Hello, On Nov 4, 2010, at 8:05 PM, Jean-Michel Pouré - GOOZE wrote:
> Le jeudi 04 novembre 2010 à 18:37 +0100, Nikos Mavrogiannopoulos a > écrit : >> I'm trying to destroy an object I created on a Feitian PKI smart card >> using pkcs11 calls. My result is CKR_GENERAL_ERROR. I can reproduce it >> using the pkcs11-tool: > > On the Feitian PKI and most smartcards, objects cannot be deleted, per > spec. This is a security feature, to make sure objects are not replaced > by attackers. The same applies for RSA keys. > > The only way to replace objects/certs is to initialize the card and copy > them to card. Feitian card OS does not support deleting files. See the relevant ticket [1] on Trac. I don't think it is a security feature, deleting files (or overwriting) must be controlled by ACL-s like any other operation with the card. Replacing objects (updating files with UPDATE BINARY (INS=0xD6)) is possible with Feitian cards as well as others. [1] http://www.opensc-project.org/opensc/ticket/215 -- @MartinPaljak.net +3725156495 _______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
