crypenroll: make slot wiping on pin change a bit more explicit

diff --git a/src/cryptenroll/cryptenroll-tpm2.c b/src/cryptenroll/cryptenroll-tpm2.c
index b3d851953bf63e3f00e1cdeee6966dbca870fabd..db83ddc6e550b0acc1963bb68029ff39a4d37148 100644 (file)
--- a/src/cryptenroll/cryptenroll-tpm2.c
+++ b/src/cryptenroll/cryptenroll-tpm2.c
@@ -443,7 +443,7 @@ int enroll_tpm2(struct crypt_device *cd,
                 slot_to_wipe = r;
         } else {
                 log_info("This PCR set is already enrolled, executing no operation.");
-                *ret_slot_to_wipe = slot_to_wipe;
+                *ret_slot_to_wipe = -1;
                 return r; /* return existing keyslot, so that wiping won't kill it */
         }
 

diff --git a/src/cryptenroll/cryptenroll.c b/src/cryptenroll/cryptenroll.c
index df67a5636c54e82e7b9d9a459de3e915f2a33cef..ad98acb76246c85eac0c1389da50b878c821a1da 100644 (file)
--- a/src/cryptenroll/cryptenroll.c
+++ b/src/cryptenroll/cryptenroll.c
@@ -885,6 +885,8 @@ static int run(int argc, char *argv[]) {
                 slot = enroll_tpm2(cd, &vk, arg_tpm2_device, arg_tpm2_seal_key_handle, arg_tpm2_device_key, arg_tpm2_hash_pcr_values, arg_tpm2_n_hash_pcr_values, arg_tpm2_public_key, arg_tpm2_load_public_key, arg_tpm2_public_key_pcr_mask, arg_tpm2_signature, arg_tpm2_pin, arg_tpm2_pcrlock, &slot_to_wipe);
 
                 if (slot >= 0 && slot_to_wipe >= 0) {
+                        assert(slot != slot_to_wipe);
+
                         /* Updating PIN on an existing enrollment */
                         r = wipe_slots(
                                         cd,