When OCSF or modules return memory structures to applications, that memory is maintained by the application. Instead of using a model where the application passes memory blocks to the modules to work on, the OCSF model requires the application to supply memory functions. This has the advantage that applications are not required to know the size of memory blocks they supply to OCSF and the add-ins. The memory that the application receives is in its process space, and this prevents the application from walking through the memory of the OCSF or the modules. An application that has access to secure memory could supply functions to the Cryptographic Service Provider (CSP) for managing that memory. All data returned from the CSP will be through that secure memory. When the application no longer requires the memory, it is responsible for freeing it.
Applications register their memory functions with the service provider modules during attach time (CSSM_ModuleAttach), and with OCSF during initialization (CSSM_Init).