summaryrefslogtreecommitdiffstats
path: root/upstream/debian-bookworm/man7/OSSL_PROVIDER-FIPS.7ssl
diff options
context:
space:
mode:
Diffstat (limited to 'upstream/debian-bookworm/man7/OSSL_PROVIDER-FIPS.7ssl')
-rw-r--r--upstream/debian-bookworm/man7/OSSL_PROVIDER-FIPS.7ssl582
1 files changed, 582 insertions, 0 deletions
diff --git a/upstream/debian-bookworm/man7/OSSL_PROVIDER-FIPS.7ssl b/upstream/debian-bookworm/man7/OSSL_PROVIDER-FIPS.7ssl
new file mode 100644
index 00000000..a89a9480
--- /dev/null
+++ b/upstream/debian-bookworm/man7/OSSL_PROVIDER-FIPS.7ssl
@@ -0,0 +1,582 @@
+.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.43)
+.\"
+.\" Standard preamble:
+.\" ========================================================================
+.de Sp \" Vertical space (when we can't use .PP)
+.if t .sp .5v
+.if n .sp
+..
+.de Vb \" Begin verbatim text
+.ft CW
+.nf
+.ne \\$1
+..
+.de Ve \" End verbatim text
+.ft R
+.fi
+..
+.\" Set up some character translations and predefined strings. \*(-- will
+.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
+.\" double quote, and \*(R" will give a right double quote. \*(C+ will
+.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
+.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
+.\" nothing in troff, for use with C<>.
+.tr \(*W-
+.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
+.ie n \{\
+. ds -- \(*W-
+. ds PI pi
+. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
+. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
+. ds L" ""
+. ds R" ""
+. ds C` ""
+. ds C' ""
+'br\}
+.el\{\
+. ds -- \|\(em\|
+. ds PI \(*p
+. ds L" ``
+. ds R" ''
+. ds C`
+. ds C'
+'br\}
+.\"
+.\" Escape single quotes in literal strings from groff's Unicode transform.
+.ie \n(.g .ds Aq \(aq
+.el .ds Aq '
+.\"
+.\" If the F register is >0, we'll generate index entries on stderr for
+.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
+.\" entries marked with X<> in POD. Of course, you'll have to process the
+.\" output yourself in some meaningful fashion.
+.\"
+.\" Avoid warning from groff about undefined register 'F'.
+.de IX
+..
+.nr rF 0
+.if \n(.g .if rF .nr rF 1
+.if (\n(rF:(\n(.g==0)) \{\
+. if \nF \{\
+. de IX
+. tm Index:\\$1\t\\n%\t"\\$2"
+..
+. if !\nF==2 \{\
+. nr % 0
+. nr F 2
+. \}
+. \}
+.\}
+.rr rF
+.\"
+.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
+.\" Fear. Run. Save yourself. No user-serviceable parts.
+. \" fudge factors for nroff and troff
+.if n \{\
+. ds #H 0
+. ds #V .8m
+. ds #F .3m
+. ds #[ \f1
+. ds #] \fP
+.\}
+.if t \{\
+. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
+. ds #V .6m
+. ds #F 0
+. ds #[ \&
+. ds #] \&
+.\}
+. \" simple accents for nroff and troff
+.if n \{\
+. ds ' \&
+. ds ` \&
+. ds ^ \&
+. ds , \&
+. ds ~ ~
+. ds /
+.\}
+.if t \{\
+. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
+. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
+. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
+. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
+. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
+. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
+.\}
+. \" troff and (daisy-wheel) nroff accents
+.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
+.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
+.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
+.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
+.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
+.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
+.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
+.ds ae a\h'-(\w'a'u*4/10)'e
+.ds Ae A\h'-(\w'A'u*4/10)'E
+. \" corrections for vroff
+.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
+.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
+. \" for low resolution devices (crt and lpr)
+.if \n(.H>23 .if \n(.V>19 \
+\{\
+. ds : e
+. ds 8 ss
+. ds o a
+. ds d- d\h'-1'\(ga
+. ds D- D\h'-1'\(hy
+. ds th \o'bp'
+. ds Th \o'LP'
+. ds ae ae
+. ds Ae AE
+.\}
+.rm #[ #] #H #V #F C
+.\" ========================================================================
+.\"
+.IX Title "OSSL_PROVIDER-FIPS 7SSL"
+.TH OSSL_PROVIDER-FIPS 7SSL "2023-10-23" "3.0.11" "OpenSSL"
+.\" For nroff, turn off justification. Always turn off hyphenation; it makes
+.\" way too many mistakes in technical documents.
