Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages

  
 
  

home | help
FIPS_CONFIG(5)			    OpenSSL			FIPS_CONFIG(5)

NAME
       fips_config - OpenSSL FIPS configuration

DESCRIPTION
       A separate configuration	file, using the	OpenSSL	config(5) syntax, is
       used to hold information	about the FIPS module. This includes a digest
       of the shared library file, and status about the	self-testing.  This
       data is used automatically by the module	itself for two purposes:

       - Run the startup FIPS self-test	known answer tests (KATS).
	   This	is done	once, at installation time.

       - Verify	the module's checksum.
	   This	is done	each time the module is	used.

       This file is generated by the openssl-fipsinstall(1) program, and used
       internally by the FIPS module during its	initialization.

       The following options are supported. They should	all appear in a
       section whose name is identified	by the fips option in the providers
       section,	as described in	"Provider Configuration	Module"	in config(5).

       module-mac
	   The calculated MAC of the FIPS provider file.

       install-version
	   A version number for	the fips install process. Should be 1.

       install-status
	   An indicator	that the self-tests were run.  This should only	be
	   written after the module has	successfully passed its	self tests
	   during installation.	 If this field is not present, then the	self
	   tests will run when the module loads.

       install-mac
	   A MAC of the	value of the install-status option, to prevent
	   accidental changes to that value.  It is written-to at the same
	   time	as install-status is updated.

       For example:

	[fips_sect]
	install-version	= 1
	module-mac = 41:D0:FA:C2:5D:41:75:CD:7D:C3:90:55:6F:A4:DC
	install-mac = FE:10:13:5A:D3:B4:C7:82:1B:1E:17:4C:AC:84:0C
	install-status = INSTALL_SELF_TEST_KATS_RUN

SEE ALSO
       config(5)

COPYRIGHT
       Copyright 2019-2020 The OpenSSL Project Authors.	All Rights Reserved.

       Licensed	under the Apache License 2.0 (the "License").  You may not use
       this file except	in compliance with the License.	 You can obtain	a copy
       in the file LICENSE in the source distribution or at
       <https://www.openssl.org/source/license.html>.

3.0.0-alpha6			  2020-08-06			FIPS_CONFIG(5)

NAME | DESCRIPTION | SEE ALSO | COPYRIGHT

Want to link to this manual page? Use this URL:
<https://www.freebsd.org/cgi/man.cgi?query=fips_config&sektion=5&manpath=FreeBSD+12.2-RELEASE+and+Ports>

home | help