views:

58

answers:

2

My application access the HSM via a ASP.NET web service through PKCS#11. I initialise the cryptoki library and obtain a session handle. Web-service hold on to this handle to perform encryption/decryption/signing/verifying in a batch mode.

The problem i am facing is The ASP.NET web service time-outs' after 20 minutes. This act- i think, unloads the cryptoki library and the session handle held by the web-service becomes invalid. Yes, i agree that the ASP.NET web-service can be reconfigured not to time-out, which will keep the cryptoki library always loaded.

My question is What happens to the session handle which i obtained in the first place from the HSM?. Will it be lost or will it be there unused? I am asking this because, i am not closing the opened session properly by calling c_closeSession.

The web-service is implemented via a Thread pool

Thanks

+1  A: 

From the theoretical perspective, you should read the PKCS#11 spec, it is all written there, from section 6.6 onwards

From the practical perspecgive, an application becomes a cryptoki application after it calls C_Initialize. The concept of a session and its identifier may be relayed by a small wrapper library to a longrunning PKCS#11 process, that actually talks to the HSM, but may not. If the process that was a cryptoki application dies, so will do all the virtual resources (what a session is).

Where exactly is the problem? Opening a session could be a pretty cheap operation most of the time, unless you are sure (have measured) that it is the bottleneck, don't optimize and open and close a session for a request, if you can't control the lifespan of the cryptoki process.

martin
@Martin- My tests show that any opened session, if not closed properly using the relevant cryptoki calls, remain in the HSM; These results are inline with Rasmus explanation. I am yet to measure the overhead of individual sessions. Will update once done.
Raj
+1  A: 

You are supposed to call C_Finalize() when you are done using the cryptoki library. A well-written implementation might be robust against you not doing so, but there are no guarantees. Your open sessions may be kept alive on the HSM and perhaps in the driver.

Strongly consider calling C_Finalize() from your Application_End().

Rasmus Faber
@Rasmus: One of the requirements for me is that the HSM should be available 24x7; SO i donot have the flexibility to call C_Finalize() in Application_End(). Please see my update in the other thread which you have linked already. Thanks
Raj
@Rasmus: My tests show that if a session has been opened already, and the webservice dies without having an opportunity to close the session properly, then that session remains alive in the HSM, as mentioned in your post. I also notice that it is occupying the resources.
Raj