+.if n .ad l
+.nh
+.SH "NAME"
+OSSL_PROVIDER\-FIPS \- OpenSSL FIPS provider
+.SH "DESCRIPTION"
+.IX Header "DESCRIPTION"
+The OpenSSL \s-1FIPS\s0 provider is a special provider that conforms to the Federal
+Information Processing Standards (\s-1FIPS\s0) specified in \s-1FIPS 140\-2.\s0 This 'module'
+contains an approved set of cryptographic algorithms that is validated by an
+accredited testing laboratory.
+.SS "Properties"
+.IX Subsection "Properties"
+The implementations in this provider specifically have these properties
+defined:
+.ie n .IP """provider=fips""" 4
+.el .IP "``provider=fips''" 4
+.IX Item "provider=fips"
+.PD 0
+.ie n .IP """fips=yes""" 4
+.el .IP "``fips=yes''" 4
+.IX Item "fips=yes"
+.PD
+.PP
+It may be used in a property query string with fetching functions such as
+\&\fBEVP_MD_fetch\fR\|(3) or \fBEVP_CIPHER_fetch\fR\|(3), as well as with other
+functions that take a property query string, such as
+\&\fBEVP_PKEY_CTX_new_from_name\fR\|(3).
+.PP
+It isn't mandatory to query for any of these properties, except to
+make sure to get implementations of this provider and none other.
+.PP
+The \*(L"fips=yes\*(R" property can be use to make sure only \s-1FIPS\s0 approved
+implementations are used for crypto operations. This may also include
+other non-crypto support operations that are not in the \s-1FIPS\s0 provider,
+such as asymmetric key encoders,
+see \*(L"Asymmetric Key Management\*(R" in \fBOSSL_PROVIDER\-default\fR\|(7).
+.SH "OPERATIONS AND ALGORITHMS"
+.IX Header "OPERATIONS AND ALGORITHMS"
+The OpenSSL \s-1FIPS\s0 provider supports these operations and algorithms:
+.SS "Hashing Algorithms / Message Digests"
+.IX Subsection "Hashing Algorithms / Message Digests"
+.IP "\s-1SHA1,\s0 see \s-1\fBEVP_MD\-SHA1\s0\fR\|(7)" 4
+.IX Item "SHA1, see EVP_MD-SHA1"
+.PD 0
+.IP "\s-1SHA2,\s0 see \s-1\fBEVP_MD\-SHA2\s0\fR\|(7)" 4
+.IX Item "SHA2, see EVP_MD-SHA2"
+.IP "\s-1SHA3,\s0 see \s-1\fBEVP_MD\-SHA3\s0\fR\|(7)" 4
+.IX Item "SHA3, see EVP_MD-SHA3"
+.IP "KECCAK-KMAC, see \s-1\fBEVP_MD\-KECCAK\-KMAC\s0\fR\|(7)" 4
+.IX Item "KECCAK-KMAC, see EVP_MD-KECCAK-KMAC"
+.PD
+.SS "Symmetric Ciphers"
+.IX Subsection "Symmetric Ciphers"
+.IP "\s-1AES,\s0 see \s-1\fBEVP_CIPHER\-AES\s0\fR\|(7)" 4
