[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [pkcs11] A question about C_Finalize
On 5/15/2015 8:35 AM, Mark Joseph wrote:
From the Base Specification Version 2.40 In Section 5.4 General-purpose functions, C_Finalize() the following text appears: "If several applications are using Cryptoki, each one should call C_Finalize. Each application’s call to C_Finalize should be preceded by a single call to C_Initialize;" I interpret this to mean: each *successful* call to C_Initialize should have a matching call to C_Finalize. What if the call to C_Initialize returns CKR_ARGUMENTS_BAD or CKR_CRYPTOKI_ALREADY_INITIALIZED, does the application still call C_Finalize ?? I looked in the User Guide and found nothing to clarify this point.
Hi Mark-Sorry missed this email before. You have interpreted it the same way that we have, that every successful call to C_Initialize requires a call to C_Finalize
In our documentation, we actually have special advice regarding the use of C_Finalize with respect to libraries: the advice is don't call it.
From our libpkcs11 man page:
Because C_Initalize() might have been called by both an application and
a library, it is not safe for a library or its plugins to call C_Final-
ize(). A library can be finished calling functions from libpkcs11,
while an application might not.
Valerie
--
NOTE: Using voice recognition software, forgive typos/grammar mistakes!
Valerie Fenwick, http://bubbva.blogspot.com/ @bubbva
Solaris Cryptographic & Key Management Technologies, Manager
Oracle Corporation: 4180 Network Circle, Santa Clara, CA, 95054.
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]