From ebb18f7885c918f056cae26b286dc6b42cf1191b Mon Sep 17 00:00:00 2001
From: Dhanuka Warusadura <csx@tuta.io>
Date: Thu, 12 Aug 2021 18:10:59 +0530
Subject: [PATCH] TPM2: Fix primary key generation in decrypting

These changes fix TPM2 primary key generation in decrypting
when there is no primary key is present.

Also, fixes a memory issue.
---
 egg/egg-tpm2.c  | 15 ++++++++-------
 egg/test-tpm2.c |  3 +++
 2 files changed, 11 insertions(+), 7 deletions(-)

diff --git a/egg/egg-tpm2.c b/egg/egg-tpm2.c
index 2812aea..5d36ca2 100644
--- a/egg/egg-tpm2.c
+++ b/egg/egg-tpm2.c
@@ -130,15 +130,10 @@ static GBytes *
 egg_tpm2_generate_random_data(EggTpm2Context *context,
 		               GError **error)
 {
-	gboolean status = FALSE;
 	TSS2_RC ret;
 	TPM2B_DIGEST *random_data;
 	GBytes *bytes;
 
-	status = egg_tpm2_generate_primary_key(context, error);
-	if (!status)
-		return NULL;
-
 	ret = Esys_GetRandom(context->esys_context, ESYS_TR_NONE,
 			     ESYS_TR_NONE, ESYS_TR_NONE, MAX_BYTE_SIZE,
 			     &random_data);
@@ -164,6 +159,7 @@ egg_tpm2_initialize(GError **error)
 	EggTpm2Context *context;
 	gsize n_context;
 	const gchar *tcti_conf;
+	gboolean status;
 
 	n_context = 1;
 	context = g_new(EggTpm2Context, n_context);
@@ -201,6 +197,12 @@ egg_tpm2_initialize(GError **error)
 		return NULL;
 	}
 
+	status = egg_tpm2_generate_primary_key(context, error);
+	if (!status) {
+		egg_tpm2_finalize(context);
+		return NULL;
+	}
+
 	return context;
 }
 
@@ -286,8 +288,6 @@ egg_tpm2_generate_master_password(EggTpm2Context *context,
 	}
 
 	data = g_bytes_get_data(input, &size);
-	g_bytes_unref(input);
-
 	if (size > sizeof(in_sensitive.sensitive.data.buffer)) {
 		g_set_error_literal(error,
 				    G_IO_ERROR,
@@ -298,6 +298,7 @@ egg_tpm2_generate_master_password(EggTpm2Context *context,
 
 	memcpy(in_sensitive.sensitive.data.buffer, data, size);
 	in_sensitive.sensitive.data.size = size;
+	g_bytes_unref(input);
 
 	ret = Esys_Create(context->esys_context, context->primary_key,
 			  ESYS_TR_PASSWORD, ESYS_TR_NONE, ESYS_TR_NONE,
diff --git a/egg/test-tpm2.c b/egg/test-tpm2.c
index 218c310..ac82a6b 100644
--- a/egg/test-tpm2.c
+++ b/egg/test-tpm2.c
@@ -50,6 +50,9 @@ test_egg_tpm2_decrypt_master_password(void)
 	g_assert_nonnull(context);
 	result = egg_tpm2_generate_master_password(context, &error);
 	g_assert_nonnull(result);
+	egg_tpm2_finalize(context);
+
+	context = egg_tpm2_initialize(&error);
 	decrypted1 = egg_tpm2_decrypt_master_password(context, result,
 						      &error);
 	g_assert_nonnull(decrypted1);