From 5aa45ed6b42cb2cc958fed041901de8070c5b355 Mon Sep 17 00:00:00 2001 From: Bill Roberts Date: Fri, 8 Dec 2023 16:18:20 -0600 Subject: [PATCH] readpublic Signed-off-by: Bill Roberts --- lib/tpm2_options.c | 3 + lib/tpm2_options.h | 2 +- lib/tpm2_yaml.c | 206 ++++++++++++++++++++++------------------ lib/tpm2_yaml.h | 3 +- tools/tpm2_readpublic.c | 22 ++--- tools/tpm2_tool.c | 2 +- 6 files changed, 130 insertions(+), 108 deletions(-) diff --git a/lib/tpm2_options.c b/lib/tpm2_options.c index 6ebaa9987..80d68889c 100644 --- a/lib/tpm2_options.c +++ b/lib/tpm2_options.c @@ -288,6 +288,7 @@ tpm2_option_code tpm2_handle_options(int argc, char **argv, { "quiet", no_argument, NULL, 'Q' }, { "version", no_argument, NULL, 'v' }, { "enable-errata", no_argument, NULL, 'Z' }, + { "canonical", no_argument, NULL, 42 } }; @@ -387,6 +388,8 @@ tpm2_option_code tpm2_handle_options(int argc, char **argv, case '?': rc = tpm2_option_code_err; goto out; + case 42: + flags->canonical = 1; default: /* NULL on_opt handler and unknown option specified is an error */ if (!tool_opts || !tool_opts->callbacks.on_opt) { diff --git a/lib/tpm2_options.h b/lib/tpm2_options.h index 12ccd855a..0ab8c349c 100644 --- a/lib/tpm2_options.h +++ b/lib/tpm2_options.h @@ -22,7 +22,7 @@ union tpm2_option_flags { uint8_t quiet :1; uint8_t enable_errata :1; uint8_t tcti_none :1; - //uint8_t no_output :1; + uint8_t canonical :1; }; uint8_t all; }; diff --git a/lib/tpm2_yaml.c b/lib/tpm2_yaml.c index 996216232..db8ea2709 100644 --- a/lib/tpm2_yaml.c +++ b/lib/tpm2_yaml.c @@ -15,6 +15,7 @@ struct tpm2_yaml { yaml_document_t doc; int root; + int canonical; }; #define null_ret(ptr, val) \ @@ -32,16 +33,18 @@ struct key_value { const TPM2B *as_tpm2b; uint64_t as_int; } value; + unsigned base; const yaml_char_t *tag; }; #define TPM2B_TAG "TPM2B_TAG" #define KVP_ADD_STR(k, v) {.key = k, .tag = YAML_STR_TAG, .value = { .as_str = v}} -#define KVP_ADD_INT(k, v) {.key = k, .tag = YAML_INT_TAG, .value = { .as_int = v}} +#define KVP_ADD_HEX(k, v) {.key = k, .tag = YAML_INT_TAG, .value = { .as_int = v}, .base = 16} +#define KVP_ADD_INT(k, v) {.key = k, .tag = YAML_INT_TAG, .value = { .as_int = v}, .base = 10} #define KVP_ADD_TPM2B(k, v) {.key = k, .tag = TPM2B_TAG, .value = { .as_tpm2b = (TPM2B *)v}} -tpm2_yaml *tpm2_yaml_new(void) { +tpm2_yaml *tpm2_yaml_new(int canonical) { tpm2_yaml *t = calloc(1, sizeof(*t)); if (!t) { @@ -61,6 +64,11 @@ tpm2_yaml *tpm2_yaml_new(void) { return NULL; } + + if (canonical) { + t->canonical = 1; + } + t->root = yaml_document_add_mapping(&t->doc, NULL, YAML_ANY_MAPPING_STYLE); if (!t->root) { LOG_ERR("Could not add YAML root node"); @@ -81,11 +89,13 @@ void tpm2_yaml_free(tpm2_yaml *y) { free(y); } -#define yaml_add_str(doc, str) \ - yaml_document_add_scalar(doc, (yaml_char_t *)YAML_STR_TAG, \ - (yaml_char_t *)str, -1, YAML_ANY_SCALAR_STYLE); +#define NULL_STR "(null)" -static int yaml_add_int(yaml_document_t *doc, uint64_t data) { +#define yaml_add_str(y, str) \ + yaml_document_add_scalar(&y->doc, (yaml_char_t *)YAML_STR_TAG, \ + (yaml_char_t *)str ? str : NULL_STR, -1, YAML_ANY_SCALAR_STYLE); + +static int yaml_add_int(tpm2_yaml *y, uint64_t