Go to main content

Managing Encryption and Certificates in Oracle® Solaris 11.4

Exit Print View

Updated: May 2021
 
 

Adding a Software Provider

The following procedure explains how to add providers to the system. You must become an administrator who is assigned the Crypto Management rights profile. For more information, see Using Your Assigned Administrative Rights in Securing Users and Processes in Oracle Solaris 11.4.

How to Add a Software Provider

  1. List the software providers that are available to the system.

    $ cryptoadm list
    
    User-level providers:
    Provider: /usr/lib/security/$ISA/pkcs11_softtoken.so
    
    Kernel providers:
             des
             aes
             arcfour
             blowfish
             camellia
             ecc
             sha1
             sha2
             sha3
             md5
             rsa
             swrand
             n2rng/0 
  2. Add the package for a new provider from a repository.

    This example installs the pkcs11_kmip package. For information about KMIP, see KMIP and PKCS #11 Client Applications.

    $ pkg install pkcs11_kmip
    
                Packages to install:  2
            Create boot environment: No
    Create backup boot environment: No
    
    DOWNLOAD                                PKGS         FILES    XFER
    (MB)   SPEED
    Completed                                2/2         18/18 0.6/0.6  251k/s
    
    PHASE                                          ITEMS
    Installing new actions                         50/50
    Updating package state database                 Done
    Updating package cache                           0/0
    Updating image state                            Done
    Creating fast lookup database                   Done
    Updating package cache                           1/1
    
  3. Register the new provider with the Cryptographic Framework.
    $ cryptoadm install provider='/usr/lib/security/$ISA/pkcs11_kmip.so'
  4. Locate the new provider on the list.

    In this case, a new user-level software provider was installed.

    $ cryptoadm list
    
    User-level providers:
    Provider: /usr/lib/security/$ISA/pkcs11_softtoken.so
    Provider: /usr/lib/security/$ISA/pkcs11_kmip.so  <-- added provider
    
    Kernel providers:
             des
             aes
             arcfour
             blowfish
             camellia
             ecc
             sha1
             sha2
             sha3
             md5
             rsa
             swrand
             n2rng/0