+.IX Item "AES, see EVP_CIPHER-AES"
+.PD 0
+.IP "\s-1DES\-EDE3\s0 (TripleDES), see \s-1\fBEVP_CIPHER\-DES\s0\fR\|(7)" 4
+.IX Item "DES-EDE3 (TripleDES), see EVP_CIPHER-DES"
+.PD
+.SS "Message Authentication Code (\s-1MAC\s0)"
+.IX Subsection "Message Authentication Code (MAC)"
+.IP "\s-1CMAC,\s0 see \s-1\fBEVP_MAC\-CMAC\s0\fR\|(7)" 4
+.IX Item "CMAC, see EVP_MAC-CMAC"
+.PD 0
+.IP "\s-1GMAC,\s0 see \s-1\fBEVP_MAC\-GMAC\s0\fR\|(7)" 4
+.IX Item "GMAC, see EVP_MAC-GMAC"
+.IP "\s-1HMAC,\s0 see \s-1\fBEVP_MAC\-HMAC\s0\fR\|(7)" 4
+.IX Item "HMAC, see EVP_MAC-HMAC"
+.IP "\s-1KMAC,\s0 see \s-1\fBEVP_MAC\-KMAC\s0\fR\|(7)" 4
+.IX Item "KMAC, see EVP_MAC-KMAC"
+.PD
+.SS "Key Derivation Function (\s-1KDF\s0)"
+.IX Subsection "Key Derivation Function (KDF)"
+.IP "\s-1HKDF,\s0 see \s-1\fBEVP_KDF\-HKDF\s0\fR\|(7)" 4
+.IX Item "HKDF, see EVP_KDF-HKDF"
+.PD 0
+.IP "\s-1TLS13\-KDF,\s0 see \s-1\fBEVP_KDF\-TLS13_KDF\s0\fR\|(7)" 4
+.IX Item "TLS13-KDF, see EVP_KDF-TLS13_KDF"
+.IP "\s-1SSKDF,\s0 see \s-1\fBEVP_KDF\-SS\s0\fR\|(7)" 4
+.IX Item "SSKDF, see EVP_KDF-SS"
+.IP "\s-1PBKDF2,\s0 see \s-1\fBEVP_KDF\-PBKDF2\s0\fR\|(7)" 4
+.IX Item "PBKDF2, see EVP_KDF-PBKDF2"
+.IP "\s-1SSHKDF,\s0 see \s-1\fBEVP_KDF\-SSHKDF\s0\fR\|(7)" 4
+.IX Item "SSHKDF, see EVP_KDF-SSHKDF"
+.IP "\s-1TLS1\-PRF,\s0 see \s-1\fBEVP_KDF\-TLS1_PRF\s0\fR\|(7)" 4
+.IX Item "TLS1-PRF, see EVP_KDF-TLS1_PRF"
+.IP "\s-1KBKDF,\s0 see \s-1\fBEVP_KDF\-KB\s0\fR\|(7)" 4
+.IX Item "KBKDF, see EVP_KDF-KB"
+.IP "X942KDF\-ASN1, see \s-1\fBEVP_KDF\-X942\-ASN1\s0\fR\|(7)" 4
+.IX Item "X942KDF-ASN1, see EVP_KDF-X942-ASN1"
+.IP "X942KDF\-CONCAT, see \s-1\fBEVP_KDF\-X942\-CONCAT\s0\fR\|(7)" 4
+.IX Item "X942KDF-CONCAT, see EVP_KDF-X942-CONCAT"
+.IP "X963KDF, see \s-1\fBEVP_KDF\-X963\s0\fR\|(7)" 4
+.IX Item "X963KDF, see EVP_KDF-X963"
+.PD
+.SS "Key Exchange"
+.IX Subsection "Key Exchange"
+.IP "\s-1DH,\s0 see \s-1\fBEVP_KEYEXCH\-DH\s0\fR\|(7)" 4
+.IX Item "DH, see EVP_KEYEXCH-DH"
+.PD 0
+.IP "\s-1ECDH,\s0 see \s-1\fBEVP_KEYEXCH\-ECDH\s0\fR\|(7)" 4
+.IX Item "ECDH, see EVP_KEYEXCH-ECDH"
+.IP "X25519, see \s-1\fBEVP_KEYEXCH\-X25519\s0\fR\|(7)" 4
+.IX Item "X25519, see EVP_KEYEXCH-X25519"
+.IP "X448, see \s-1\fBEVP_KEYEXCH\-X448\s0\fR\|(7)" 4
+.IX Item "X448, see EVP_KEYEXCH-X448"
+.PD
+.SS "Asymmetric Signature"
