fips_config - OpenSSL FIPS configuration
A separate configuration file containing data related to FIPS 'self tests' is written to during installation time. This data is used for 2 purposes when the fips module is loaded:
- - Verify the module's checksum each time the fips module loads.
- - Run the startup FIPS self test KATS (known answer tests). This only needs to be run once during installation.
The supported options are:
The calculated MAC of the module file
A version number for the fips install process. Should be 1.
The install status indicator description that will be verified. If this field is not present the FIPS self tests will run when the fips module loads. This value should only be written to after the FIPS module has successfully passed its self tests during installation.
The calculated MAC of the install status indicator. It is initially empty and is written to at the same time as the install_status.
[fips_install] install-version = 1 module-checksum = 41:D0:FA:C2:5D:41:75:CD:7D:C3:90:55:6F:A4:DC install-checksum = FE:10:13:5A:D3:B4:C7:82:1B:1E:17:4C:AC:84:0C install-status = INSTALL_SELF_TEST_KATS_RUN
Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at https://www.openssl.org/source/license.html.