[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [GRAYMAIL] Re: [pkcs11] A question about C_Finalize
On 5/15/2015 8:35 AM, Mark Joseph wrote:
> From the Base Specification Version 2.40
>
> In Section 5.4 General-purpose functions, C_Finalize() the following text appears:
>
> "If several applications are using Cryptoki, each one should call C_Finalize.
> Each application’s call to
> C_Finalize should be preceded by a single call to C_Initialize;"
>
> I interpret this to mean: each *successful* call to C_Initialize should have a
> matching call to C_Finalize. What if
> the call to C_Initialize returns CKR_ARGUMENTS_BAD or
> CKR_CRYPTOKI_ALREADY_INITIALIZED, does the application
> still call C_Finalize ??
>
> I looked in the User Guide and found nothing to clarify this point.
Hi Mark-
Sorry missed this email before. You have interpreted it the same way that we
have, that every successful call to C_Initialize requires a call to C_Finalize
In our documentation, we actually have special advice regarding the use of
C_Finalize with respect to libraries: the advice is don't call it.
From our libpkcs11 man page:
Because C_Initalize() might have been called by both an application and
a library, it is not safe for a library or its plugins to call C_Final-
ize(). A library can be finished calling functions from libpkcs11,
while an application might not.
Valerie
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]