security+tools: deprecate TPM unlock functionality
And remove the implementation in the tpm-osxkeychain backend
Refs: #4754
Change-Id: I6d61b7aab83aba2c9128b524e178c71de8635b75
diff --git a/tools/ndnsec/main.cpp b/tools/ndnsec/main.cpp
index 7609345..aa6ce37 100644
--- a/tools/ndnsec/main.cpp
+++ b/tools/ndnsec/main.cpp
@@ -1,6 +1,6 @@
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
/*
- * Copyright (c) 2013-2023 Regents of the University of California.
+ * Copyright (c) 2013-2024 Regents of the University of California.
*
* This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
*
@@ -35,7 +35,6 @@
Available commands:
help Print this help text
- version Print program version
list List all known identities/keys/certificates
get-default Show the default identity/key/certificate
set-default Change the default identity/key/certificate
@@ -47,9 +46,9 @@
cert-install Import a certificate from a file
export Export an identity as a SafeBag
import Import an identity from a SafeBag
- unlock-tpm Unlock the TPM
+ version Print version information
-Try 'ndnsec COMMAND --help' for more information on a command.
+Run 'ndnsec COMMAND --help' for more information on a command.
)STR";
int
diff --git a/tools/ndnsec/unlock-tpm.cpp b/tools/ndnsec/unlock-tpm.cpp
index 97cd702..e76d7f1 100644
--- a/tools/ndnsec/unlock-tpm.cpp
+++ b/tools/ndnsec/unlock-tpm.cpp
@@ -1,6 +1,6 @@
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
/*
- * Copyright (c) 2013-2023 Regents of the University of California.
+ * Copyright (c) 2013-2024 Regents of the University of California.
*
* This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
*
@@ -33,6 +33,8 @@
int
ndnsec_unlock_tpm(int argc, char** argv)
{
+ std::cerr << "DEPRECATION NOTICE: ndnsec-unlock-tpm is deprecated.\n";
+
namespace po = boost::program_options;
po::options_description description(
@@ -68,7 +70,10 @@
return 1;
}
+#pragma GCC diagnostic push
+#pragma GCC diagnostic ignored "-Wdeprecated-declarations"
bool isUnlocked = keyChain.getTpm().unlockTpm(password, std::strlen(password));
+#pragma GCC diagnostic pop
OPENSSL_cleanse(password, std::strlen(password));
if (isUnlocked) {