Lines Matching full:provider
11 \fBcryptoadm\fR list [\fB-mpv\fR] [provider=\fIprovider-name\fR]
18 provider=\fIprovider-name\fR mechanism=\fImechanism-list\fR | random | all
24 provider=\fIprovider-name\fR mechanism=\fImechanism-list\fR | random | all
29 \fBcryptoadm\fR install provider=\fIprovider-name\fR
34 \fBcryptoadm\fR install provider=\fIprovider-name\fR
40 \fBcryptoadm\fR uninstall provider=\fIprovider-name\fR
45 \fBcryptoadm\fR unload provider=\fIprovider-name\fR
84 The \fBcryptoadm\fR utility displays cryptographic provider information for a
85 system, configures the mechanism policy for each provider, and installs or
86 uninstalls a cryptographic provider. The cryptographic framework supports three
87 types of providers: a user-level provider (a PKCS11 shared library), a kernel
88 software provider (a loadable kernel software module), and a kernel hardware
89 provider (a cryptographic hardware device).
168 \fB\fBcryptoadm\fR \fBlist\fR \fB-m\fR \fB[ provider=\fIprovider-name\fR |
174 metaslot. If a provider is specified, display the name of the specified
175 provider and the mechanism list that can be used with that provider. If the
183 \fB\fBcryptoadm\fR \fBlist\fR \fB-p\fR \fB[ provider=\fIprovider-name\fR |
189 are not) for the installed providers. Also display the provider feature policy
190 or metaslot. If a provider is specified, display the name of the provider with
198 \fB\fBcryptoadm\fR \fBlist\fR \fB-v\fR \fBprovider=\fIprovider-name\fR |
203 Display details about the specified provider if a provider is specified. If the
222 \fB\fBcryptoadm\fR \fBdisable provider=\fIprovider-name\fR\fR\fR
226 \fB[ mechanism=\fImechanism-list\fR | \fIprovider-feature\fR \fB\&... |\fR
231 Disable the mechanisms or provider features specified for the provider. See
232 OPERANDS for a description of \fImechanism\fR, \fIprovider-feature\fR, and the
258 \fB\fBcryptoadm\fR \fBenable provider=\fIprovider-name\fR\fR\fR
262 \fB[ mechanism=\fImechanism-list\fR | \fIprovider-feature\fR \fB\&... |\fR
267 Enable the mechanisms or provider features specified for the provider. See
268 OPERANDS for a description of \fImechanism\fR, \fIprovider-feature\fR, and the
294 \fIslot-description\fR are specified, the provider with the matching token
306 \fB\fBcryptoadm\fR \fBinstall provider=\fIprovider-name\fR\fR\fR
310 Install a user-level provider into the system. The \fIprovider\fR operand must
320 The preferred way of installing a user-level provider is to build a package for
321 the provider. For more information, see the \fISolaris Security for Developer's
328 \fB\fBcryptoadm\fR \fBinstall provider=\fIprovider-name\fR\fR\fR
336 Install a kernel software provider into the system. The provider should contain
338 list of mechanisms to be supported by this provider.
340 The preferred way of installing a kernel software provider is to build a
348 \fB\fBcryptoadm\fR \fBuninstall provider=\fIprovider-name\fR\fR\fR
352 Uninstall the specified \fIprovider\fR and the associated mechanism policy from
353 the system. This subcommand applies only to a user-level provider or a kernel
354 software provider.
360 \fB\fBcryptoadm\fR \fBunload provider=\fIprovider-name\fR\fR\fR
364 Unload the kernel software module specified by \fIprovider\fR.
443 \fBprovider=\fIprovider-name\fR\fR
447 A user-level provider (a PKCS11 shared library), a kernel software provider (a
448 loadable kernel software module), or a kernel hardware provider (a
451 A valid value of the \fIprovider\fR operand is one entry from the output of a
452 command of the form: \fBcryptoadm\fR \fIlist\fR. A \fIprovider\fR operand for a
453 user-level provider is an absolute pathname of the corresponding shared
454 library. A \fIprovider\fR operand for a kernel software provider contains a
455 base name only. A \fIprovider\fR operand for a kernel hardware provider is in a
469 mechanisms on a provider. See the discussion of the \fBall\fR keyword, below.
475 \fB\fIprovider-feature\fR\fR
479 A cryptographic framework feature for the given provider. Currently only
480 \fBrandom\fR is accepted as a feature. For a user-level provider, disabling the
482 \fBC_SeedRandom\fR unavailable from the provider. For a kernel provider,
484 numbers from the provider.
495 subcommands to operate on all provider features.
561 # \fBcryptoadm enable provider=dca/0 all\fR
566 This command enables the mechanisms on the provider \fBand\fR any other
567 provider-features, such as \fBrandom\fR.
571 # \fBcryptoadm enable provider=des mechanism=all\fR
585 # \fBcryptoadm enable provider=des mechanism=all\fR
590 \&...which enables all mechanisms on the provider, but enables no other
591 provider-features, such as \fBrandom\fR.
623 \fBExample 2 \fRDisplay Mechanism List for \fBmd5\fR Provider
631 example% \fBcryptoadm list -m provider=md5\fR
638 \fBExample 3 \fRDisable Specific Mechanisms for Kernel Software Provider
642 \fBCKM_DES3_CBC\fR for the kernel software provider \fBdes\fR:
647 example# \fBcryptoadm disable provider=des\fR
653 \fBExample 4 \fRDisplay Mechanism Policy for a Provider
656 The following command displays the mechanism policy for the \fBdes\fR provider:
661 example% \fBcryptoadm list -p provider=des\fR
668 \fBExample 5 \fREnable Specific Mechanism for a Provider
672 software provider \fBdes\fR:
677 example# \fBcryptoadm enable provider=des mechanism=CKM_DES3_ECB\fR
683 \fBExample 6 \fRInstall User-Level Provider
686 The following command installs a user-level provider:
691 example# \fBcryptoadm install provider=/opt/lib/libcryptoki.so.1\fR
697 \fBExample 7 \fRInstall User-Level Provider That Contains 32- and 64-bit
701 The following command installs a user-level provider that contains both 32-bit
708 provider=/opt/SUNWconn/lib/'$ISA'/libpkcs11.so.1
714 \fBExample 8 \fRUninstall a Provider
717 The following command uninstalls the \fBmd5\fR provider:
722 example# \fBcryptoadm uninstall provider=md5\fR
813 If a hardware provider's policy was made explicitly (that is, some of its
814 mechanisms were disabled) and the hardware provider has been detached, the
815 policy of this hardware provider is still listed.
819 for each user-level provider. If both a 32-bit and 64-bit shared object are