Lines Matching +full:allow +full:- +full:set +full:- +full:time
1 .\" -*- mode: troff; coding: utf-8 -*-
57 .IX Title "OPENSSL-FIPSINSTALL 1ossl"
58 .TH OPENSSL-FIPSINSTALL 1ossl 2025-09-30 3.5.4 OpenSSL
64 openssl\-fipsinstall \- perform FIPS configuration installation
68 [\fB\-help\fR]
69 [\fB\-in\fR \fIconfigfilename\fR]
70 [\fB\-out\fR \fIconfigfilename\fR]
71 [\fB\-module\fR \fImodulefilename\fR]
72 [\fB\-provider_name\fR \fIprovidername\fR]
73 [\fB\-section_name\fR \fIsectionname\fR]
74 [\fB\-verify\fR]
75 [\fB\-mac_name\fR \fImacname\fR]
76 [\fB\-macopt\fR \fInm\fR:\fIv\fR]
77 [\fB\-noout\fR]
78 [\fB\-quiet\fR]
79 [\fB\-pedantic\fR]
80 [\fB\-no_conditional_errors\fR]
81 [\fB\-no_security_checks\fR]
82 [\fB\-hmac_key_check\fR]
83 [\fB\-kmac_key_check\fR]
84 [\fB\-ems_check\fR]
85 [\fB\-no_drbg_truncated_digests\fR]
86 [\fB\-signature_digest_check\fR]
87 [\fB\-hkdf_digest_check\fR]
88 [\fB\-tls13_kdf_digest_check\fR]
89 [\fB\-tls1_prf_digest_check\fR]
90 [\fB\-sshkdf_digest_check\fR]
91 [\fB\-sskdf_digest_check\fR]
92 [\fB\-x963kdf_digest_check\fR]
93 [\fB\-dsa_sign_disabled\fR]
94 [\fB\-no_pbkdf2_lower_bound_check\fR]
95 [\fB\-no_short_mac\fR]
96 [\fB\-tdes_encrypt_disabled\fR]
97 [\fB\-rsa_pkcs15_padding_disabled\fR]
98 [\fB\-rsa_pss_saltlen_check\fR]
99 [\fB\-rsa_sign_x931_disabled\fR]
100 [\fB\-hkdf_key_check\fR]
101 [\fB\-kbkdf_key_check\fR]
102 [\fB\-tls13_kdf_key_check\fR]
103 [\fB\-tls1_prf_key_check\fR]
104 [\fB\-sshkdf_key_check\fR]
105 [\fB\-sskdf_key_check\fR]
106 [\fB\-x963kdf_key_check\fR]
107 [\fB\-x942kdf_key_check\fR]
108 [\fB\-ecdh_cofactor_check\fR]
109 [\fB\-self_test_onload\fR]
110 [\fB\-self_test_oninstall\fR]
111 [\fB\-corrupt_desc\fR \fIselftest_description\fR]
112 [\fB\-corrupt_type\fR \fIselftest_type\fR]
113 [\fB\-config\fR \fIparent_config\fR]
117 This configuration file can be used each time a FIPS module is loaded
123 .IP "\- A MAC of the FIPS module file." 4
124 .IX Item "- A MAC of the FIPS module file."
126 .IP "\- A test status indicator." 4
127 .IX Item "- A test status indicator."
130 .IP "\- A MAC of the status indicator." 4
131 .IX Item "- A MAC of the status indicator."
133 .IP "\- A control for conditional self tests errors." 4
134 .IX Item "- A control for conditional self tests errors."
144 .IP "\- A control to indicate whether run-time security checks are done." 4
145 .IX Item "- A control to indicate whether run-time security checks are done."
