Skip to content

Commit

Permalink
util: mark some APIs as deprecated
Browse files Browse the repository at this point in the history
  • Loading branch information
@chrisccoulson
chrisccoulson committed Apr 18, 2024
1 parent ac398b4 commit 86f59c1
Show file tree
Hide file tree
Showing 2 changed files with 8 additions and 0 deletions.
4 changes: 4 additions & 0 deletions util/policy.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,8 @@ import (
// is that it is possible to compute digests for PolicySecret and PolicyNV assertions
// without knowledge of the authorization value of the authorizing entities used for those
// commands.
//
// Deprecated: Use [policyutil.PolicyBuilder].
type TrialAuthPolicy struct {
alg tpm2.HashAlgorithmId
digest tpm2.Digest
Expand All @@ -29,6 +31,8 @@ type TrialAuthPolicy struct {
// ComputeAuthPolicy creates a new context for computing an authorization policy digest.
// It will panic if the specified algorithm is not available. The caller should check
// this beforehand.
//
// Deprecated: Use [policyutil.NewPolicyBuilder].
func ComputeAuthPolicy(alg tpm2.HashAlgorithmId) *TrialAuthPolicy {
if !alg.Available() {
panic("unsupported digest algorithm or algorithm not linked in to binary")
Expand Down
4 changes: 4 additions & 0 deletions util/signatures.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -115,6 +115,8 @@ func SignPolicyAuthorization(key crypto.PrivateKey, scheme *tpm2.SigScheme, nonc
// ComputePolicyAuthorizeDigest computes a digest to sign from the supplied authorization policy
// digest and policy reference. The resulting digest can be signed to authorize the supplied policy
// with the TPM2_PolicyAuthorize assertion, using the [tpm2.TPMContext.PolicyAuthorize] function.
//
// Deprecated: Use [policyutil.ComputePolicyAuthorizationTBSDigest].
func ComputePolicyAuthorizeDigest(alg tpm2.HashAlgorithmId, approvedPolicy tpm2.Digest, policyRef tpm2.Nonce) (tpm2.Digest, error) {
if !alg.Available() {
return nil, errors.New("digest algorithm is not available")
Expand All @@ -133,6 +135,8 @@ func ComputePolicyAuthorizeDigest(alg tpm2.HashAlgorithmId, approvedPolicy tpm2.
//
// The digest algorithm used for the signature must match the name algorithm in the public area
// associated with the supplied private key.
//
// Deprecated: Use [policyutil.SignPolicyAuthorize].
func PolicyAuthorize(key crypto.PrivateKey, scheme *tpm2.SigScheme, approvedPolicy tpm2.Digest, policyRef tpm2.Nonce) (tpm2.Digest, *tpm2.Signature, error) {
hashAlg := scheme.AnyDetails().HashAlg
if !hashAlg.Available() {
Expand Down

0 comments on commit 86f59c1

Please sign in to comment.