fido2: hide "FIDO2" in gocryptfs.conf if not used

Result of:

$ gocryptfs -init foo
$ cat foo/gocryptfs.conf

Before:

{
	"Creator": "gocryptfs v2.0.1",
	"EncryptedKey": "FodEdNHD/cCwv1n5BuyAkbIOnJ/O5gfdCh3YssUCJ2DUr0A8DrQ5NH2SLhREeWRL3V8EMiPO2Ncr5IVwE4SSxQ==",
	"ScryptObject": {
		"Salt": "brGaw9Jg1kbPuSXFiwoxqK2oXFTgbniSgpiB+cu+67Y=",
		"N": 65536,
		"R": 8,
		"P": 1,
		"KeyLen": 32
	},
	"Version": 2,
	"FeatureFlags": [
		"GCMIV128",
		"HKDF",
		"DirIV",
		"EMENames",
		"LongNames",
		"Raw64"
	],
	"FIDO2": {
		"CredentialID": null,
		"HMACSalt": null
	}
}

After:

{
	"Creator": "gocryptfs v2.0.1-5-gf9718eb-dirty.DerDonut-badnamecontent",
	"EncryptedKey": "oFMj1lS1ZsM/vEfanNMeCTPw3PZr5VWeL7ap8Jd8YQm6evy2BAhtQ/pd6RzDx84wlCz9TpxqHRihuwSEMnOWWg==",
	"ScryptObject": {
		"Salt": "JZ/5mhy4a8EAQ/wDF1POIEe4/Ss38cfJgXgj26DuA4M=",
		"N": 65536,
		"R": 8,
		"P": 1,
		"KeyLen": 32
	},
	"Version": 2,
	"FeatureFlags": [
		"GCMIV128",
		"HKDF",
		"DirIV",
		"EMENames",
		"LongNames",
		"Raw64"
	]
}

1 files changed, 5 insertions, 3 deletions

diff --git a/internal/configfile/config_file.go b/internal/configfile/config_file.go
index e4921f7..40dda38 100644
--- a/internal/configfile/config_file.go
+++ b/internal/configfile/config_file.go
@@ -56,7 +56,7 @@ type ConfFile struct {
 	// stored in the superblock.
 	FeatureFlags []string
 	// FIDO2 parameters
-	FIDO2 FIDO2Params
+	FIDO2 *FIDO2Params `json:",omitempty"`
 	// Filename is the name of the config file. Not exported to JSON.
 	filename string
 }
@@ -102,8 +102,10 @@ func Create(filename string, password []byte, plaintextNames bool,
 	}
 	if len(fido2CredentialID) > 0 {
 		cf.FeatureFlags = append(cf.FeatureFlags, knownFlags[FlagFIDO2])
-		cf.FIDO2.CredentialID = fido2CredentialID
-		cf.FIDO2.HMACSalt = fido2HmacSalt
+		cf.FIDO2 = &FIDO2Params{
+			CredentialID: fido2CredentialID,
+			HMACSalt:     fido2HmacSalt,
+		}
 	}
 	{
 		// Generate new random master key