+.IX Subsection "Asymmetric Signature"
+.IP "\s-1RSA,\s0 see \s-1\fBEVP_SIGNATURE\-RSA\s0\fR\|(7)" 4
+.IX Item "RSA, see EVP_SIGNATURE-RSA"
+.PD 0
+.IP "X25519, see \s-1\fBEVP_SIGNATURE\-ED25519\s0\fR\|(7)" 4
+.IX Item "X25519, see EVP_SIGNATURE-ED25519"
+.IP "X448, see \s-1\fBEVP_SIGNATURE\-ED448\s0\fR\|(7)" 4
+.IX Item "X448, see EVP_SIGNATURE-ED448"
+.IP "\s-1HMAC,\s0 see \s-1\fBEVP_SIGNATURE\-HMAC\s0\fR\|(7)" 4
+.IX Item "HMAC, see EVP_SIGNATURE-HMAC"
+.IP "\s-1CMAC,\s0 see \s-1\fBEVP_SIGNATURE\-CMAC\s0\fR\|(7)" 4
+.IX Item "CMAC, see EVP_SIGNATURE-CMAC"
+.PD
+.SS "Asymmetric Cipher"
+.IX Subsection "Asymmetric Cipher"
+.IP "\s-1RSA,\s0 see \s-1\fBEVP_ASYM_CIPHER\-RSA\s0\fR\|(7)" 4
+.IX Item "RSA, see EVP_ASYM_CIPHER-RSA"
+.SS "Asymmetric Key Encapsulation"
+.IX Subsection "Asymmetric Key Encapsulation"
+.PD 0
+.IP "\s-1RSA,\s0 see \s-1\fBEVP_KEM\-RSA\s0\fR\|(7)" 4
+.IX Item "RSA, see EVP_KEM-RSA"
+.PD
+.SS "Asymmetric Key Management"
+.IX Subsection "Asymmetric Key Management"
+.IP "\s-1DH,\s0 see \s-1\fBEVP_KEYMGMT\-DH\s0\fR\|(7)" 4
+.IX Item "DH, see EVP_KEYMGMT-DH"
+.PD 0
+.IP "\s-1DHX,\s0 see \s-1\fBEVP_KEYMGMT\-DHX\s0\fR\|(7)" 4
+.IX Item "DHX, see EVP_KEYMGMT-DHX"
+.IP "\s-1DSA,\s0 see \s-1\fBEVP_KEYMGMT\-DSA\s0\fR\|(7)" 4
+.IX Item "DSA, see EVP_KEYMGMT-DSA"
+.IP "\s-1RSA,\s0 see \s-1\fBEVP_KEYMGMT\-RSA\s0\fR\|(7)" 4
+.IX Item "RSA, see EVP_KEYMGMT-RSA"
+.IP "\s-1EC,\s0 see \s-1\fBEVP_KEYMGMT\-EC\s0\fR\|(7)" 4
+.IX Item "EC, see EVP_KEYMGMT-EC"
+.IP "X25519, see \s-1\fBEVP_KEYMGMT\-X25519\s0\fR\|(7)" 4
+.IX Item "X25519, see EVP_KEYMGMT-X25519"
+.IP "X448, see \s-1\fBEVP_KEYMGMT\-X448\s0\fR\|(7)" 4
+.IX Item "X448, see EVP_KEYMGMT-X448"
+.PD
+.SS "Random Number Generation"
+.IX Subsection "Random Number Generation"
+.IP "CTR-DRBG, see \s-1\fBEVP_RAND\-CTR\-DRBG\s0\fR\|(7)" 4
+.IX Item "CTR-DRBG, see EVP_RAND-CTR-DRBG"
+.PD 0
+.IP "HASH-DRBG, see \s-1\fBEVP_RAND\-HASH\-DRBG\s0\fR\|(7)" 4
+.IX Item "HASH-DRBG, see EVP_RAND-HASH-DRBG"
+.IP "HMAC-DRBG, see \s-1\fBEVP_RAND\-HMAC\-DRBG\s0\fR\|(7)" 4
+.IX Item "HMAC-DRBG, see EVP_RAND-HMAC-DRBG"
+.IP "TEST-RAND, see \s-1\fBEVP_RAND\-TEST\-RAND\s0\fR\|(7)" 4
+.IX Item "TEST-RAND, see EVP_RAND-TEST-RAND"
+.PD
+TEST-RAND is an unapproved algorithm.
