Lines Matching full:provider
12 \fBcryptoadm\fR list [\fB-mpv\fR] [provider=\fIprovider-name\fR]
19 provider=\fIprovider-name\fR mechanism=\fImechanism-list\fR | random | all
25 provider=\fIprovider-name\fR mechanism=\fImechanism-list\fR | random | all
30 \fBcryptoadm\fR install provider=\fIprovider-name\fR
35 \fBcryptoadm\fR install provider=\fIprovider-name\fR
41 \fBcryptoadm\fR uninstall provider=\fIprovider-name\fR
46 \fBcryptoadm\fR unload provider=\fIprovider-name\fR
87 The \fBcryptoadm\fR utility displays cryptographic provider information for a
88 system, configures the mechanism policy for each provider, and installs or
89 uninstalls a cryptographic provider. The cryptographic framework supports three
90 types of providers: a user-level provider (a PKCS11 shared library), a kernel
91 software provider (a loadable kernel software module), and a kernel hardware
92 provider (a cryptographic hardware device).
173 \fB\fBcryptoadm\fR \fBlist\fR \fB-m\fR \fB[ provider=\fIprovider-name\fR |
179 metaslot. If a provider is specified, display the name of the specified
180 provider and the mechanism list that can be used with that provider. If the
188 \fB\fBcryptoadm\fR \fBlist\fR \fB-p\fR \fB[ provider=\fIprovider-name\fR |
194 are not) for the installed providers. Also display the provider feature policy
195 or metaslot. If a provider is specified, display the name of the provider with
203 \fB\fBcryptoadm\fR \fBlist\fR \fB-v\fR \fBprovider=\fIprovider-name\fR |
208 Display details about the specified provider if a provider is specified. If the
227 \fB\fBcryptoadm\fR \fBdisable provider=\fIprovider-name\fR\fR\fR
231 \fB[ mechanism=\fImechanism-list\fR | \fIprovider-feature\fR \fB\&... |\fR
236 Disable the mechanisms or provider features specified for the provider. See
237 OPERANDS for a description of \fImechanism\fR, \fIprovider-feature\fR, and the
263 \fB\fBcryptoadm\fR \fBenable provider=\fIprovider-name\fR\fR\fR
267 \fB[ mechanism=\fImechanism-list\fR | \fIprovider-feature\fR \fB\&... |\fR
272 Enable the mechanisms or provider features specified for the provider. See
273 OPERANDS for a description of \fImechanism\fR, \fIprovider-feature\fR, and the
299 \fIslot-description\fR are specified, the provider with the matching token
311 \fB\fBcryptoadm\fR \fBinstall provider=\fIprovider-name\fR\fR\fR
315 Install a user-level provider into the system. The \fIprovider\fR operand must
325 The preferred way of installing a user-level provider is to build a package for
326 the provider. For more information, see the \fISolaris Security for Developer's
333 \fB\fBcryptoadm\fR \fBinstall provider=\fIprovider-name\fR\fR\fR
341 Install a kernel software provider into the system. The provider should contain
343 list of mechanisms to be supported by this provider.
345 The preferred way of installing a kernel software provider is to build a
353 \fB\fBcryptoadm\fR \fBuninstall provider=\fIprovider-name\fR\fR\fR
357 Uninstall the specified \fIprovider\fR and the associated mechanism policy from
358 the system. This subcommand applies only to a user-level provider or a kernel
359 software provider.
365 \fB\fBcryptoadm\fR \fBunload provider=\fIprovider-name\fR\fR\fR
369 Unload the kernel software module specified by \fIprovider\fR.
449 \fBprovider=\fIprovider-name\fR\fR
453 A user-level provider (a PKCS11 shared library), a kernel software provider (a
454 loadable kernel software module), or a kernel hardware provider (a
457 A valid value of the \fIprovider\fR operand is one entry from the output of a
458 command of the form: \fBcryptoadm\fR \fIlist\fR. A \fIprovider\fR operand for a
459 user-level provider is an absolute pathname of the corresponding shared
460 library. A \fIprovider\fR operand for a kernel software provider contains a
461 base name only. A \fIprovider\fR operand for a kernel hardware provider is in a
475 mechanisms on a provider. See the discussion of the \fBall\fR keyword, below.
481 \fB\fIprovider-feature\fR\fR
485 A cryptographic framework feature for the given provider. Currently only
486 \fBrandom\fR is accepted as a feature. For a user-level provider, disabling the
488 \fBC_SeedRandom\fR unavailable from the provider. For a kernel provider,
490 numbers from the provider.
501 subcommands to operate on all provider features.
567 # \fBcryptoadm enable provider=dca/0 all\fR
572 This command enables the mechanisms on the provider \fBand\fR any other
573 provider-features, such as \fBrandom\fR.
577 # \fBcryptoadm enable provider=des mechanism=all\fR
591 # \fBcryptoadm enable provider=des mechanism=all\fR
596 \&...which enables all mechanisms on the provider, but enables no other
597 provider-features, such as \fBrandom\fR.
630 \fBExample 2 \fRDisplay Mechanism List for \fBmd5\fR Provider
638 example% \fBcryptoadm list -m provider=md5\fR
645 \fBExample 3 \fRDisable Specific Mechanisms for Kernel Software Provider
649 \fBCKM_DES3_CBC\fR for the kernel software provider \fBdes\fR:
654 example# \fBcryptoadm disable provider=des\fR
660 \fBExample 4 \fRDisplay Mechanism Policy for a Provider
663 The following command displays the mechanism policy for the \fBdes\fR provider:
668 example% \fBcryptoadm list -p provider=des\fR
675 \fBExample 5 \fREnable Specific Mechanism for a Provider
679 software provider \fBdes\fR:
684 example# \fBcryptoadm enable provider=des mechanism=CKM_DES3_ECB\fR
690 \fBExample 6 \fRInstall User-Level Provider
693 The following command installs a user-level provider:
698 example# \fBcryptoadm install provider=/opt/lib/libcryptoki.so.1\fR
704 \fBExample 7 \fRInstall User-Level Provider That Contains 32- and 64-bit
708 The following command installs a user-level provider that contains both 32-bit
715 provider=/opt/SUNWconn/lib/'$ISA'/libpkcs11.so.1
721 \fBExample 8 \fRUninstall a Provider
724 The following command uninstalls the \fBmd5\fR provider:
729 example# \fBcryptoadm uninstall provider=md5\fR
824 If a hardware provider's policy was made explicitly (that is, some of its
825 mechanisms were disabled) and the hardware provider has been detached, the
826 policy of this hardware provider is still listed.
830 for each user-level provider. If both a 32-bit and 64-bit shared object are