data, unsigned base) { /* * 8 bytes for 64 bit nums, times two for 2 chars per byte in hex, @@ -93,95 +103,127 @@ static int yaml_add_int(yaml_document_t *doc, uint64_t data) { */ char buf[8 * 2 + 1] = { 0 }; - snprintf(buf, sizeof(buf), "0x%"PRIx64, data); + const char *fmt = NULL; + switch(base) { + case 10: + fmt = "%"PRIu64; + break; + case 16: + fmt = "0x%"PRIx64; + break; + default: + LOG_ERR("Cannot handle integer base: %u", base); + return 0; + } + + snprintf(buf, sizeof(buf), fmt, data); + + /* prevents something like !!int always being tagged on ints unless canonical is set */ + yaml_char_t *tag = y->canonical ? YAML_INT_TAG : YAML_STR_TAG; - return yaml_document_add_scalar(doc, (yaml_char_t *)YAML_INT_TAG, \ + return yaml_document_add_scalar(&y->doc, (yaml_char_t *)tag, \ (yaml_char_t *)buf, -1, YAML_ANY_SCALAR_STYLE); } -static int yaml_add_tpm2b(yaml_document_t *doc, const TPM2B *data) { +static int yaml_add_tpm2b(tpm2_yaml *y, const TPM2B *data) { char *h = tpm2_util_bin2hex(data->buffer, data->size); if (!h) { LOG_ERR("oom"); return 0; } - int node = yaml_document_add_scalar(doc, (yaml_char_t *)YAML_STR_TAG, + int node = yaml_document_add_scalar(&y->doc, (yaml_char_t *)YAML_STR_TAG, h, -1, YAML_ANY_SCALAR_STYLE); free(h); return node; } -static int add_kvp(yaml_document_t *doc, int root, const key_value *k) { +static int add_kvp(tpm2_yaml *y, int root, const key_value *k) { if (strcmp(k->tag, TPM2B_TAG) == 0 && k->value.as_tpm2b->size == 0) { return 1; } - int key = yaml_document_add_scalar(doc, YAML_STR_TAG, \ + int key = yaml_document_add_scalar(&y->doc, YAML_STR_TAG, \ (yaml_char_t *)k->key, -1, YAML_ANY_SCALAR_STYLE); return_rc(key); int value = 0; if (strcmp(k->tag, YAML_STR_TAG) == 0) { - value = yaml_add_str(doc, k->value.as_str); + value = yaml_add_str(y, k->value.as_str); } else if (strcmp(k->tag, YAML_INT_TAG) == 0) { - value = yaml_add_int(doc, k->value.as_int); + value = yaml_add_int(y, k->value.as_int, k->base); } else if (strcmp(k->tag, TPM2B_TAG) == 0) { - value = yaml_add_tpm2b(doc, k->value.as_tpm2b); + value = yaml_add_tpm2b(y, k->value.as_tpm2b); } else { LOG_ERR("Unknown tag type: %s", k->tag ? (char *)k->tag : "(null)"); return 0; } return_rc(value); - int rc = yaml_document_append_mapping_pair(doc, root, key, value); + int rc = yaml_document_append_mapping_pair(&y->doc, root, key, value); return_rc(rc); } -static int add_mapping_root_with_items(yaml_document_t *doc, int root, +static int add_kvp_list(tpm2_yaml *y, int root, const key_value *kvs, size_t len) { + + size_t i; + for(i=0; i < len; i++) { + const key_value *k = &kvs[i]; + return_rc(add_kvp(y, root, k)); + } + + return 1; +} + +static int add_mapping_root_with_items(tpm2_yaml *y, int root, const char *mapkey, const key_value *kvs, size_t len) { - int sub_root = yaml_document_add_mapping(doc, + int sub_root = yaml_document_add_mapping(&y->doc, (yaml_char_t *)YAML_MAP_TAG, YAML_ANY_MAPPING_STYLE); return_rc(sub_root); - int sub_root_key = yaml_add_str(doc, mapkey); + int sub_root_key = yaml_add_str(y, mapkey); return_rc(sub_root_key); - size_t i; - for(i=0; i < len; i++) { - const key_value *k = &kvs[i]; - return_rc(add_kvp(doc, sub_root, k)); - } + int rc = add_kvp_list(y, sub_root, kvs, len); + return_rc(rc); - return yaml_document_append_mapping_pair(doc, root, sub_root_key, sub_root); + return yaml_document_append_mapping_pair(&y->doc, root, sub_root_key, sub_root); } -static int add_alg(yaml_document_t *doc, int root, const char *key, TPM2_ALG_ID alg) { +static int add_alg(tpm2_yaml *y, int root, const char *key, TPM2_ALG_ID alg) { + key_value scheme_kvs[] = { KVP_ADD_STR("value", tpm2_alg_util_algtostr(alg, tpm2_alg_util_flags_any)), - KVP_ADD_INT("raw", alg), + KVP_ADD_HEX("raw", alg), }; - return add_mapping_root_with_items(doc, root, key, + return add_mapping_root_with_items(y, root, key, scheme_kvs, ARRAY_LEN(scheme_kvs)); } -static tool_rc tpm2b_name_to_yaml(const TPM2B_NAME *name, yaml_document_t *doc, int root) { +static tool_rc tpm2b_to_yaml(tpm2_yaml *y, int root, const char *key, const TPM2B_NAME *name) { - struct key_value key_bits = KVP_ADD_TPM2B("name", name); - return add_kvp(doc, root, &key_bits); + struct key_value key_bits = KVP_ADD_TPM2B(key, name); + int rc = add_kvp(y, root, &key_bits); + return rc ? tool_rc_success : tool_rc_general_error; } tool_rc tpm2_yaml_tpm2b_name(const TPM2B_NAME *name, tpm2_yaml *y) { null_ret(y, 1); assert(name); - return tpm2b_name_to_yaml(name, &y->doc, y->root); + return tpm2b_to_yaml(y, y->root, "name", name); +} + +tool_rc tpm2_yaml_qualified_name(const TPM2B_NAME *qname, tpm2_yaml *y) { + null_ret(y, 1); + assert(qname); + return tpm2b_to_yaml(y, y->root, "qualified name", qname); } -static int tpmt_sym_def_object_to_yaml(yaml_document_t *doc, +static int tpmt_sym_def_object_to_yaml(tpm2_yaml *y, int root, const TPMT_SYM_DEF_OBJECT *sym) { /* @@ -193,42 +235,37 @@ static int tpmt_sym_def_object_to_yaml(yaml_document_t *doc, * raw: 0x10 * sym-keybits: 128 */ - int rc = add_alg(doc, root, "sym-alg", sym->algorithm); + int rc = add_alg(y, root, "sym-alg", sym->algorithm); return_rc(rc); - key_value sym_mode_kvs[] = { - KVP_ADD_STR("value", tpm2_alg_util_algtostr(sym->mode.sym, tpm2_alg_util_flags_any)), - KVP_ADD_INT("raw", sym->mode.sym), - }; - - rc = add_alg(doc, root, "sym-mode", sym->mode.sym); + rc = add_alg(y, root, "sym-mode", sym->mode.sym); return_rc(rc); struct key_value key_bits = KVP_ADD_INT("sym-keybits", sym->keyBits.sym); - return add_kvp(doc, root, &key_bits); + return add_kvp(y, root, &key_bits); } -static int tpms_keyedhash_parms_to_yaml(yaml_document_t *doc, int root, const TPMS_KEYEDHASH_PARMS *k) { +static int tpms_keyedhash_parms_to_yaml(tpm2_yaml *y, int root, const TPMS_KEYEDHASH_PARMS *k) { /* * algorithm: * value: * raw: */ - int rc = add_alg(doc, root, "algorithm", k->scheme.scheme); + int rc = add_alg(y, root, "algorithm", k->scheme.scheme); return_rc(rc); switch(k->scheme.scheme) { case TPM2_ALG_HMAC: - rc = add_alg(doc, root, "hash-alg", k->scheme.details.hmac.hashAlg); + rc = add_alg(y, root, "hash-alg", k->scheme.details.hmac.hashAlg); break; case TPM2_ALG_XOR: - rc = add_alg(doc, root, "hash-alg", k->scheme.details.exclusiveOr.hashAlg); + rc = add_alg(y, root, "hash-alg", k->scheme.details.exclusiveOr.hashAlg); return_rc(rc); - rc = add_alg(doc, root, "kdfa-alg", k->scheme.details.exclusiveOr.kdf); + rc = add_alg(y, root, "kdfa-alg", k->scheme.details.exclusiveOr.kdf); break; default: LOG_ERR("Unknown scheme: 0x%x", k->scheme.scheme); @@ -238,7 +275,7 @@ static int tpms_keyedhash_parms_to_yaml(yaml_document_t *doc, int root, const TP return rc; } -static int tpms_rsa_parms_to_yaml(yaml_document_t *doc, int root, const TPMS_RSA_PARMS *r) { +static int tpms_rsa_parms_to_yaml(tpm2_yaml *y, int root, const TPMS_RSA_PARMS *r) { /* * exponent: 65537 @@ -252,27 +289,27 @@ static int tpms_rsa_parms_to_yaml(yaml_document_t *doc, int root, const TPMS_RSA * TODO BILL FILL OUT */ key_value exponent = KVP_ADD_INT("exponent", r->exponent ? r->exponent : 65537); - int rc = add_kvp(doc, root, &exponent); + int rc = add_kvp(y, root, &exponent); return_rc(rc); key_value bits = KVP_ADD_INT("bits", r->keyBits); - rc = add_kvp(doc, root, &bits); + rc = add_kvp(y, root, &bits); return_rc(rc); - rc = add_alg(doc, root, "scheme", r->scheme.scheme); + rc = add_alg(y, root, "scheme", r->scheme.scheme); /* * everything is a union on a hash algorithm except for RSAES which * has nothing. So on RSAES skip the hash algorithm printing */ if (r->scheme.scheme != TPM2_ALG_RSAES) { - rc = add_alg(doc, root, "scheme-halg", r->scheme.details.anySig.hashAlg); + rc = add_alg(y, root, "scheme-halg", r->scheme.details.anySig.hashAlg); } - return tpmt_sym_def_object_to_yaml(doc, root, &r->symmetric); + return tpmt_sym_def_object_to_yaml(y, root, &r->symmetric); } -static int tpmt_kdf_scheme(yaml_document_t *doc, int root, const TPMT_KDF_SCHEME *s) { +static int tpmt_kdf_scheme(tpm2_yaml *y, int root, const TPMT_KDF_SCHEME *s) { /* * kdfa-alg: @@ -282,13 +319,13 @@ static int tpmt_kdf_scheme(yaml_document_t *doc, int root, const TPMT_KDF_SCHEME * value: * raw: */ - int rc = add_alg(doc, root, "kdfa-alg", s->scheme); + int rc = add_alg(y, root, "kdfa-alg", s->scheme); return_rc(rc); - return add_alg(doc, root, "kdfa-halg", s->details.mgf1.hashAlg); + return add_alg(y, root, "kdfa-halg", s->details.mgf1.hashAlg); } -static int tpmt_scheme_to_yaml(yaml_document_t *doc, int root, const TPMT_ECC_SCHEME *scheme) { +static int tpmt_scheme_to_yaml(tpm2_yaml *y, int root, const TPMT_ECC_SCHEME *scheme) { /* * scheme: @@ -300,10 +337,10 @@ static int tpmt_scheme_to_yaml(yaml_document_t *doc, int root, const TPMT_ECC_SC * scheme-count: 2 */ - int rc = add_alg(doc, root, "scheme", scheme->scheme); + int rc = add_alg(y, root, "scheme", scheme->scheme); return_rc(rc); - rc = add_alg(doc, root, "scheme-halg", scheme->details.anySig.hashAlg); + rc = add_alg(y, root, "scheme-halg", scheme->details.anySig.hashAlg); return_rc(rc); /* @@ -313,13 +350,13 @@ static int tpmt_scheme_to_yaml(yaml_document_t *doc, int root, const TPMT_ECC_SC */ if (scheme->scheme == TPM2_ALG_ECDAA) { struct key_value key_bits = KVP_ADD_INT("scheme-count", scheme->details.ecdaa.count); - rc = add_kvp(doc, root, &key_bits); + rc = add_kvp(y, root, &key_bits); } return rc; } -static int tpms_ecc_parms_to_yaml(yaml_document_t *doc, int root, const TPMS_ECC_PARMS *e) { +static int tpms_ecc_parms_to_yaml(tpm2_yaml *y, int