TPM resource is released only at SDK shutdown

[MMaiero]

• OS and version used: Raspbian Buster

• Java runtime used: openjdk version "1.8.0_181"

• SDK version used: 0.22.0
  iot-device-client version 1.16.0

Description of the issue:

I'm experimenting a bit with the SDK and the TPM integration. What I see is that, once opened the /dev/tpm0 resource, it is never released until SDK shutdown. It seems also that the SecurityProviderTPMHsm class gets the TPM resource but never invokes the tpm.close() method to close the stream.

Code sample exhibiting the issue:

Console log of the issue:

Need Support?

• Have a feature request for SDKs? Please post it on User Voice to help us prioritize.
• Have a technical question? Ask on Stack Overflow with tag “azure-iot-hub”
• Need Support? Every customer with an active Azure subscription has access to support with guaranteed response time. Consider submitting a ticket and get assistance from Microsoft support team
• Found a bug? Please help us fix it by thoroughly documenting it and filing an issue on GitHub (C, Java, .NET, Node.js, Python).

[timtay-microsoft]

This is partly by design. When using TPM for a security provider, your device client requires the tpm to generate new sas tokens each time the previous one expires. As such, the device cannot let go of the tpm until the client itself has closed.

That being said, the SecurityProviderTPMHsm class should call tpm.close() whenever you close the device client that is using it, and it looks like it doesn't right now. That part is definitely a bug.

[MMaiero]

Is it not possible to get the TPM when you need to renew the tokens and leave it afterwards?

Thanks

[timtay-microsoft]

My mistake, after doing some investigation, it looks like the tpm could be released whenever the device client isn't requesting anything of it.

If you are willing to provide a PR to fix this, I'd be happy to merge it in for you.