I am getting the CKR_DEVICE_MEMORY
error code for C_Encrypt
call using cryptoki library.
From the PKCS#11 spec, CKR_DEVICE_MEMORY
means The token doesnot have sufficient memory to perform the requested function.
Under what circumstances, do we get the token's memory completely full?
The HSM has been working 24x7 for 7 days continuously mostly encrypting and decrypting files during the day time with 2 parallel sessions. I haven't called C_Finalize
in the last 7 days. so cryptoki library has been working in its memory space from the point it has been initialised(see a related post on this).
I can see from my applications, debug log, what ever, i am allocating, i am deallocating so there is no memory leak from my application code.
UPDATE 1: There is a related detailed discussion on how i can call C_Finalize
in Application_End
of the ASP.NET. The main reason i couldn't use this because after recycling/timeout, the ASP.net threads access a single session resulting in CKR_OPERATION_ACTIVE error. In my case multiple applications are accessing the HSM via a webservice.