OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

pkcs11 message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Re: [GRAYMAIL] Re: [pkcs11] A question about C_Finalize

On 5/15/2015 8:35 AM, Mark Joseph wrote:
>  From the Base Specification Version 2.40
> In Section 5.4 General-purpose functions, C_Finalize() the following text appears:
> "If several applications are using Cryptoki, each one should call C_Finalize.
> Each application’s call to
> C_Finalize should be preceded by a single call to C_Initialize;"
> I interpret this to mean: each *successful* call to C_Initialize should have a
> matching call to C_Finalize.  What if
> the call to C_Initialize returns CKR_ARGUMENTS_BAD or
> still call C_Finalize ??
> I looked in the User Guide and found nothing to clarify this point.

Hi Mark-

Sorry missed this email before. You have interpreted it the same way that we
have, that every successful call to C_Initialize requires a call to C_Finalize

In our documentation, we actually have special advice regarding the use of
C_Finalize with respect to libraries: the advice is don't call it.

From our libpkcs11 man page:

       Because C_Initalize() might have been called by both an application and
       a library, it is not safe for a library or its plugins to call C_Final-
       ize(). A library can be  finished  calling  functions  from  libpkcs11,
       while an application might not.


Thanks Valerie, but couldn't the above result in memory leaks?
If only the code that received CKR_OK from C_Initialize() calls C_Finalize() and
C_Initialize() returns an error "already initialized" if previously called, then that should work and avoid memory leaks right?
Otherwise the PKCS11 has to implement reference counting?

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]