146 This indicates if run-time checks related to enforcement of security parameters
155 .IP \fB\-help\fR 4
156 .IX Item "-help"
158 .IP "\fB\-module\fR \fIfilename\fR" 4
159 .IX Item "-module filename"
163 .IP "\fB\-out\fR \fIconfigfilename\fR" 4
164 .IX Item "-out configfilename"
166 .IP "\fB\-in\fR \fIconfigfilename\fR" 4
167 .IX Item "-in configfilename"
169 Must be used if the \fB\-verify\fR option is specified.
170 .IP \fB\-verify\fR 4
171 .IX Item "-verify"
173 .IP "\fB\-provider_name\fR \fIprovidername\fR" 4
174 .IX Item "-provider_name providername"
177 .IP "\fB\-section_name\fR \fIsectionname\fR" 4
178 .IX Item "-section_name sectionname"
181 .IP "\fB\-mac_name\fR \fIname\fR" 4
182 .IX Item "-mac_name name"
187 \&\f(CW\*(C`openssl list \-mac\-algorithms\*(C'\fR. The default is \fBHMAC\fR.
188 .IP "\fB\-macopt\fR \fInm\fR:\fIv\fR" 4
189 .IX Item "-macopt nm:v"
216 \&\f(CW\*(C`openssl list \-digest\-commands\*(C'\fR.
217 The default digest is SHA\-256.
221 .IP \fB\-noout\fR 4
222 .IX Item "-noout"
224 .IP \fB\-pedantic\fR 4
225 .IX Item "-pedantic"
231 .IP \fB\-no_conditional_errors\fR 4
232 .IX Item "-no_conditional_errors"
235 .IP \fB\-no_security_checks\fR 4
236 .IX Item "-no_security_checks"
237 Configure the module to not perform run-time security checks as described above.
239 Enabling the configuration option "no-fips-securitychecks" provides another way to
240 turn off the check at compile time.
241 .IP \fB\-ems_check\fR 4
242 .IX Item "-ems_check"
243 Configure the module to enable a run-time Extended Master Secret (EMS) check
246 .IP \fB\-no_short_mac\fR 4
247 .IX Item "-no_short_mac"
248 Configure the module to not allow short MAC outputs.
249 See SP 800\-185 8.4.2 and FIPS 140\-3 ID C.D for details.
250 .IP \fB\-hmac_key_check\fR 4
251 .IX Item "-hmac_key_check"
252 Configure the module to not allow small keys sizes when using HMAC.
253 See SP 800\-131Ar2 for details.
254 .IP \fB\-kmac_key_check\fR 4
255 .IX Item "-kmac_key_check"
256 Configure the module to not allow small keys sizes when using KMAC.
257 See SP 800\-131Ar2 for details.
258 .IP \fB\-no_drbg_truncated_digests\fR 4
259 .IX Item "-no_drbg_truncated_digests"
260 Configure the module to not allow truncated digests to be used with Hash and
261 HMAC DRBGs. See FIPS 140\-3 IG D.R for details.
262 .IP \fB\-signature_digest_check\fR 4
263 .IX Item "-signature_digest_check"
266 .IP \fB\-hkdf_digest_check\fR 4
267 .IX Item "-hkdf_digest_check"
269 .IP \fB\-tls13_kdf_digest_check\fR 4
270 .IX Item "-tls13_kdf_digest_check"
271 Configure the module to enable a run-time digest check when deriving a key by
274 .IP \fB\-tls1_prf_digest_check\fR 4
275 .IX Item "-tls1_prf_digest_check"
276 Configure the module to enable a run-time digest check when deriving a key by
278 See NIST SP 800\-135r1 for details.
279 .IP \fB\-sshkdf_digest_check\fR 4
280 .IX Item "-sshkdf_digest_check"
281 Configure the module to enable a run-time digest check when deriving a key by
283 See NIST SP 800\-135r1 for details.
284 .IP \fB\-sskdf_digest_check\fR 4
285 .IX Item "-sskdf_digest_check"
287 .IP \fB\-x963kdf_digest_check\fR 4
288 .IX Item "-x963kdf_digest_check"
289 Configure the module to enable a run-time digest check when deriving a key by
291 See NIST SP 800\-131Ar2 for details.
292 .IP \fB\-dsa_sign_disabled\fR 4
293 .IX Item "-dsa_sign_disabled"
294 Configure the module to not allow DSA signing (DSA signature verification is
295 still allowed). See FIPS 140\-3 IG C.K for details.
