security+tools: remove deprecated TPM unlock functionality

Refs: #4754
Change-Id: I3c2ae4013064e757b66358a47866c38252a0eef1

Author: Pesa

docs/conf.py

@@ -101,7 +101,6 @@ def addExtensionIfExists(extension: str):
     ('manpages/ndnsec-list',         'ndnsec-list',         'list all known NDN identities, keys, and certificates', [], 1),
     ('manpages/ndnsec-set-default',  'ndnsec-set-default',  'change the default NDN identity, key, or certificate for the current user', [], 1),
     ('manpages/ndnsec-sign-req',     'ndnsec-sign-req',     'generate an NDN certificate signing request',  [], 1),
-    ('manpages/ndnsec-unlock-tpm',   'ndnsec-unlock-tpm',   'unlock the TPM',                               [], 1),
     ('manpages/ndn-client.conf',     'ndn-client.conf',     'configuration file for NDN applications',      [], 5),
     ('manpages/ndn-log',             'ndn-log',             'ndn-cxx logging',                              [], 7),
 ]

docs/manpages/ndnsec-unlock-tpm.rst

@@ -1,6 +1,6 @@
 /* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
 /*
- * Copyright (c) 2013-2024 Regents of the University of California.
+ * Copyright (c) 2013-2025 Regents of the University of California.
  *
  * This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
  *
@@ -114,62 +114,6 @@ class BackEnd : noncopyable
   void
   importKey(const Name& keyName, shared_ptr<transform::PrivateKey> key);
 
-  /**
-   * @brief Check if the TPM is in terminal mode.
-   * @deprecated
-   *
-   * The default implementation always returns true.
-   */
-  [[deprecated]]
-  virtual bool
-  isTerminalMode() const
-  {
-    return true;
-  }
-
-  /**
-   * @brief Set the terminal mode of the TPM.
-   * @deprecated
-   *
-   * In terminal mode, the TPM will not ask for a password from the GUI.
-   * The default implementation does nothing.
-   */
-  [[deprecated]]
-  virtual void
-  setTerminalMode(bool isTerminal) const
-  {
-  }
-
-  /**
-   * @brief Check if the TPM is locked.
-   * @deprecated
-   *
-   * The default implementation always returns false.
-   */
-  [[deprecated]]
-  virtual bool
-  isTpmLocked() const
-  {
-    return false;
-  }
-
-  /**
-   * @brief Unlock the TPM.
-   * @deprecated
-   *
-   * The default implementation does nothing and always returns true.
-   *
-   * @param pw The password to unlock the TPM.
-   * @param pwLen The length of the password.
-   * @return True if the TPM was unlocked.
-   */
-  [[deprecated]]
-  [[nodiscard]] virtual bool
-  unlockTpm(const char* pw, size_t pwLen) const
-  {
-    return true;
-  }
-
 protected: // helper methods
   /**
    * @brief Construct and return the name of a RSA or EC key, based on @p identity and @p params.

ndn-cxx/security/tpm/back-end.hpp

@@ -1,6 +1,6 @@
 /* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
 /*
- * Copyright (c) 2013-2024 Regents of the University of California.
+ * Copyright (c) 2013-2025 Regents of the University of California.
  *
  * This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
  *
@@ -91,35 +91,6 @@ Tpm::decrypt(span<const uint8_t> buf, const Name& keyName) const
   return key ? key->decrypt(buf) : nullptr;
 }
 
