From 3f2402171b26e9257f41417d749fe207fc329085 Mon Sep 17 00:00:00 2001 From: Lennart Poettering Date: Mon, 6 May 2024 16:12:04 +0200 Subject: [PATCH] tpm2-util: tweak JSON condition check As for the other fields let's check if the actual variable we serialize is set before serializing it. This shouldn't make any difference, since the pubkey and the PCR mask should always be set together or neither, but I think it's easier to grok this way, and makes the function nicely "dumb": it serializes what is specified, without trying to be smart by suppressng specified fields. --- src/shared/tpm2-util.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/shared/tpm2-util.c b/src/shared/tpm2-util.c index e0c2c63878d..3afeb095169 100644 --- a/src/shared/tpm2-util.c +++ b/src/shared/tpm2-util.c @@ -7382,7 +7382,7 @@ int tpm2_make_luks2_json( JSON_BUILD_PAIR("tpm2-pin", JSON_BUILD_BOOLEAN(flags & TPM2_FLAGS_USE_PIN)), JSON_BUILD_PAIR("tpm2_pcrlock", JSON_BUILD_BOOLEAN(flags & TPM2_FLAGS_USE_PCRLOCK)), JSON_BUILD_PAIR_CONDITION(pubkey_pcr_mask != 0, "tpm2_pubkey_pcrs", JSON_BUILD_VARIANT(pkmj)), - JSON_BUILD_PAIR_CONDITION(pubkey_pcr_mask != 0, "tpm2_pubkey", JSON_BUILD_IOVEC_BASE64(pubkey)), + JSON_BUILD_PAIR_CONDITION(iovec_is_set(pubkey), "tpm2_pubkey", JSON_BUILD_IOVEC_BASE64(pubkey)), JSON_BUILD_PAIR_CONDITION(iovec_is_set(salt), "tpm2_salt", JSON_BUILD_IOVEC_BASE64(salt)), JSON_BUILD_PAIR_CONDITION(iovec_is_set(srk), "tpm2_srk", JSON_BUILD_IOVEC_BASE64(srk)), JSON_BUILD_PAIR_CONDITION(iovec_is_set(pcrlock_nv), "tpm2_pcrlock_nv", JSON_BUILD_IOVEC_BASE64(pcrlock_nv)))); -- 2.47.3