296 .IP \fB\-tdes_encrypt_disabled\fR 4
297 .IX Item "-tdes_encrypt_disabled"
298 Configure the module to not allow Triple-DES encryption.
299 Triple-DES decryption is still allowed for legacy purposes.
300 See SP800\-131Ar2 for details.
301 .IP \fB\-rsa_pkcs15_padding_disabled\fR 4
302 .IX Item "-rsa_pkcs15_padding_disabled"
303 Configure the module to not allow PKCS#1 version 1.5 padding to be used with
304 RSA for key transport and key agreement. See NIST's SP 800\-131A Revision 2
306 .IP \fB\-rsa_pss_saltlen_check\fR 4
307 .IX Item "-rsa_pss_saltlen_check"
308 Configure the module to enable a run-time salt length check when generating or
309 verifying a RSA-PSS signature.
310 See FIPS 186\-5 5.4 (g) for details.
311 .IP \fB\-rsa_sign_x931_disabled\fR 4
312 .IX Item "-rsa_sign_x931_disabled"
313 Configure the module to not allow X9.31 padding to be used when signing with
314 RSA. See FIPS 140\-3 IG C.K for details.
315 .IP \fB\-hkdf_key_check\fR 4
316 .IX Item "-hkdf_key_check"
317 Configure the module to enable a run-time short key-derivation key check when
319 See NIST SP 800\-131Ar2 for details.
320 .IP \fB\-kbkdf_key_check\fR 4
321 .IX Item "-kbkdf_key_check"
322 Configure the module to enable a run-time short key-derivation key check when
324 See NIST SP 800\-131Ar2 for details.
325 .IP \fB\-tls13_kdf_key_check\fR 4
326 .IX Item "-tls13_kdf_key_check"
327 Configure the module to enable a run-time short key-derivation key check when
329 See NIST SP 800\-131Ar2 for details.
330 .IP \fB\-tls1_prf_key_check\fR 4
331 .IX Item "-tls1_prf_key_check"
332 Configure the module to enable a run-time short key-derivation key check when
334 See NIST SP 800\-131Ar2 for details.
335 .IP \fB\-sshkdf_key_check\fR 4
336 .IX Item "-sshkdf_key_check"
337 Configure the module to enable a run-time short key-derivation key check when
339 See NIST SP 800\-131Ar2 for details.
340 .IP \fB\-sskdf_key_check\fR 4
341 .IX Item "-sskdf_key_check"
342 Configure the module to enable a run-time short key-derivation key check when
344 See NIST SP 800\-131Ar2 for details.
345 .IP \fB\-x963kdf_key_check\fR 4
346 .IX Item "-x963kdf_key_check"
347 Configure the module to enable a run-time short key-derivation key check when
349 See NIST SP 800\-131Ar2 for details.
350 .IP \fB\-x942kdf_key_check\fR 4
351 .IX Item "-x942kdf_key_check"
352 Configure the module to enable a run-time short key-derivation key check when
354 See NIST SP 800\-131Ar2 for details.
355 .IP \fB\-no_pbkdf2_lower_bound_check\fR 4
356 .IX Item "-no_pbkdf2_lower_bound_check"
357 Configure the module to not perform run-time lower bound check for PBKDF2.
358 See NIST SP 800\-132 for details.
359 .IP \fB\-ecdh_cofactor_check\fR 4
360 .IX Item "-ecdh_cofactor_check"
361 Configure the module to enable a run-time check that ECDH uses the EC curves
363 See SP 800\-56A r3 Section 5.7.1.2 for details.
364 .IP \fB\-self_test_onload\fR 4
365 .IX Item "-self_test_onload"
368 the self tests KATS will run each time the module is loaded. This option could be
