wolfSSL · dgarske · Oct 2, 2025 · Oct 1, 2025 · Oct 1, 2025 · Oct 2, 2025
diff --git a/lib/wolfPKCS11 b/lib/wolfPKCS11
diff --git a/src/pkcs11_store.c b/src/pkcs11_store.c
@@ -530,4 +530,17 @@ int wolfPKCS11_Store_Write(void* store, unsigned char* buffer, int len)
     return len;
 }
 
+int wolfPKCS11_Store_Remove(int type, CK_ULONG id1, CK_ULONG id2)
+{
+    uint8_t* buf;
+
+    check_vault();
+    buf = find_object_buffer((int32_t)type, (uint32_t)id1, (uint32_t)id2);
+    if (buf == NULL)
+        return NOT_AVAILABLE_E;
+
+    delete_object((int32_t)type, (uint32_t)id1, (uint32_t)id2);
+    return 0;
+}
+
 #endif /* SECURE_PKCS11 */
diff --git a/tools/unit-tests/unit-pkcs11_store.c b/tools/unit-tests/unit-pkcs11_store.c
@@ -55,6 +55,7 @@
 
 #include "user_settings.h"
 #include "wolfssl/wolfcrypt/sha.h"
+#include "wolfssl/wolfcrypt/error-crypt.h"
 #include "wolfboot/wolfboot.h"
 #include "wolfpkcs11/pkcs11.h"
 #include "hal.h"
@@ -264,6 +265,18 @@ START_TEST (test_store_and_load_objs) {
     ck_assert(ret == strlen(short_string) + 1);
     ck_assert(strcmp(short_string, secret_rd) == 0);
     wolfPKCS11_Store_Close(store);
+
+    /* Remove the object and confirm it is no longer addressable */
+    ret = wolfPKCS11_Store_Remove(type, id_tok, id_obj);
+    ck_assert_msg(ret == 0, "Failed to delete vault: %d", ret);
+
+    readonly = 1;
+    ret = wolfPKCS11_Store_Open(type, id_tok, id_obj, readonly, &store);
+    ck_assert_int_eq(ret, NOT_AVAILABLE_E);
+
+    /* Second removal attempt should report the object is already gone */
+    ret = wolfPKCS11_Store_Remove(type, id_tok, id_obj);
+    ck_assert_int_eq(ret, NOT_AVAILABLE_E);
 }
 END_TEST
+1 −1		.github/workflows/alpine-architecture-tests.yml
+1 −1		.github/workflows/build-workflow.yml
+1 −1		.github/workflows/clang-tidy.yml
+5 −2		.github/workflows/debian-package-test.yml
+40 −0		.github/workflows/firefox.yml
+19 −38		.github/workflows/nss-cmsutil-test.yml
+414 −0		.github/workflows/nss-pk12util-debian-test.yml
+370 −0		.github/workflows/nss-pk12util-test.yml
+153 −17		.github/workflows/nss-ssltap-test.yml
+163 −0		.github/workflows/nss.yml
+1 −1		.github/workflows/sanitizer-tests.yml
+278 −0		.github/workflows/scan-build.yml
+229 −0		.github/workflows/tpm2-store-test.yml
+8 −0		.github/workflows/unit-test.yml
+43 −0		.github/workflows/wolfpkcs11-nss-debian.patch
+1 −1		.github/workflows/wolfssl-v5.6.6-build-workflow.yml
+5 −0		.gitignore
+105 −0		Docker/firefox/Dockerfile
+16 −0		Docker/firefox/README.md
+26 −0		Docker/firefox/test-files/extension/background-script.js
+16 −0		Docker/firefox/test-files/extension/content.js
+25 −0		Docker/firefox/test-files/extension/manifest.json
+8 −0		Docker/firefox/test-files/nginx-files/certs/dhparam.pem
+14 −0		Docker/firefox/test-files/nginx-files/certs/server-ecc.crt
+8 −0		Docker/firefox/test-files/nginx-files/certs/server-ecc.key
+22 −0		Docker/firefox/test-files/nginx-files/certs/server-rsa.crt
+28 −0		Docker/firefox/test-files/nginx-files/certs/server-rsa.key
+235 −0		Docker/firefox/test-files/nginx-files/config/nginx.conf
+83 −0		Docker/firefox/test-files/nginx-files/html/index.html
+38 −0		Docker/firefox/test-files/nginx-files/scripts/generate-certs.sh
+4 −0		Docker/firefox/test-files/pkcs11.txt
+35 −0		Docker/firefox/test-files/selenium-script.sh
+190 −0		Docker/firefox/test-files/selenium-test.py
+8 −0		Docker/firefox/test-files/wolfPKCS11.json
+108 −1		README.md
+38 −3		configure.ac
+2 −2		debian/changelog
+1 −1		debian/rules
+10 −1		examples/include.am
+617 −0		examples/nss_pkcs12_pbe_example.c
+1 −1		examples/obj_list.c
+523 −0		examples/stm32_dhuk_aes_key.c
+689 −109		src/crypto.c
+1,849 −651		src/internal.c
+67 −2		src/slot.c
+107 −11		src/wolfpkcs11.c
+11 −6		tests/debug_test.c
+1 −14		tests/pkcs11mtt.c
+2,267 −95		tests/pkcs11test.c
+12 −0		tests/testdata.h
+27 −2		wolfpkcs11/internal.h
+81 −1		wolfpkcs11/pkcs11.h
+14 −0		wolfpkcs11/store.h
+2 −2		wolfpkcs11/version.h