security+tools: deprecate TPM unlock functionality

And remove the implementation in the tpm-osxkeychain backend

Refs: #4754
Change-Id: I6d61b7aab83aba2c9128b524e178c71de8635b75

Author: Pesa

docs/manpages/ndnsec-unlock-tpm.rst

@@ -9,5 +9,7 @@ Synopsis
 Description
 -----------
 
+**DEPRECATED**
+
 This command can be used to (temporarily) unlock the local
 **Trusted Platform Module (TPM)** that manages the private keys.

docs/manpages/ndnsec.rst

@@ -56,9 +56,6 @@ The following commands are understood:
 :doc:`import <ndnsec-import>`
   Import an identity from a SafeBag.
 
-:doc:`unlock-tpm <ndnsec-unlock-tpm>`
-  Unlock the TPM.
-
 Exit Status
 -----------
 

ndn-cxx/security/tpm/back-end.cpp

@@ -1,6 +1,6 @@
 /* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
 /*
- * Copyright (c) 2013-2023 Regents of the University of California.
+ * Copyright (c) 2013-2024 Regents of the University of California.
  *
  * This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
  *
@@ -145,27 +145,4 @@ BackEnd::constructHmacKeyName(const transform::PrivateKey& key, const Name& iden
   return Name(identity).append(name::Component(key.getKeyDigest(DigestAlgorithm::SHA256)));
 }
 
-bool
-BackEnd::isTerminalMode() const
-{
-  return true;
-}
-
-void
-BackEnd::setTerminalMode(bool isTerminal) const
-{
-}
-
-bool
-BackEnd::isTpmLocked() const
-{
-  return false;
-}
-
-bool
-BackEnd::unlockTpm(const char* pw, size_t pwLen) const
-{
-  return !isTpmLocked();
-}
-
 } // namespace ndn::security::tpm

ndn-cxx/security/tpm/back-end.hpp

@@ -1,6 +1,6 @@
 /* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
 /*
- * Copyright (c) 2013-2023 Regents of the University of California.
+ * Copyright (c) 2013-2024 Regents of the University of California.
  *
  * This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
  *
@@ -116,45 +116,59 @@ class BackEnd : noncopyable
 
   /**
    * @brief Check if the TPM is in terminal mode.
+   * @deprecated
    *
    * The default implementation always returns true.
-   *
-   * @return True if in terminal mode, false otherwise.
    */
+  [[deprecated]]
   virtual bool
-  isTerminalMode() const;
+  isTerminalMode() const
+  {
+    return true;
+  }
 
   /**
    * @brief Set the terminal mode of the TPM.
+   * @deprecated
    *
    * In terminal mode, the TPM will not ask for a password from the GUI.
    * The default implementation does nothing.
    */
+  [[deprecated]]
   virtual void
-  setTerminalMode(bool isTerminal) const;
+  setTerminalMode(bool isTerminal) const
+  {
+  }
 
   /**
    * @brief Check if the TPM is locked.
+   * @deprecated
    *
    * The default implementation always returns false.
-   *
-   * @return True if locked, false otherwise.
    */
+  [[deprecated]]
   virtual bool
-  isTpmLocked() const;
+  isTpmLocked() const
+  {
+    return false;
+  }
 
   /**
    * @brief Unlock the TPM.
+   * @deprecated
    *
-   * The default implementation does nothing and returns `!isTpmLocked()`.
+   * The default implementation does nothing and always returns true.
    *
    * @param pw The password to unlock the TPM.
    * @param pwLen The length of the password.
-   *
    * @return True if the TPM was unlocked.
    */
+  [[deprecated]]
   [[nodiscard]] virtual bool
-  unlockTpm(const char* pw, size_t pwLen) const;
+  unlockTpm(const char* pw, size_t pwLen) const
+  {
+    return true;
+  }
 
 protected: // helper methods
   /**

ndn-cxx/security/tpm/impl/back-end-osx.cpp

@@ -1,6 +1,6 @@
 /* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
 /*
- * Copyright (c) 2013-2023 Regents of the University of California.
+ * Copyright (c) 2013-2024 Regents of the University of California.
  *
  * This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
  *
@@ -38,11 +38,9 @@ namespace ndn::security::tpm {
 namespace cfstring = ndn::detail::cfstring;
 using ndn::detail::CFReleaser;
 
