diff --git a/tpm2/error.go b/tpm2/error.go index 2bdcf3aa..e1983356 100644 --- a/tpm2/error.go +++ b/tpm2/error.go @@ -23,39 +23,39 @@ type ( // Format 0 error codes. const ( RCInitialize RCFmt0 = 0x00 - RCFailure = 0x01 - RCSequence = 0x03 - RCPrivate = 0x0B - RCHMAC = 0x19 - RCDisabled = 0x20 - RCExclusive = 0x21 - RCAuthType = 0x24 - RCAuthMissing = 0x25 - RCPolicy = 0x26 - RCPCR = 0x27 - RCPCRChanged = 0x28 - RCUpgrade = 0x2D - RCTooManyContexts = 0x2E - RCAuthUnavailable = 0x2F - RCReboot = 0x30 - RCUnbalanced = 0x31 - RCCommandSize = 0x42 - RCCommandCode = 0x43 - RCAuthSize = 0x44 - RCAuthContext = 0x45 - RCNVRange = 0x46 - RCNVSize = 0x47 - RCNVLocked = 0x48 - RCNVAuthorization = 0x49 - RCNVUninitialized = 0x4A - RCNVSpace = 0x4B - RCNVDefined = 0x4C - RCBadContext = 0x50 - RCCPHash = 0x51 - RCParent = 0x52 - RCNeedsTest = 0x53 - RCNoResult = 0x54 - RCSensitive = 0x55 + RCFailure RCFmt0 = 0x01 + RCSequence RCFmt0 = 0x03 + RCPrivate RCFmt0 = 0x0B + RCHMAC RCFmt0 = 0x19 + RCDisabled RCFmt0 = 0x20 + RCExclusive RCFmt0 = 0x21 + RCAuthType RCFmt0 = 0x24 + RCAuthMissing RCFmt0 = 0x25 + RCPolicy RCFmt0 = 0x26 + RCPCR RCFmt0 = 0x27 + RCPCRChanged RCFmt0 = 0x28 + RCUpgrade RCFmt0 = 0x2D + RCTooManyContexts RCFmt0 = 0x2E + RCAuthUnavailable RCFmt0 = 0x2F + RCReboot RCFmt0 = 0x30 + RCUnbalanced RCFmt0 = 0x31 + RCCommandSize RCFmt0 = 0x42 + RCCommandCode RCFmt0 = 0x43 + RCAuthSize RCFmt0 = 0x44 + RCAuthContext RCFmt0 = 0x45 + RCNVRange RCFmt0 = 0x46 + RCNVSize RCFmt0 = 0x47 + RCNVLocked RCFmt0 = 0x48 + RCNVAuthorization RCFmt0 = 0x49 + RCNVUninitialized RCFmt0 = 0x4A + RCNVSpace RCFmt0 = 0x4B + RCNVDefined RCFmt0 = 0x4C + RCBadContext RCFmt0 = 0x50 + RCCPHash RCFmt0 = 0x51 + RCParent RCFmt0 = 0x52 + RCNeedsTest RCFmt0 = 0x53 + RCNoResult RCFmt0 = 0x54 + RCSensitive RCFmt0 = 0x55 ) var fmt0Msg = map[RCFmt0]string{ @@ -171,33 +171,33 @@ var fmt1Msg = map[RCFmt1]string{ // Warning codes. const ( RCContextGap RCWarn = 0x01 - RCObjectMemory = 0x02 - RCSessionMemory = 0x03 - RCMemory = 0x04 - RCSessionHandles = 0x05 - RCObjectHandles = 0x06 - RCLocality = 0x07 - RCYielded = 0x08 - RCCanceled = 0x09 - RCTesting = 0x0A - RCReferenceH0 = 0x10 - RCReferenceH1 = 0x11 - RCReferenceH2 = 0x12 - RCReferenceH3 = 0x13 - RCReferenceH4 = 0x14 - RCReferenceH5 = 0x15 - RCReferenceH6 = 0x16 - RCReferenceS0 = 0x18 - RCReferenceS1 = 0x19 - RCReferenceS2 = 0x1A - RCReferenceS3 = 0x1B - RCReferenceS4 = 0x1C - RCReferenceS5 = 0x1D - RCReferenceS6 = 0x1E - RCNVRate = 0x20 - RCLockout = 0x21 - RCRetry = 0x22 - RCNVUnavailable = 0x23 + RCObjectMemory RCWarn = 0x02 + RCSessionMemory RCWarn = 0x03 + RCMemory RCWarn = 0x04 + RCSessionHandles RCWarn = 0x05 + RCObjectHandles RCWarn = 0x06 + RCLocality RCWarn = 0x07 + RCYielded RCWarn = 0x08 + RCCanceled RCWarn = 0x09 + RCTesting RCWarn = 0x0A + RCReferenceH0 RCWarn = 0x10 + RCReferenceH1 RCWarn = 0x11 + RCReferenceH2 RCWarn = 0x12 + RCReferenceH3 RCWarn = 0x13 + RCReferenceH4 RCWarn = 0x14 + RCReferenceH5 RCWarn = 0x15 + RCReferenceH6 RCWarn = 0x16 + RCReferenceS0 RCWarn = 0x18 + RCReferenceS1 RCWarn = 0x19 + RCReferenceS2 RCWarn = 0x1A + RCReferenceS3 RCWarn = 0x1B + RCReferenceS4 RCWarn = 0x1C + RCReferenceS5 RCWarn = 0x1D + RCReferenceS6 RCWarn = 0x1E + RCNVRate RCWarn = 0x20 + RCLockout RCWarn = 0x21 + RCRetry RCWarn = 0x22 + RCNVUnavailable RCWarn = 0x23 ) var warnMsg = map[RCWarn]string{ diff --git a/tpm2/structures.go b/tpm2/structures.go index 5a7318d5..da81dc77 100644 --- a/tpm2/structures.go +++ b/tpm2/structures.go @@ -66,9 +66,9 @@ type Public struct { // When encoding/decoding, one will be picked based on Type. // RSAParameters contains both [rsa]parameters and [rsa]unique. - RSAParameters *RSAParams + RSAParameters *RSAParams // ECCParameters contains both [ecc]parameters and [ecc]unique. - ECCParameters *ECCParams + ECCParameters *ECCParams // SymCipherParameters contains both [sym]parameters and [sym]unique. SymCipherParameters *SymCipherParams // KeyedHashParameters contains both [keyedHash]parameters and [keyedHash]unique. @@ -147,7 +147,7 @@ func (p Public) Name() (Name, error) { // MatchesTemplate checks if the Public area has the same algorithms and // parameters as the provided template. Note that this does not necessarily // mean that the key was created from this template, as the Unique field is -// both provided in the template and overriden in the key creation process. +// both provided in the template and overridden in the key creation process. func (p Public) MatchesTemplate(template Public) bool { if p.Type != template.Type || p.NameAlg != template.NameAlg || diff --git a/tpm2/test/tpm2_test.go b/tpm2/test/tpm2_test.go index 14ab0d6a..3a845a52 100644 --- a/tpm2/test/tpm2_test.go +++ b/tpm2/test/tpm2_test.go @@ -59,8 +59,6 @@ func openTPM(tb testing.TB) io.ReadWriteCloser { var ( // PCR7 is for SecureBoot. - pcrSelection0 = PCRSelection{Hash: AlgSHA1, PCRs: []int{0}} - pcrSelection1 = PCRSelection{Hash: AlgSHA1, PCRs: []int{1}} pcrSelection7 = PCRSelection{Hash: AlgSHA1, PCRs: []int{7}} pcrSelectionAll = PCRSelection{Hash: AlgSHA1, PCRs: []int{0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23}} defaultKeyParams = Public{ @@ -350,8 +348,7 @@ func TestCombinedContextTest(t *testing.T) { } FlushContext(rw, quoteHandle) - quoteHandle, err = ContextLoad(rw, saveArea) - if err != nil { + if _, err = ContextLoad(rw, saveArea); err != nil { t.Fatalf("Load failed: %v", err) } } diff --git a/tpm2/test/tpm2_windows_test.go b/tpm2/test/tpm2_windows_test.go index 4ecbe4a8..08e1d176 100644 --- a/tpm2/test/tpm2_windows_test.go +++ b/tpm2/test/tpm2_windows_test.go @@ -18,6 +18,8 @@ import ( "flag" "io" "testing" + + . "github.com/google/go-tpm/tpm2" ) var runTPMTests = flag.Bool("use-tbs", false, "Run integration tests against Windows TPM Base Services (TBS). Defaults to false.") diff --git a/tpmutil/encoding_test.go b/tpmutil/encoding_test.go index 4ff11e24..c4c52117 100644 --- a/tpmutil/encoding_test.go +++ b/tpmutil/encoding_test.go @@ -167,7 +167,6 @@ func TestEncodingCommandHeaderEncoding(t *testing.T) { func TestEncodingInvalidUnpack(t *testing.T) { var i *uint32 - i = nil // The value ui is a serialization of uint32(0). ui := []byte{0, 0, 0, 0} uiBuf := bytes.NewBuffer(ui) @@ -295,7 +294,7 @@ func TestEncodingUnpack(t *testing.T) { t.Fatal("Couldn't unpacked a struct with a nested slice:", err) } if ns.A != ns2.A || !bytes.Equal(ns.S, ns2.S) { - t.Logf("orginal = %+v", ns) + t.Logf("original = %+v", ns) t.Logf("decoded = %+v", ns2) t.Fatal("Unpacked struct with nested slice didn't match the original") } diff --git a/tpmutil/run.go b/tpmutil/run.go index e14270af..984b1238 100644 --- a/tpmutil/run.go +++ b/tpmutil/run.go @@ -43,7 +43,7 @@ func RunCommand(rw io.ReadWriter, tag Tag, cmd Command, in ...interface{}) ([]by } // f(t) = (2^t)ms, up to 2s - var backoffFac uint = 0 + var backoffFac uint var rh responseHeader var outb []byte diff --git a/tpmutil/run_other.go b/tpmutil/run_other.go index 1b8dc2e8..53d11b2c 100644 --- a/tpmutil/run_other.go +++ b/tpmutil/run_other.go @@ -78,7 +78,7 @@ func NewEmulatorReadWriteCloser(path string) *EmulatorReadWriteCloser { func (erw *EmulatorReadWriteCloser) Read(p []byte) (int, error) { // Read is always the second operation in a Write/Read sequence. if erw.conn == nil { - return 0, fmt.Errorf("Must call Write then Read in an alternating sequence") + return 0, fmt.Errorf("must call Write then Read in an alternating sequence") } n, err := erw.conn.Read(p) erw.conn.Close() @@ -90,7 +90,7 @@ func (erw *EmulatorReadWriteCloser) Read(p []byte) (int, error) { // writing. func (erw *EmulatorReadWriteCloser) Write(p []byte) (int, error) { if erw.conn != nil { - return 0, fmt.Errorf("Must call Write then Read in an alternating sequence") + return 0, fmt.Errorf("must call Write then Read in an alternating sequence") } var err error erw.conn, err = erw.dialer("unix", erw.path) @@ -103,7 +103,7 @@ func (erw *EmulatorReadWriteCloser) Write(p []byte) (int, error) { // Close implements io.Closer by closing the Unix domain socket if one is open. func (erw *EmulatorReadWriteCloser) Close() error { if erw.conn == nil { - return fmt.Errorf("Cannot call Close when no connection is open") + return fmt.Errorf("cannot call Close when no connection is open") } err := erw.conn.Close() erw.conn = nil diff --git a/tpmutil/tbs/tbs_windows.go b/tpmutil/tbs/tbs_windows.go index 4e904908..1150c257 100644 --- a/tpmutil/tbs/tbs_windows.go +++ b/tpmutil/tbs/tbs_windows.go @@ -30,7 +30,7 @@ type Context uintptr // Version of TPM being used by the application. type Version uint32 -// Flag indicates TPM verisions that are supported by the application. +// Flag indicates TPM versions that are supported by the application. type Flag uint32 // CommandPriority is used to determine which pending command to submit whenever the TPM is free. @@ -145,7 +145,7 @@ func sliceAddress(s []byte) uintptr { return uintptr(unsafe.Pointer(&(s[0]))) } -// Declaration of TPM_DEVICE_INFO from tbs.h +// DeviceInfo is TPM_DEVICE_INFO from tbs.h type DeviceInfo struct { StructVersion uint32 TPMVersion Version @@ -153,6 +153,8 @@ type DeviceInfo struct { TPMImpRevision uint32 } +// GetDeviceInfo gets the DeviceInfo of the current TPM: +// https://docs.microsoft.com/en-us/windows/win32/api/tbs/nf-tbs-tbsi_getdeviceinfo func GetDeviceInfo() (*DeviceInfo, error) { info := DeviceInfo{} // TBS_RESULT Tbsi_GetDeviceInfo(