Third parties can plug their providers into the Cryptographic Framework. A third-party provider can be one of the following objects:
Loadable kernel software module, such as an encryption algorithm, MAC function, or digest function
Kernel device driver for a hardware accelerator
The objects from a provider must be signed with a certificate from Oracle. The certificate request is based on a private key that the third party selects, and a certificate that Oracle provides. The certificate request is sent to Oracle, which registers the third party and then issues the certificate. The third party then signs its provider object with the certificate from Oracle.
The loadable kernel software modules and the kernel device drivers for hardware accelerators must also register with the kernel. Registration is through the Cryptographic Framework SPI (service provider interface).