-class BackEndOsx::Impl
+struct BackEndOsx::Impl
 {
-public:
   SecKeychainRef keyChainRef;
-  bool isTerminalMode = false;
 };
 
 static CFReleaser<CFDataRef>
@@ -187,8 +185,6 @@ exportItem(const KeyRefOsx& keyRef, transform::PrivateKey& outKey)
 BackEndOsx::BackEndOsx(const std::string&)
   : m_impl(make_unique<Impl>())
 {
-  SecKeychainSetUserInteractionAllowed(!m_impl->isTerminalMode);
-
   OSStatus res = SecKeychainCopyDefault(&m_impl->keyChainRef);
   if (res == errSecNoDefaultKeychain) {
     NDN_THROW(Error("No default keychain, create one first"));
@@ -204,49 +200,6 @@ BackEndOsx::getScheme()
   return scheme;
 }
 
-bool
-BackEndOsx::isTerminalMode() const
-{
-  return m_impl->isTerminalMode;
-}
-
-void
-BackEndOsx::setTerminalMode(bool isTerminal) const
-{
-  m_impl->isTerminalMode = isTerminal;
-  SecKeychainSetUserInteractionAllowed(!isTerminal);
-}
-
-bool
-BackEndOsx::isTpmLocked() const
-{
-  SecKeychainStatus keychainStatus;
-  OSStatus res = SecKeychainGetStatus(m_impl->keyChainRef, &keychainStatus);
-  if (res != errSecSuccess)
-    return true;
-  else
-    return (kSecUnlockStateStatus & keychainStatus) == 0;
-}
-
-bool
-BackEndOsx::unlockTpm(const char* pw, size_t pwLen) const
-{
-  // If the default key chain is already unlocked, return immediately.
-  if (!isTpmLocked())
-    return true;
-
-  if (m_impl->isTerminalMode) {
-    // Use the supplied password.
-    SecKeychainUnlock(m_impl->keyChainRef, pwLen, pw, true);
-  }
-  else {
-    // If inTerminal is not set, get the password from GUI.
-    SecKeychainUnlock(m_impl->keyChainRef, 0, nullptr, false);
-  }
-
-  return !isTpmLocked();
-}
-
 ConstBufferPtr
 BackEndOsx::sign(const KeyRefOsx& key, DigestAlgorithm digestAlgo, const InputBuffers& bufs)
 {

ndn-cxx/security/tpm/impl/back-end-osx.hpp

@@ -1,6 +1,6 @@
 /* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
 /*
- * Copyright (c) 2013-2023 Regents of the University of California.
+ * Copyright (c) 2013-2024 Regents of the University of California.
  *
  * This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
  *
@@ -51,19 +51,6 @@ class BackEndOsx final : public BackEnd
   static const std::string&
   getScheme();
 
-public: // management
-  bool
-  isTerminalMode() const final;
-
-  void
-  setTerminalMode(bool isTerminal) const final;
-
-  bool
-  isTpmLocked() const final;
-
-  bool
-  unlockTpm(const char* pw, size_t pwLen) const final;
-
 public: // crypto transformation
   /**
    * @brief Sign @p bufs with @p key using @p digestAlgorithm.
@@ -103,7 +90,7 @@ class BackEndOsx final : public BackEnd
   doImportKey(const Name& keyName, shared_ptr<transform::PrivateKey> key) final;
 
 private:
-  class Impl;
+  struct Impl;
   const unique_ptr<Impl> m_impl;
 };
 

ndn-cxx/security/tpm/tpm.cpp

@@ -1,6 +1,6 @@
 /* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
 /*
- * Copyright (c) 2013-2023 Regents of the University of California.
+ * Copyright (c) 2013-2024 Regents of the University of California.
  *
  * This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
  *
@@ -91,6 +91,9 @@ Tpm::decrypt(span<const uint8_t> buf, const Name& keyName) const
   return key ? key->decrypt(buf) : nullptr;
 }
 
