Apply review suggestions for compiling without tpm2 crypto backend

Co-authored-by: René Meusel <[email protected]>
randombit · Nov 11, 2024 · 192e4dc · 192e4dc
1 parent c9e47b6
commit 192e4dc
Show file tree

Hide file tree

Showing 3 changed files with 14 additions and 3 deletions.
diff --git a/src/lib/ffi/ffi.h b/src/lib/ffi/ffi.h
@@ -2345,6 +2345,9 @@ int botan_tpm2_enable_crypto_backend(botan_tpm2_crypto_backend_state_t* cbs_out,
 
 /**
 * Frees all resouces of a TPM2 Crypto Callback State
+* Note that this does not attempt to de-register the crypto backend,
+* it just frees the resource pointed to by @p cbs. Use the ESAPI function
+* ``Esys_SetCryptoCallbacks(ctx, nullptr)`` to deregister manually.
 * @param cbs TPM2 Crypto Callback State
 * @return 0 on success
 */

diff --git a/src/lib/ffi/ffi_tpm2.cpp b/src/lib/ffi/ffi_tpm2.cpp
@@ -13,10 +13,13 @@
 
 #if defined(BOTAN_HAS_TPM2)
    #include <botan/tpm2_context.h>
-   #include <botan/tpm2_crypto_backend.h>
    #include <botan/tpm2_key.h>
    #include <botan/tpm2_rng.h>
    #include <botan/tpm2_session.h>
+
+   #if defined(BOTAN_HAS_TPM2_CRYPTO_BACKEND)
+      #include <botan/tpm2_crypto_backend.h>
+   #endif
 #endif
 
 extern "C" {
@@ -39,7 +42,10 @@ struct botan_tpm2_session_wrapper {
 
 BOTAN_FFI_DECLARE_STRUCT(botan_tpm2_ctx_struct, botan_tpm2_ctx_wrapper, 0xD2B95E15);
 BOTAN_FFI_DECLARE_STRUCT(botan_tpm2_session_struct, botan_tpm2_session_wrapper, 0x9ACCAB52);
+
+   #if defined(BOTAN_HAS_TPM2_CRYPTO_BACKEND)
 BOTAN_FFI_DECLARE_STRUCT(botan_tpm2_crypto_backend_state_struct, Botan::TPM2::CryptoCallbackState, 0x1AC84DE5);
+   #endif
 
 }  // extern "C"
 

diff --git a/src/lib/prov/tpm2/tpm2_context.cpp b/src/lib/prov/tpm2/tpm2_context.cpp
@@ -35,7 +35,7 @@ constexpr TPM2_HANDLE storage_root_key_handle = TPM2_HR_PERSISTENT + 1;
 }  // namespace
 
 struct Context::Impl {
-      ESYS_CONTEXT* m_ctx;  /// m_ctx is owned by the library user
+      ESYS_CONTEXT* m_ctx;  /// m_ctx may be owned by the library user (see m_external)
       bool m_external;
 
 #if defined(BOTAN_HAS_TPM2_CRYPTO_BACKEND)
@@ -46,6 +46,8 @@ struct Context::Impl {
 bool Context::supports_botan_crypto_backend() noexcept {
 #if defined(BOTAN_HAS_TPM2_CRYPTO_BACKEND)
    return Botan::TPM2::supports_botan_crypto_backend();
+#else
+   return false;
 #endif
 }
 
@@ -79,7 +81,7 @@ std::shared_ptr<Context> Context::create(std::optional<std::string> tcti, std::o
 }
 
 std::shared_ptr<Context> Context::create(ESYS_CONTEXT* esys_ctx) {
-   BOTAN_ASSERT_NONNULL(esys_ctx);
+   BOTAN_ARG_CHECK(esys_ctx != nullptr, "provided esys_ctx must not be null");
 
    // We cannot std::make_shared as the constructor is private
    return std::shared_ptr<Context>(new Context(esys_ctx, true /* context is managed externally */));