diff --git a/src/api/encryption_keys_get.c b/src/api/encryption_keys_get.c
index 9fa370fd94a2115b3e3d35d52f90ed7a328a66d7..ec13c32a95b9f21d89f3d71aed438847ec856f3a 100644
--- a/src/api/encryption_keys_get.c
+++ b/src/api/encryption_keys_get.c
@@ -13,6 +13,10 @@ int callback_encryption_keys_get(const struct _u_request * request,
     // Initialise encrypted container.
     struct crypt_device * cd = NULL;
     r = container_initialise(&cd, DATA_PARTITION_DEVICE, true);
+    // A negative return code indicates that something went wrong with the
+    // initialisation of the encrypted container, so we need to free it.
+    // A positive return code means we couldn't even attempt the initialisation,
+    // so there is nothing to clean up.
     if (r < 0)
     {
         crypt_free(cd);
@@ -30,7 +34,7 @@ int callback_encryption_keys_get(const struct _u_request * request,
     bool in_use;
     bool last_used;
     int keyslot = 0;
-    for (keyslot = 0; keyslot <= 7; keyslot++)
+    for (keyslot = 0; keyslot <= crypt_keyslot_max(CRYPT_LUKS1); keyslot++)
     {
         // Create new json object containing info for this keyslot.
         key = json_object();
@@ -66,8 +70,7 @@ int callback_encryption_keys_get(const struct _u_request * request,
     }
 
     // Create json response.
-    json_t * json_body = NULL;
-    json_body = json_object();
+    json_t * json_body = json_object();
     json_object_set_new(json_body, "encryption-keys", keys);
 
     // Send response.