+#pragma GCC diagnostic push
+#pragma GCC diagnostic ignored "-Wdeprecated-declarations"
+
 bool
 Tpm::isTerminalMode() const
 {
@@ -115,6 +118,8 @@ Tpm::unlockTpm(const char* password, size_t passwordLength) const
   return m_backEnd->unlockTpm(password, passwordLength);
 }
 
+#pragma GCC diagnostic pop
+
 ConstBufferPtr
 Tpm::exportPrivateKey(const Name& keyName, const char* pw, size_t pwLen) const
 {

ndn-cxx/security/tpm/tpm.hpp

@@ -1,6 +1,6 @@
 /* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
 /*
- * Copyright (c) 2013-2023 Regents of the University of California.
+ * Copyright (c) 2013-2024 Regents of the University of California.
  *
  * This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
  *
@@ -129,30 +129,38 @@ class Tpm : noncopyable
 public: // Management
   /**
    * @brief Check if the TPM is in terminal mode.
+   * @deprecated
    */
+  [[deprecated]]
   bool
   isTerminalMode() const;
 
   /**
    * @brief Set the terminal mode of the TPM.
+   * @deprecated
    *
    * When in terminal mode, the TPM will not ask user permission from GUI.
    */
+  [[deprecated]]
   void
   setTerminalMode(bool isTerminal) const;
 
   /**
    * @return true if the TPM is locked, otherwise false.
+   * @deprecated
    */
+  [[deprecated]]
   bool
   isTpmLocked() const;
 
   /**
    * @brief Unlock the TPM.
+   * @deprecated
    *
    * @param password The password to unlock the TPM.
    * @param passwordLength The password size.
    */
+  [[deprecated]]
   [[nodiscard]] bool
   unlockTpm(const char* password, size_t passwordLength) const;
 

tools/ndnsec/main.cpp

@@ -1,6 +1,6 @@
 /* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
 /*
- * Copyright (c) 2013-2023 Regents of the University of California.
+ * Copyright (c) 2013-2024 Regents of the University of California.
  *
  * This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
  *
@@ -35,7 +35,6 @@ constexpr std::string_view NDNSEC_HELP_TEXT = R"STR(Usage: ndnsec COMMAND [OPTIO
 
 Available commands:
   help           Print this help text
-  version        Print program version
   list           List all known identities/keys/certificates
   get-default    Show the default identity/key/certificate
   set-default    Change the default identity/key/certificate
@@ -47,9 +46,9 @@ Available commands:
   cert-install   Import a certificate from a file
   export         Export an identity as a SafeBag
   import         Import an identity from a SafeBag
-  unlock-tpm     Unlock the TPM
+  version        Print version information
 
-Try 'ndnsec COMMAND --help' for more information on a command.
+Run 'ndnsec COMMAND --help' for more information on a command.
 )STR";
 
 int

tools/ndnsec/unlock-tpm.cpp

@@ -1,6 +1,6 @@
 /* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
 /*
- * Copyright (c) 2013-2023 Regents of the University of California.
+ * Copyright (c) 2013-2024 Regents of the University of California.
  *
  * This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
  *
@@ -33,6 +33,8 @@ namespace ndn::ndnsec {
 int
 ndnsec_unlock_tpm(int argc, char** argv)
 {
+  std::cerr << "DEPRECATION NOTICE: ndnsec-unlock-tpm is deprecated.\n";
+
   namespace po = boost::program_options;
 
   po::options_description description(
@@ -68,7 +70,10 @@ ndnsec_unlock_tpm(int argc, char** argv)
     return 1;
   }
 
+#pragma GCC diagnostic push
+#pragma GCC diagnostic ignored "-Wdeprecated-declarations"
   bool isUnlocked = keyChain.getTpm().unlockTpm(password, std::strlen(password));
+#pragma GCC diagnostic pop
   OPENSSL_cleanse(password, std::strlen(password));
 
   if (isUnlocked) {