OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

pkcs11 message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Re: [pkcs11] A question about C_Finalize

On 5/15/2015 8:35 AM, Mark Joseph wrote:
 From the Base Specification Version 2.40

In Section 5.4 General-purpose functions, C_Finalize() the following text appears:

"If several applications are using Cryptoki, each one should call C_Finalize.
Each application’s call to
C_Finalize should be preceded by a single call to C_Initialize;"

I interpret this to mean: each *successful* call to C_Initialize should have a
matching call to C_Finalize.  What if
the call to C_Initialize returns CKR_ARGUMENTS_BAD or
still call C_Finalize ??

I looked in the User Guide and found nothing to clarify this point.

Hi Mark-

Sorry missed this email before. You have interpreted it the same way that we have, that every successful call to C_Initialize requires a call to C_Finalize

In our documentation, we actually have special advice regarding the use of C_Finalize with respect to libraries: the advice is don't call it.

From our libpkcs11 man page:

       Because C_Initalize() might have been called by both an application and
       a library, it is not safe for a library or its plugins to call C_Final-
       ize(). A library can be  finished  calling  functions  from  libpkcs11,
       while an application might not.

NOTE: Using voice recognition software, forgive typos/grammar mistakes!
Valerie Fenwick, http://bubbva.blogspot.com/ @bubbva
Solaris Cryptographic & Key Management Technologies, Manager
Oracle Corporation: 4180 Network Circle, Santa Clara, CA, 95054.

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]