Skip to content

feat(pkcs11-tool): add new --undestroyable #2645

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
Jakuje merged 1 commit into from
Nov 17, 2022
Merged

feat(pkcs11-tool): add new --undestroyable #2645

Jakuje merged 1 commit into from
Nov 17, 2022
+27 −6

Conversation

@AlexandreGonzalo
Copy link

@AlexandreGonzalo AlexandreGonzalo commented Nov 15, 2022

Hi All,

In this PR, I am adding a new option which can be used to mark the certificates as undestroyable.
Please, let me know if you want this option for the pkcs11-tool.
Regards,
Alexandre.

Checklist
  • Documentation is added or updated
  • New files have a LGPL 2.1 license statement
  • PKCS#11 module is tested
  • Windows minidriver is tested
  • macOS tokend is tested

Jakuje
Jakuje requested changes Nov 15, 2022
View reviewed changes
@Jakuje
Copy link
Member

Jakuje commented Nov 15, 2022

Code-wise looks good. Can you squash the changes into single commit?

@AlexandreGonzalo AlexandreGonzalo force-pushed the trustonic_pkcs11_undestroyable branch from 5557183 to 03a409c Compare November 15, 2022 17:25
@AlexandreGonzalo
Copy link
Author

AlexandreGonzalo commented Nov 15, 2022

Code-wise looks good. Can you squash the changes into single commit?

Done

@Jakuje Jakuje merged commit 1e77699 into OpenSC:master Nov 17, 2022
@Jakuje
Copy link
Member

Jakuje commented Nov 17, 2022

Thank you for your contribution!

@AlexandreGonzalo AlexandreGonzalo deleted the trustonic_pkcs11_undestroyable branch February 13, 2025 09:39
@zhangxiaohui1
Copy link

zhangxiaohui1 commented Sep 25, 2025
edited
Loading

I noticed that the --undestroyable option is currently only implemented for certificate objects (when using --write-object with --type cert). However, it does not seem to be supported for other object types such as privkey, pubkey, secrkey, or data.

This behavior is not documented in the help text of --undestroyable, which gives the impression that it should work universally across all writable object types.

Could you clarify:

Is this limitation intentional for security or technical reasons?
Would the project be open to extending --undestroyable support to all object types?
This feature would be valuable for use cases where long-term key material (e.g., device identity keys) must be protected from accidental or malicious deletion.

Thank you for your work on this essential tool!

@Jakuje
Copy link
Member

Jakuje commented Sep 25, 2025

Sounds like this was the author original use case to have undestroyable certificate. I think it makes sense to support this for other object types so feel free to open a PR with the changes to do so!

@AlexandreGonzalo
Copy link
Author

AlexandreGonzalo commented Sep 25, 2025

CKA_DESTROYABLE can be set for any storage object, it is not limited to certificates.
The limitation is because I could only test it with certificates.
Feel free to generalize it for all the storage objects.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@frankmorgner frankmorgner frankmorgner approved these changes

@Jakuje Jakuje Jakuje approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@AlexandreGonzalo @Jakuje @zhangxiaohui1 @frankmorgner