root, const TPMS_ECC_PARMS *e) { /* * curve-id: @@ -345,33 +382,26 @@ static int tpms_ecc_parms_to_yaml(yaml_document_t *doc, int root, const TPMS_ECC * raw: 0x10 * sym-keybits: 128 */ - - key_value curve_id_kvs[] = { - KVP_ADD_STR("value", tpm2_alg_util_algtostr(e->curveID, tpm2_alg_util_flags_any)), - KVP_ADD_INT("raw", e->curveID), - }; - - int rc = add_mapping_root_with_items(doc, root, "curve-id", - curve_id_kvs, ARRAY_LEN(curve_id_kvs)); + int rc = add_alg(y, root, "curve-id", e->curveID); return_rc(rc); - rc = tpmt_kdf_scheme(doc, root, &e->kdf); + rc = tpmt_kdf_scheme(y, root, &e->kdf); return_rc(rc); - rc = tpmt_scheme_to_yaml(doc, root, &e->scheme); + rc = tpmt_scheme_to_yaml(y, root, &e->scheme); return_rc(rc); - return tpmt_sym_def_object_to_yaml(doc, root, &e->symmetric); + return tpmt_sym_def_object_to_yaml(y, root, &e->symmetric); } static int tpmt_public_to_yaml(const TPMT_PUBLIC *public, - yaml_document_t *doc, int root) { + tpm2_yaml *y, int root) { /* name-alg: * value: sha256 * raw: 0x0b */ - int rc = add_alg(doc, root, "name-alg", public->nameAlg); + int rc = add_alg(y, root, "name-alg", public->nameAlg); return_rc(rc); /* @@ -387,10 +417,10 @@ static int tpmt_public_to_yaml(const TPMT_PUBLIC *public, key_value object_attrs[] = { KVP_ADD_STR("value", attrs), - KVP_ADD_INT("raw", public->objectAttributes) + KVP_ADD_HEX("raw", public->objectAttributes) }; - rc = add_mapping_root_with_items(doc, root, "attributes", + rc = add_mapping_root_with_items(y, root, "attributes", object_attrs, ARRAY_LEN(object_attrs)); free(attrs); return_rc(rc); @@ -400,12 +430,7 @@ static int tpmt_public_to_yaml(const TPMT_PUBLIC *public, * value: symcipher * raw: 0x25 */ - key_value type[] = { - KVP_ADD_STR("value", tpm2_alg_util_algtostr(public->type, tpm2_alg_util_flags_any)), - KVP_ADD_INT("raw", public->type) - }; - - rc = add_alg(doc, root, "type", public->type); + rc = add_alg(y, root, "type", public->type); return_rc(rc); key_value keydata[2] = { 0 }; @@ -413,26 +438,25 @@ static int tpmt_public_to_yaml(const TPMT_PUBLIC *public, switch(public->type) { case TPM2_ALG_SYMCIPHER: { - rc = tpmt_sym_def_object_to_yaml(doc, root, &public->parameters.symDetail.sym); + rc = tpmt_sym_def_object_to_yaml(y, root, &public->parameters.symDetail.sym); key_value tmp = KVP_ADD_TPM2B("symcipher", &public->unique.sym); keydata[0] = tmp; keydata_len = 1; } break; case TPM2_ALG_KEYEDHASH: { - rc = tpms_keyedhash_parms_to_yaml(doc, root, &public->parameters.keyedHashDetail); + rc = tpms_keyedhash_parms_to_yaml(y, root, &public->parameters.keyedHashDetail); key_value tmp = KVP_ADD_TPM2B("keyedhash", &public->unique.keyedHash); keydata[0] = tmp; keydata_len = 1; } break; case TPM2_ALG_RSA: { - LOG_ERR("need RSA support"); - rc = tpms_rsa_parms_to_yaml(doc, root, &public->parameters.rsaDetail); + rc = tpms_rsa_parms_to_yaml(y, root, &public->parameters.rsaDetail); key_value tmp = KVP_ADD_TPM2B("rsa", &public->unique.rsa); keydata[0] = tmp; keydata_len = 1; } break; case TPM2_ALG_ECC: - rc = tpms_ecc_parms_to_yaml(doc, root, &public->parameters.eccDetail); + rc = tpms_ecc_parms_to_yaml(y, root, &public->parameters.eccDetail); key_value