From 4a3b0583c4e1756ea0d732c84bedde90f4ee5676 Mon Sep 17 00:00:00 2001
From: Luc <luc@bijl.us>
Date: Thu, 31 Jul 2025 13:48:59 +0200
Subject: [PATCH] src/zlevis-decrypt: update

Silenced tpm2_unseal error when TPM is empty.
---
 src/zlevis-decrypt | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/zlevis-decrypt b/src/zlevis-decrypt
index e0798b1..7cac845 100755
--- a/src/zlevis-decrypt
+++ b/src/zlevis-decrypt
@@ -122,7 +122,7 @@ rm -f "$tmp_jwk_pub" "$tmp_jwk_priv" "$tmp_primary_context"
 
 # Unseal the JWK from the TPM
 case "$tpm2tools_version" in
-    4|5) jwk="$(tpm2_unseal -c "$tmp_load_context" ${pcr_spec:+-p pcr:$pcr_spec})" || fail=$?;;
+    4|5) jwk="$(tpm2_unseal -c "$tmp_load_context" ${pcr_spec:+-p pcr:$pcr_spec} 2>/dev/null)" || fail=$?;;
     *) fail=1;;
 esac
 if [ -n "$fail" ]; then
@@ -138,4 +138,4 @@ rm -f "$tmp_load_context"
 (echo "$jwk$hdr."; /bin/cat) | jose jwe dec -k- -i-
 
 # Exit with the status of the last command
-exit $?
\ No newline at end of file
+exit $?