+.SH "SELF TESTING"
+.IX Header "SELF TESTING"
+One of the requirements for the \s-1FIPS\s0 module is self testing. An optional callback
+mechanism is available to return information to the user using
+\&\fBOSSL_SELF_TEST_set_callback\fR\|(3).
+.PP
+The parameters passed to the callback are described in \fBOSSL_SELF_TEST_new\fR\|(3)
+.PP
+The OpenSSL \s-1FIPS\s0 module uses the following mechanism to provide information
+about the self tests as they run.
+This is useful for debugging if a self test is failing.
+The callback also allows forcing any self test to fail, in order to check that
+it operates correctly on failure.
+Note that all self tests run even if a self test failure occurs.
+.PP
+The \s-1FIPS\s0 module passes the following type(s) to \fBOSSL_SELF_TEST_onbegin()\fR.
+.ie n .IP """Module_Integrity"" (\fB\s-1OSSL_SELF_TEST_TYPE_MODULE_INTEGRITY\s0\fR)" 4
+.el .IP "``Module_Integrity'' (\fB\s-1OSSL_SELF_TEST_TYPE_MODULE_INTEGRITY\s0\fR)" 4
+.IX Item "Module_Integrity (OSSL_SELF_TEST_TYPE_MODULE_INTEGRITY)"
+Uses \s-1HMAC SHA256\s0 on the module file to validate that the module has not been
+modified. The integrity value is compared to a value written to a configuration
+file during installation.
+.ie n .IP """Install_Integrity"" (\fB\s-1OSSL_SELF_TEST_TYPE_INSTALL_INTEGRITY\s0\fR)" 4
+.el .IP "``Install_Integrity'' (\fB\s-1OSSL_SELF_TEST_TYPE_INSTALL_INTEGRITY\s0\fR)" 4
+.IX Item "Install_Integrity (OSSL_SELF_TEST_TYPE_INSTALL_INTEGRITY)"
+Uses \s-1HMAC SHA256\s0 on a fixed string to validate that the installation process
+has already been performed and the self test \s-1KATS\s0 have already been tested,
+The integrity value is compared to a value written to a configuration
+file after successfully running the self tests during installation.
+.ie n .IP """KAT_Cipher"" (\fB\s-1OSSL_SELF_TEST_TYPE_KAT_CIPHER\s0\fR)" 4
+.el .IP "``KAT_Cipher'' (\fB\s-1OSSL_SELF_TEST_TYPE_KAT_CIPHER\s0\fR)" 4
+.IX Item "KAT_Cipher (OSSL_SELF_TEST_TYPE_KAT_CIPHER)"
+Known answer test for a symmetric cipher.
+.ie n .IP """KAT_AsymmetricCipher"" (\fB\s-1OSSL_SELF_TEST_TYPE_KAT_ASYM_CIPHER\s0\fR)" 4
+.el .IP "``KAT_AsymmetricCipher'' (\fB\s-1OSSL_SELF_TEST_TYPE_KAT_ASYM_CIPHER\s0\fR)" 4
+.IX Item "KAT_AsymmetricCipher (OSSL_SELF_TEST_TYPE_KAT_ASYM_CIPHER)"
+Known answer test for a asymmetric cipher.
+.ie n .IP """KAT_Digest"" (\fB\s-1OSSL_SELF_TEST_TYPE_KAT_DIGEST\s0\fR)" 4
+.el .IP "``KAT_Digest'' (\fB\s-1OSSL_SELF_TEST_TYPE_KAT_DIGEST\s0\fR)" 4
+.IX Item "KAT_Digest (OSSL_SELF_TEST_TYPE_KAT_DIGEST)"
+Known answer test for a digest.
