From 78c503be49057321ce33c4ac23a0346d7d7a1eca Mon Sep 17 00:00:00 2001 From: Denis Karch Date: Tue, 9 Apr 2019 09:02:03 -0700 Subject: [PATCH] Modify CreateKey Modify CreateKey to return all values from create instead of just the public and private blobs. --- tpm2/tpm2.go | 11 ++++------- tpm2/tpm2_test.go | 10 +++++----- 2 files changed, 9 insertions(+), 12 deletions(-) diff --git a/tpm2/tpm2.go b/tpm2/tpm2.go index dcee9eb1..30c95f03 100644 --- a/tpm2/tpm2.go +++ b/tpm2/tpm2.go @@ -504,13 +504,10 @@ func create(rw io.ReadWriter, parentHandle tpmutil.Handle, parentPassword, objec } // CreateKey creates a new key pair under the owner handle. -// Returns private key and public key blobs. -func CreateKey(rw io.ReadWriter, owner tpmutil.Handle, sel PCRSelection, parentPassword, ownerPassword string, pub Public) ([]byte, []byte, error) { - _, private, public, _, _, _, err := create(rw, owner, parentPassword, ownerPassword, nil /*inSensitive*/, pub, sel) - if err != nil { - return nil, nil, err - } - return private, public, nil +// Returns private key and public key blobs as well as the +// creation data, a hash of said data and the creation ticket. +func CreateKey(rw io.ReadWriter, owner tpmutil.Handle, sel PCRSelection, parentPassword, ownerPassword string, pub Public) (handle tpmutil.Handle, private, public, creationData, creationHash []byte, creationTicket Ticket, err error) { + return create(rw, owner, parentPassword, ownerPassword, nil /*inSensitive*/, pub, sel) } // Seal creates a data blob object that seals the sensitive data under a parent and with a diff --git a/tpm2/tpm2_test.go b/tpm2/tpm2_test.go index 18d1abbb..1b6d9c8d 100644 --- a/tpm2/tpm2_test.go +++ b/tpm2/tpm2_test.go @@ -169,7 +169,7 @@ func TestCombinedKeyTest(t *testing.T) { } defer FlushContext(rw, parentHandle) - privateBlob, publicBlob, err := CreateKey(rw, parentHandle, pcrSelection, defaultPassword, defaultPassword, defaultKeyParams) + _, privateBlob, publicBlob, _, _, _, err := CreateKey(rw, parentHandle, pcrSelection, defaultPassword, defaultPassword, defaultKeyParams) if err != nil { t.Fatalf("CreateKey failed: %s", err) } @@ -195,7 +195,7 @@ func TestCombinedEndorsementTest(t *testing.T) { } defer FlushContext(rw, parentHandle) - privateBlob, publicBlob, err := CreateKey(rw, parentHandle, pcrSelection, emptyPassword, defaultPassword, defaultKeyParams) + _, privateBlob, publicBlob, _, _, _, err := CreateKey(rw, parentHandle, pcrSelection, emptyPassword, defaultPassword, defaultKeyParams) if err != nil { t.Fatalf("CreateKey failed: %s", err) } @@ -303,7 +303,7 @@ func TestCombinedContextTest(t *testing.T) { defer FlushContext(rw, rootHandle) // CreateKey (Quote Key) - quotePrivate, quotePublic, err := CreateKey(rw, rootHandle, pcrSelection, emptyPassword, emptyPassword, defaultKeyParams) + _, quotePrivate, quotePublic, _, _, _, err := CreateKey(rw, rootHandle, pcrSelection, emptyPassword, emptyPassword, defaultKeyParams) if err != nil { t.Fatalf("CreateKey failed: %v", err) } @@ -337,7 +337,7 @@ func TestEvictControl(t *testing.T) { defer FlushContext(rw, rootHandle) // CreateKey (Quote Key) - quotePrivate, quotePublic, err := CreateKey(rw, rootHandle, pcrSelection, emptyPassword, emptyPassword, defaultKeyParams) + _, quotePrivate, quotePublic, _, _, _, err := CreateKey(rw, rootHandle, pcrSelection, emptyPassword, emptyPassword, defaultKeyParams) if err != nil { t.Fatalf("CreateKey failed: %v", err) } @@ -1227,7 +1227,7 @@ func TestEncryptDecrypt(t *testing.T) { t.Fatalf("CreatePrimary failed: %s", err) } defer FlushContext(rw, parentHandle) - privateBlob, publicBlob, err := CreateKey(rw, parentHandle, pcrSelection, defaultPassword, defaultPassword, Public{ + _, privateBlob, publicBlob, _, _, _, err := CreateKey(rw, parentHandle, pcrSelection, defaultPassword, defaultPassword, Public{ Type: AlgSymCipher, NameAlg: AlgSHA256, Attributes: FlagDecrypt | FlagSign | FlagUserWithAuth | FlagFixedParent | FlagFixedTPM | FlagSensitiveDataOrigin,