From 360198efc33deac69b4cb833572372dd4b8d01f1 Mon Sep 17 00:00:00 2001 From: Lennart Poettering Date: Thu, 23 May 2024 13:57:07 +0200 Subject: [PATCH] tpm2-util: do not serialize tpm2 bank if none is specified If both literal and signed PCR bindings are not used then we won't determine a PCR bank to use, and hence we shouldnt attempt to serialize it either. Hence, if the bank is zero, skip serialization. (And while we are at it, also skip serialization of the primary algorithm if not set, purely to make things systematic). [This effectively results in little change, as previously we'd then seralize a json "null", while now we simply won't genreate the field] --- src/shared/tpm2-util.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/shared/tpm2-util.c b/src/shared/tpm2-util.c index a64c2738bf..cc26441a1e 100644 --- a/src/shared/tpm2-util.c +++ b/src/shared/tpm2-util.c @@ -7391,8 +7391,8 @@ int tpm2_make_luks2_json( JSON_BUILD_PAIR("keyslots", JSON_BUILD_ARRAY(JSON_BUILD_STRING(keyslot_as_string))), JSON_BUILD_PAIR("tpm2-blob", JSON_BUILD_IOVEC_BASE64(blob)), JSON_BUILD_PAIR("tpm2-pcrs", JSON_BUILD_VARIANT(hmj)), - JSON_BUILD_PAIR_CONDITION(!!tpm2_hash_alg_to_string(pcr_bank), "tpm2-pcr-bank", JSON_BUILD_STRING(tpm2_hash_alg_to_string(pcr_bank))), - JSON_BUILD_PAIR_CONDITION(!!tpm2_asym_alg_to_string(primary_alg), "tpm2-primary-alg", JSON_BUILD_STRING(tpm2_asym_alg_to_string(primary_alg))), + JSON_BUILD_PAIR_CONDITION(pcr_bank != 0 && tpm2_hash_alg_to_string(pcr_bank), "tpm2-pcr-bank", JSON_BUILD_STRING(tpm2_hash_alg_to_string(pcr_bank))), + JSON_BUILD_PAIR_CONDITION(primary_alg != 0 && tpm2_asym_alg_to_string(primary_alg), "tpm2-primary-alg", JSON_BUILD_STRING(tpm2_asym_alg_to_string(primary_alg))), JSON_BUILD_PAIR("tpm2-policy-hash", JSON_BUILD_IOVEC_HEX(policy_hash)), JSON_BUILD_PAIR("tpm2-pin", JSON_BUILD_BOOLEAN(flags & TPM2_FLAGS_USE_PIN)), JSON_BUILD_PAIR("tpm2_pcrlock", JSON_BUILD_BOOLEAN(flags & TPM2_FLAGS_USE_PCRLOCK)),