Skip Navigation Links | |
Exit Print View | |
Developer's Guide to Oracle Solaris Security Oracle Solaris 10 8/11 Information Library |
1. Oracle Solaris Security for Developers (Overview)
2. Developing Privileged Applications
3. Writing PAM Applications and Services
4. Writing Applications That Use GSS-API
7. Writing Applications That Use SASL
8. Introduction to the Oracle Solaris Cryptographic Framework
Oracle Solaris Cryptography Terminology
Overview of the Cryptographic Framework
Components of the Cryptographic Framework
What Cryptography Developers Need to Know
Requirements for Developers of User-Level Consumers
Requirements for Developers of User-Level Providers
Requirements for Developers of Kernel-Level Consumers
9. Writing User-Level Cryptographic Applications and Providers
10. Using the Smart Card Framework
A. Sample C-Based GSS-API Programs
D. Source Code for SASL Example
User-level libraries that plug into the cryptographic framework should supply a _fini() function. The _fini() function is called by the loader when the library is unloaded. The _fini() function is required to ensure that all cleanup is done correctly at the right time. Libraries that use libpkcs11 are not supposed to call C_Finalize(), because libpkcs11 is a shared library that could potentially be in use by the application.
To supply a _fini() function, you need to create a .fini section in the program data section of a relocatable object. The .fini section provides a runtime termination code block. See Linker and Libraries Guide. The following code sample demonstrates how to design a .fini section.
Example 8-1 Supplying _fini() to PKCS #11 Libraries
#pragma fini(pkcs11_fini) static void pkcs11_fini(); /* [... (other library code omitted)] */ static void pkcs11_fini() { (void) pthread_mutex_lock(&pkcs11mutex); /* If CRYPTOKI is not initialized, do not clean up */ if (!initialized) { (void) pthread_mutex_unlock(&pkcs11mutex); return; } (void) finalize_routine(NULL_PTR); (void) pthread_mutex_unlock(&pkcs11mutex); }