func()

in linux/tpm.go [312:341]

• 23 lines of code
• 3 McCabe index (conditional complexity)

func (tpm *tpmDevice) GetOrgRootKey() (CryptoKey, error) {
	// Get the organization root key
	// We explicitly only want to use the Endorsement Hierarchy, it's the only
	// privacy-sensitive hierarchy and the one explicitly recommended for use
	// when there are privacy considerations.
	primaryKey, err := tpm.GenerateKey(tpm2.HandleEndorsement, "", 0, nil)
	if err != nil {
		flog.Debugf("Error generating new primary key: %+v", err)
		return nil, err
	}
	defer tpm2.FlushContext(tpm.rwc, primaryKey.GetHandle())
	flog.Debug("Generated primary key")

	// Try to load the organization root key, create it if it doesn't exist
	rootKeyTmpl := DefaultECCEKTemplate()
	rootKey, err := tpm.LoadKey(
		diskio.OrgRootKey,
		primaryKey.GetHandle(),
		TPMOrgSRKHandle,
		&rootKeyTmpl,
	)
	if err != nil {
		flog.Criticalf("Error loading organization root key: %+v", err)
		return nil, err
	}
	flog.Debugf(
		"Found organization root key with handle 0x%x", rootKey.GetHandle())

	return rootKey, nil
}