On Wed, 3 Mar 2010, Nikolay Elenkov wrote:
>> I agree. CK_C_INITIALIZE_ARGS are optional and by not providing
>> them we just say nothing about threads. And since we know that the CF is
>> thread safe, it's OK for us. It's good to note that the patch was
>> generated using code from OpenSolaris, no other changes were made.
>
>It works in Solaris, but since the spec says otherwise, it might not work with
>other PKCS#11 libraries (I have at least one such case). See my previous reply.
agreed but that's why the patch was written - for Solaris. I
should probably file a bug against that since it was not intentionally
buggy, or course, but I'm not sure we get to it any time soon, there is
a lot of stuff on our plate.
>>>> Well, destroying the private key is hardly the way to prevent memory leaks.
>>>> If, say, it were a smart card, with keys generated on the card, calling
>>>> C_DestroyObject will the destroy the only copy of the key on the card. And
>>>> that
>>>> is not good...
>>>
>>> But for non-token objects it does matter very much :) The key-by-ref project
>>> addresses this issue.
>>
>> exactly.
>
>I don't get how key-by-ref addresses this. See my previous reply.
before the key-by-ref project, all objects were just session
objects - no persistent objects at all. After the key-by-ref was
integrated, we distinguish between objects and C_DestroyObject() is
called only on session objects, never on token objects. What's more, we
use read-only sessions for that so it wouldn't be even possible to
destroy them there. That's intentional, to avoid any possibly buggy code
to do that.
J.
--
Jan Pechanec
http://blogs.sun.com/janp
