Managing Encryption and Certificates in Oracle^® Solaris 11.3

Adding a Software Provider

The following procedure explains how to add providers to the system. You must become an administrator who is assigned the Crypto Management rights profile. For more information, see Using Your Assigned Administrative Rights in Securing Users and Processes in Oracle Solaris 11.3.

How to Add a Software Provider

1. List the software providers that are available to the system.

   $ cryptoadm list
   User-level providers:
   Provider: /usr/lib/security/$ISA/pkcs11_kernel.so
   Provider: /usr/lib/security/$ISA/pkcs11_softtoken.so
   
   Kernel software providers:
   des
   aes
   arcfour
   blowfish
   camellia
   ecc
   sha1
   sha2
   md5
   rsa
   swrand
   n2rng/0
   

2. Add the package for a new provider from a repository.

   In this example, the pkcs11_tpm provider is added.

   $ pkg install system/library/security/pkcs11_tpm

3. Register the new provider with the Cryptographic Framework.

   $ cryptoadm install provider='/usr/lib/security/$ISA/pkcs11_tpm.so'

4. Locate the new provider on the list.

   In this case, a new user-level software provider was installed.

   $ cryptoadm list
   
   User-level providers:
   Provider: /usr/lib/security/$ISA/pkcs11_kernel.so
   Provider: /usr/lib/security/$ISA/pkcs11_softtoken.so
   Provider: /usr/lib/security/$ISA/pkcs11_tpm.so <  added provider
   
   Kernel providers:
   des
   aes
   arcfour
   blowfish
   camellia
   ecc
   sha1
   sha2
   md5
   rsa
   swrand
   n2rng/0