373 This option defaults to 0 for any OpenSSL FIPS 140\-2 provider (OpenSSL 3.0.X).
374 and is not relevant for an OpenSSL FIPS 140\-3 provider, since this is no
376 .IP \fB\-self_test_oninstall\fR 4
377 .IX Item "-self_test_oninstall"
378 The converse of \fB\-self_test_oninstall\fR. The two fields related to the
381 This field is not relevant for an OpenSSL FIPS 140\-3 provider, since this is no
383 .IP \fB\-quiet\fR 4
384 .IX Item "-quiet"
385 Do not output pass/fail messages. Implies \fB\-noout\fR.
386 .IP "\fB\-corrupt_desc\fR \fIselftest_description\fR, \fB\-corrupt_type\fR \fIselftest_type\fR" 4
387 .IX Item "-corrupt_desc selftest_description, -corrupt_type selftest_type"
391 Refer to the entries for \fBst-desc\fR and \fBst-type\fR in \fBOSSL_PROVIDER\-FIPS\fR\|(7) for
393 .IP "\fB\-config\fR \fIparent_config\fR" 4
394 .IX Item "-config parent_config"
398 See \fBconfig\fR\|(5) for further information on how to set up a provider section.
399 All other options are ignored if '\-config' is used.
402 Self tests results are logged by default if the options \fB\-quiet\fR and \fB\-noout\fR
403 are not specified, or if either of the options \fB\-corrupt_desc\fR or
404 \&\fB\-corrupt_type\fR are used.
405 If the base configuration file is set up to autoload the fips module, then the
407 has a chance to set up its own self test callback. As a result of this the self
408 test output and the options \fB\-corrupt_desc\fR and \fB\-corrupt_type\fR will be ignored.
412 The \fB\-self_test_oninstall\fR option was added and the
413 \&\fB\-self_test_onload\fR option was made the default in OpenSSL 3.1.
422 \& openssl fipsinstall \-module ./fips.so \-out fips.cnf \-provider_name fips
428 \& openssl fipsinstall \-module ./fips.so \-in fips.cnf \-provider_name fips \-verify
434 \& openssl fipsinstall \-module ./fips.so \-out fips.cnf \-provider_name fips \e
435 \& \-corrupt_desc \*(AqSHA1\*(Aq
442 \& export OPENSSL_MODULES=<provider\-path>
443 \& openssl fipsinstall \-config\*(Aq \*(Aqdefault.cnf\*(Aq
449 \&\fBOSSL_PROVIDER\-FIPS\fR\|(7),
453 The \fBopenssl-fipsinstall\fR application was added in OpenSSL 3.0.
457 \&\fB\-ems_check\fR,
458 \&\fB\-self_test_oninstall\fR
462 \&\fB\-pedantic\fR,
463 \&\fB\-no_drbg_truncated_digests\fR
467 \&\fB\-hmac_key_check\fR,
468 \&\fB\-kmac_key_check\fR,
469 \&\fB\-signature_digest_check\fR,
470 \&\fB\-hkdf_digest_check\fR,
471 \&\fB\-tls13_kdf_digest_check\fR,
472 \&\fB\-tls1_prf_digest_check\fR,
473 \&\fB\-sshkdf_digest_check\fR,
474 \&\fB\-sskdf_digest_check\fR,
475 \&\fB\-x963kdf_digest_check\fR,
476 \&\fB\-dsa_sign_disabled\fR,
477 \&\fB\-no_pbkdf2_lower_bound_check\fR,
478 \&\fB\-no_short_mac\fR,
479 \&\fB\-tdes_encrypt_disabled\fR,
480 \&\fB\-rsa_pkcs15_padding_disabled\fR,
481 \&\fB\-rsa_pss_saltlen_check\fR,
482 \&\fB\-rsa_sign_x931_disabled\fR,
483 \&\fB\-hkdf_key_check\fR,
484 \&\fB\-kbkdf_key_check\fR,
485 \&\fB\-tls13_kdf_key_check\fR,
486 \&\fB\-tls1_prf_key_check\fR,
487 \&\fB\-sshkdf_key_check\fR,
488 \&\fB\-sskdf_key_check\fR,
489 \&\fB\-x963kdf_key_check\fR,
490 \&\fB\-x942kdf_key_check\fR,
491 \&\fB\-ecdh_cofactor_check\fR
494 Copyright 2019\-2025 The OpenSSL Project Authors. All Rights Reserved.