+.ie n .IP """KAT_Signature"" (\fB\s-1OSSL_SELF_TEST_TYPE_KAT_SIGNATURE\s0\fR)" 4
+.el .IP "``KAT_Signature'' (\fB\s-1OSSL_SELF_TEST_TYPE_KAT_SIGNATURE\s0\fR)" 4
+.IX Item "KAT_Signature (OSSL_SELF_TEST_TYPE_KAT_SIGNATURE)"
+Known answer test for a signature.
+.ie n .IP """PCT_Signature"" (\fB\s-1OSSL_SELF_TEST_TYPE_PCT_SIGNATURE\s0\fR)" 4
+.el .IP "``PCT_Signature'' (\fB\s-1OSSL_SELF_TEST_TYPE_PCT_SIGNATURE\s0\fR)" 4
+.IX Item "PCT_Signature (OSSL_SELF_TEST_TYPE_PCT_SIGNATURE)"
+Pairwise Consistency check for a signature.
+.ie n .IP """\s-1KAT_KDF""\s0 (\fB\s-1OSSL_SELF_TEST_TYPE_KAT_KDF\s0\fR)" 4
+.el .IP "``\s-1KAT_KDF''\s0 (\fB\s-1OSSL_SELF_TEST_TYPE_KAT_KDF\s0\fR)" 4
+.IX Item "KAT_KDF (OSSL_SELF_TEST_TYPE_KAT_KDF)"
+Known answer test for a key derivation function.
+.ie n .IP """\s-1KAT_KA""\s0 (\fB\s-1OSSL_SELF_TEST_TYPE_KAT_KA\s0\fR)" 4
+.el .IP "``\s-1KAT_KA''\s0 (\fB\s-1OSSL_SELF_TEST_TYPE_KAT_KA\s0\fR)" 4
+.IX Item "KAT_KA (OSSL_SELF_TEST_TYPE_KAT_KA)"
+Known answer test for key agreement.
+.ie n .IP """\s-1DRBG""\s0 (\fB\s-1OSSL_SELF_TEST_TYPE_DRBG\s0\fR)" 4
+.el .IP "``\s-1DRBG''\s0 (\fB\s-1OSSL_SELF_TEST_TYPE_DRBG\s0\fR)" 4
+.IX Item "DRBG (OSSL_SELF_TEST_TYPE_DRBG)"
+Known answer test for a Deterministic Random Bit Generator.
+.ie n .IP """Conditional_PCT"" (\fB\s-1OSSL_SELF_TEST_TYPE_PCT\s0\fR)" 4
+.el .IP "``Conditional_PCT'' (\fB\s-1OSSL_SELF_TEST_TYPE_PCT\s0\fR)" 4
+.IX Item "Conditional_PCT (OSSL_SELF_TEST_TYPE_PCT)"
+Conditional test that is run during the generation of key pairs.
+.ie n .IP """Continuous_RNG_Test"" (\fB\s-1OSSL_SELF_TEST_TYPE_CRNG\s0\fR)" 4
+.el .IP "``Continuous_RNG_Test'' (\fB\s-1OSSL_SELF_TEST_TYPE_CRNG\s0\fR)" 4
+.IX Item "Continuous_RNG_Test (OSSL_SELF_TEST_TYPE_CRNG)"
+Continuous random number generator test.
+.PP
+The \*(L"Module_Integrity\*(R" self test is always run at startup.
+The \*(L"Install_Integrity\*(R" self test is used to check if the self tests have
+already been run at installation time. If they have already run then the
+self tests are not run on subsequent startups.
+All other self test categories are run once at installation time, except for the
+\&\*(L"Pairwise_Consistency_Test\*(R".
+.PP
+There is only one instance of the \*(L"Module_Integrity\*(R" and \*(L"Install_Integrity\*(R"
+self tests. All other self tests may have multiple instances.
+.PP
+The \s-1FIPS\s0 module passes the following descriptions(s) to \fBOSSL_SELF_TEST_onbegin()\fR.
