in security/tpm/src/tpm.ts [271:324]
private _createPersistentPrimary(name: string, hierarchy: TPM_HANDLE, handle: TPM_HANDLE, template: TPMT_PUBLIC, callback: (err: Error, resultPublicKey?: TPMT_PUBLIC) => void): void {
const checkErrorAndContinue = (opName, next, errorOut) => {
return (err, resp) => {
const rc = err ? err.responseCode : TPM_RC.SUCCESS;
debug(opName + '(' + name + ') returned ' + TPM_RC[rc]);
if (rc === TPM_RC.SUCCESS) {
next(resp);
} else {
errorOut(err);
}
};
};
this._tpm.allowErrors().ReadPublic(
handle,
checkErrorAndContinue(
'ReadPublic',
(resp: tss.ReadPublicResponse) => { // SUCCESS: an EK already exists.
debug('ReadPublic(' + name + ') returned ' + TPM_RC[TPM_RC.SUCCESS] + '; PUB: ' + resp.outPublic.toString());
callback(null, resp.outPublic);
},
() => { // Recoverable error: just create a new EK.
/*Codes_SRS_NODE_TPM_SECURITY_CLIENT_06_017: [If the endorsement key does NOT exist, a new key will be created.] */
/*Codes_SRS_NODE_TPM_SECURITY_CLIENT_06_018: [If the storage root key does NOT exist, a new key will be created.] */
this._tpm.withSession(tss.NullPwSession).CreatePrimary(
hierarchy,
new tss.TPMS_SENSITIVE_CREATE(),
template,
null,
null,
checkErrorAndContinue('CreatePrimary', (resp: tss.CreatePrimaryResponse) => {
this._tpm.withSession(tss.NullPwSession).EvictControl(
tss.Owner,
resp.handle,
handle,
checkErrorAndContinue('EvictControl', () => {
debug('EvictControl(0x' + resp.handle.handle.toString(16) + ', 0x' + handle.handle.toString(16) + ') returned ' + TPM_RC[TPM_RC.SUCCESS]);
this._tpm.FlushContext(
resp.handle,
checkErrorAndContinue('FlushContext', () => {
callback(null, resp.outPublic); // SUCCESS: an EK has been created.
},
callback)
);
},
callback)
);
},
callback)
);
}
)
);
}