Merge branch 'tpm-issue' into 'master'

TPM2: Fix primary key generation in decrypting

See merge request GNOME/libsecret!91

egg/egg-tpm2.c

@@ -130,15 +130,10 @@ static GBytes *
 egg_tpm2_generate_random_data(EggTpm2Context *context,
 		               GError **error)
 {
-	gboolean status = FALSE;
 	TSS2_RC ret;
 	TPM2B_DIGEST *random_data;
 	GBytes *bytes;
 
-	status = egg_tpm2_generate_primary_key(context, error);
-	if (!status)
-		return NULL;
-
 	ret = Esys_GetRandom(context->esys_context, ESYS_TR_NONE,
 			     ESYS_TR_NONE, ESYS_TR_NONE, MAX_BYTE_SIZE,
 			     &random_data);
@@ -164,6 +159,7 @@ egg_tpm2_initialize(GError **error)
 	EggTpm2Context *context;
 	gsize n_context;
 	const gchar *tcti_conf;
+	gboolean status;
 
 	n_context = 1;
 	context = g_new(EggTpm2Context, n_context);
@@ -201,6 +197,12 @@ egg_tpm2_initialize(GError **error)
 		return NULL;
 	}
 
+	status = egg_tpm2_generate_primary_key(context, error);
+	if (!status) {
+		egg_tpm2_finalize(context);
+		return NULL;
+	}
+
 	return context;
 }
 
@@ -286,8 +288,6 @@ egg_tpm2_generate_master_password(EggTpm2Context *context,
 	}
 
 	data = g_bytes_get_data(input, &size);
-	g_bytes_unref(input);
-
 	if (size > sizeof(in_sensitive.sensitive.data.buffer)) {
 		g_set_error_literal(error,
 				    G_IO_ERROR,
@@ -298,6 +298,7 @@ egg_tpm2_generate_master_password(EggTpm2Context *context,
 
 	memcpy(in_sensitive.sensitive.data.buffer, data, size);
 	in_sensitive.sensitive.data.size = size;
+	g_bytes_unref(input);
 
 	ret = Esys_Create(context->esys_context, context->primary_key,
 			  ESYS_TR_PASSWORD, ESYS_TR_NONE, ESYS_TR_NONE,

egg/test-tpm2.c

@@ -50,6 +50,9 @@ test_egg_tpm2_decrypt_master_password(void)
 	g_assert_nonnull(context);
 	result = egg_tpm2_generate_master_password(context, &error);
 	g_assert_nonnull(result);
+	egg_tpm2_finalize(context);
+
+	context = egg_tpm2_initialize(&error);
 	decrypted1 = egg_tpm2_decrypt_master_password(context, result,
 						      &error);
 	g_assert_nonnull(decrypted1);