2022 · b93151d · b93151d
1 parent 0dc056a
commit b93151d
Showing 1 changed file with 2 additions and 1 deletion.
diff --git a/attest/wrapped_tpm20.go b/attest/wrapped_tpm20.go
@@ -89,6 +89,7 @@ func (t *wrappedTPM20) getPrimaryKeyHandle(pHnd tpmutil.Handle) (tpmutil.Handle,
 		// Found the persistent handle, assume it's the key we want.
 		return pHnd, false, nil
 	}
+	rerr := err // Preserve this failure for later logging, if needed
 
 	var keyHnd tpmutil.Handle
 	switch pHnd {
@@ -102,7 +103,7 @@ func (t *wrappedTPM20) getPrimaryKeyHandle(pHnd tpmutil.Handle) (tpmutil.Handle,
 		keyHnd, _, err = tpm2.CreatePrimary(t.rwc, tpm2.HandleEndorsement, tpm2.PCRSelection{}, "", "", tmpl)
 	}
 	if err != nil {
-		return 0, false, fmt.Errorf("CreatePrimary failed: %v", err)
+		return 0, false, fmt.Errorf("ReadPublic failed (%v), and then CreatePrimary failed: %v", rerr, err)
 	}
 	defer tpm2.FlushContext(t.rwc, keyHnd)