CSPs should maintain session key objects and hash objects in volatile memory. These objects are created respectively via the CPGenKey and CPCreateHash functions, and destroyed via the CPDestroyKey and CPDestroyHash functions. These objects should also be destroyed when their associated key container (or "user context") is released via the CPReleaseContext function.