-#pragma GCC diagnostic push
-#pragma GCC diagnostic ignored "-Wdeprecated-declarations"
-
-bool
-Tpm::isTerminalMode() const
-{
-  return m_backEnd->isTerminalMode();
-}
-
-void
-Tpm::setTerminalMode(bool isTerminal) const
-{
-  m_backEnd->setTerminalMode(isTerminal);
-}
-
-bool
-Tpm::isTpmLocked() const
-{
-  return m_backEnd->isTpmLocked();
-}
-
-bool
-Tpm::unlockTpm(const char* password, size_t passwordLength) const
-{
-  return m_backEnd->unlockTpm(password, passwordLength);
-}
-
-#pragma GCC diagnostic pop
-
 ConstBufferPtr
 Tpm::exportPrivateKey(const Name& keyName, const char* pw, size_t pwLen) const
 {

ndn-cxx/security/tpm/tpm.cpp

@@ -1,6 +1,6 @@
 /* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
 /*
- * Copyright (c) 2013-2024 Regents of the University of California.
+ * Copyright (c) 2013-2025 Regents of the University of California.
  *
  * This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
  *
@@ -126,44 +126,6 @@ class Tpm : noncopyable
   ConstBufferPtr
   decrypt(span<const uint8_t> buf, const Name& keyName) const;
 
-public: // Management
-  /**
-   * @brief Check if the TPM is in terminal mode.
-   * @deprecated
-   */
-  [[deprecated]]
-  bool
-  isTerminalMode() const;
-
-  /**
-   * @brief Set the terminal mode of the TPM.
-   * @deprecated
-   *
-   * When in terminal mode, the TPM will not ask user permission from GUI.
-   */
-  [[deprecated]]
-  void
-  setTerminalMode(bool isTerminal) const;
-
-  /**
-   * @return true if the TPM is locked, otherwise false.
-   * @deprecated
-   */
-  [[deprecated]]
-  bool
-  isTpmLocked() const;
-
-  /**
-   * @brief Unlock the TPM.
-   * @deprecated
-   *
-   * @param password The password to unlock the TPM.
-   * @param passwordLength The password size.
-   */
-  [[deprecated]]
-  [[nodiscard]] bool
-  unlockTpm(const char* password, size_t passwordLength) const;
-
 NDN_CXX_PUBLIC_WITH_TESTS_ELSE_PRIVATE: // operations accessible only by KeyChain
   /**
    * @brief Create a Tpm instance.

ndn-cxx/security/tpm/tpm.hpp

@@ -1,6 +1,6 @@
 /* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
 /*
- * Copyright (c) 2013-2024 Regents of the University of California.
+ * Copyright (c) 2013-2025 Regents of the University of California.
  *
  * This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
  *
@@ -86,7 +86,6 @@ main(int argc, char* argv[])
     else if (command == "cert-install") { return ndnsec_cert_install(argc, argv); }
     else if (command == "export")       { return ndnsec_export(argc, argv); }
     else if (command == "import")       { return ndnsec_import(argc, argv); }
-    else if (command == "unlock-tpm")   { return ndnsec_unlock_tpm(argc, argv); }
     else {
       std::cerr << "ERROR: Unknown command '" << command << "'\n\n" << NDNSEC_HELP_TEXT;
       return 2;

tools/ndnsec/main.cpp

@@ -1,6 +1,6 @@
 /* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
 /*
- * Copyright (c) 2013-2023 Regents of the University of California.
+ * Copyright (c) 2013-2025 Regents of the University of California.
  *
  * This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
  *
@@ -59,9 +59,6 @@ ndnsec_export(int argc, char** argv);
 int
 ndnsec_import(int argc, char** argv);
 
-int
-ndnsec_unlock_tpm(int argc, char** argv);
-
 } // namespace ndn::ndnsec
 
 #endif // NDN_CXX_TOOLS_NDNSEC_NDNSEC_HPP

tools/ndnsec/ndnsec.hpp

@@ -16,6 +16,6 @@ def build(bld):
 
     # create convenience symlinks
     for cmd in ('list', 'get-default', 'set-default', 'delete',
-                'key-gen', 'sign-req', 'cert-gen', 'cert-install',
-                'cert-dump', 'export', 'import', 'unlock-tpm'):
+                'key-gen', 'sign-req', 'cert-gen', 'cert-dump',
+                'cert-install', 'export', 'import'):
         bld.symlink_as('${BINDIR}/ndnsec-%s' % cmd, 'ndnsec')