tmp[2] = { KVP_ADD_TPM2B("x", &public->unique.ecc.x), KVP_ADD_TPM2B("y", &public->unique.ecc.y), @@ -451,8 +475,8 @@ static int tpmt_public_to_yaml(const TPMT_PUBLIC *public, * x: * y: */ - rc = add_mapping_root_with_items(doc, root, "keydata", - keydata, keydata_len); + rc = add_kvp_list(y, root, keydata, keydata_len); + return_rc(rc); /* * authorization policy: @@ -460,7 +484,7 @@ static int tpmt_public_to_yaml(const TPMT_PUBLIC *public, key_value auth_data = KVP_ADD_TPM2B("authorization data", &public->authPolicy); - return add_kvp(doc, root, &auth_data); + return add_kvp(y, root, &auth_data); } tool_rc tpm2_yaml_tpmt_public(tpm2_yaml *y, const TPMT_PUBLIC *public) { @@ -468,7 +492,7 @@ tool_rc tpm2_yaml_tpmt_public(tpm2_yaml *y, const TPMT_PUBLIC *public) { assert(public); int r = tpmt_public_to_yaml(public, - &y->doc, y->root); + y, y->root); return r ? tool_rc_success: tool_rc_general_error; } @@ -483,7 +507,7 @@ tool_rc tpm2_yaml_dump(tpm2_yaml *y, FILE *f) { return tool_rc_general_error; } - //yaml_emitter_set_canonical(&emitter, 1); + yaml_emitter_set_canonical(&emitter, y->canonical); yaml_emitter_set_output_file(&emitter, f); diff --git a/lib/tpm2_yaml.h b/lib/tpm2_yaml.h index d8c52fc2c..3053efb93 100644 --- a/lib/tpm2_yaml.h +++ b/lib/tpm2_yaml.h @@ -7,11 +7,12 @@ typedef struct tpm2_yaml tpm2_yaml; -tpm2_yaml *tpm2_yaml_new(void); +tpm2_yaml *tpm2_yaml_new(int canonical); void tpm2_yaml_free(tpm2_yaml *y); tool_rc tpm2_yaml_tpm2b_name(const TPM2B_NAME *name, tpm2_yaml *y); +tool_rc tpm2_yaml_qualified_name(const TPM2B_NAME *qname, tpm2_yaml *y); tool_rc tpm2_yaml_tpmt_public(tpm2_yaml *y, const TPMT_PUBLIC *public); diff --git a/tools/tpm2_readpublic.c b/tools/tpm2_readpublic.c index a2af7fa23..982529016 100644 --- a/tools/tpm2_readpublic.c +++ b/tools/tpm2_readpublic.c @@ -41,13 +41,10 @@ static tool_rc read_public_and_save(ESYS_CONTEXT *ectx, tpm2_yaml *doc) { return tmp_rc; } -// TODO BILL -// tpm2_tool_output("name: "); -// UINT16 i; -// for (i = 0; i < name->size; i++) { -// tpm2_tool_output("%02x", name->name[i]); -// } -// tpm2_tool_output("\n"); + rc = tpm2_yaml_tpm2b_name(name, doc); + if (rc != tool_rc_success) { + goto out; + } bool ret = true; if (ctx.out_name_file) { @@ -59,14 +56,11 @@ static tool_rc read_public_and_save(ESYS_CONTEXT *ectx, tpm2_yaml *doc) { } } - // TODO BILL -// tpm2_tool_output("qualified name: "); -// for (i = 0; i < qualified_name->size; i++) { -// tpm2_tool_output("%02x", qualified_name->name[i]); -// } -// tpm2_tool_output("\n"); + rc = tpm2_yaml_qualified_name(qualified_name, doc); + if (rc != tool_rc_success) { + goto out; + } - //TODO tpm2_util_public_to_yaml(public, NULL); rc = tpm2_yaml_tpmt_public(doc, &public->publicArea); if (rc != tool_rc_success) { goto out; diff --git a/tools/tpm2_tool.c b/tools/tpm2_tool.c index afec7c5c6..702b764d0 100644 --- a/tools/tpm2_tool.c +++ b/tools/tpm2_tool.c @@ -259,7 +259,7 @@ int main(int argc, char **argv) { bool output = !((ctx.tool_opts->flags & TPM2_OPTIONS_NO_OUTPUT) || flags.quiet); if (output) { - ctx.doc = tpm2_yaml_new(); + ctx.doc = tpm2_yaml_new(flags.canonical); if (!ctx.doc) { exit(tool_rc_general_error); }