+.ie n .IP """\s-1HMAC""\s0 (\fB\s-1OSSL_SELF_TEST_DESC_INTEGRITY_HMAC\s0\fR)" 4
+.el .IP "``\s-1HMAC''\s0 (\fB\s-1OSSL_SELF_TEST_DESC_INTEGRITY_HMAC\s0\fR)" 4
+.IX Item "HMAC (OSSL_SELF_TEST_DESC_INTEGRITY_HMAC)"
+\&\*(L"Module_Integrity\*(R" and \*(L"Install_Integrity\*(R" use this.
+.ie n .IP """\s-1RSA""\s0 (\fB\s-1OSSL_SELF_TEST_DESC_PCT_RSA_PKCS1\s0\fR)" 4
+.el .IP "``\s-1RSA''\s0 (\fB\s-1OSSL_SELF_TEST_DESC_PCT_RSA_PKCS1\s0\fR)" 4
+.IX Item "RSA (OSSL_SELF_TEST_DESC_PCT_RSA_PKCS1)"
+.PD 0
+.ie n .IP """\s-1ECDSA""\s0 (\fB\s-1OSSL_SELF_TEST_DESC_PCT_ECDSA\s0\fR)" 4
+.el .IP "``\s-1ECDSA''\s0 (\fB\s-1OSSL_SELF_TEST_DESC_PCT_ECDSA\s0\fR)" 4
+.IX Item "ECDSA (OSSL_SELF_TEST_DESC_PCT_ECDSA)"
+.ie n .IP """\s-1DSA""\s0 (\fB\s-1OSSL_SELF_TEST_DESC_PCT_DSA\s0\fR)" 4
+.el .IP "``\s-1DSA''\s0 (\fB\s-1OSSL_SELF_TEST_DESC_PCT_DSA\s0\fR)" 4
+.IX Item "DSA (OSSL_SELF_TEST_DESC_PCT_DSA)"
+.PD
+Key generation tests used with the \*(L"Pairwise_Consistency_Test\*(R" type.
+.ie n .IP """RSA_Encrypt"" (\fB\s-1OSSL_SELF_TEST_DESC_ASYM_RSA_ENC\s0\fR)" 4
+.el .IP "``RSA_Encrypt'' (\fB\s-1OSSL_SELF_TEST_DESC_ASYM_RSA_ENC\s0\fR)" 4
+.IX Item "RSA_Encrypt (OSSL_SELF_TEST_DESC_ASYM_RSA_ENC)"
+.PD 0
+.ie n .IP """RSA_Decrypt"" (\fB\s-1OSSL_SELF_TEST_DESC_ASYM_RSA_DEC\s0\fR)" 4
+.el .IP "``RSA_Decrypt'' (\fB\s-1OSSL_SELF_TEST_DESC_ASYM_RSA_DEC\s0\fR)" 4
+.IX Item "RSA_Decrypt (OSSL_SELF_TEST_DESC_ASYM_RSA_DEC)"
+.PD
+\&\*(L"KAT_AsymmetricCipher\*(R" uses this to indicate an encrypt or decrypt \s-1KAT.\s0
+.ie n .IP """\s-1AES_GCM""\s0 (\fB\s-1OSSL_SELF_TEST_DESC_CIPHER_AES_GCM\s0\fR)" 4
+.el .IP "``\s-1AES_GCM''\s0 (\fB\s-1OSSL_SELF_TEST_DESC_CIPHER_AES_GCM\s0\fR)" 4
+.IX Item "AES_GCM (OSSL_SELF_TEST_DESC_CIPHER_AES_GCM)"
+.PD 0
+.ie n .IP """AES_ECB_Decrypt"" (\fB\s-1OSSL_SELF_TEST_DESC_CIPHER_AES_ECB\s0\fR)" 4
+.el .IP "``AES_ECB_Decrypt'' (\fB\s-1OSSL_SELF_TEST_DESC_CIPHER_AES_ECB\s0\fR)" 4
+.IX Item "AES_ECB_Decrypt (OSSL_SELF_TEST_DESC_CIPHER_AES_ECB)"
+.ie n .IP """\s-1TDES""\s0 (\fB\s-1OSSL_SELF_TEST_DESC_CIPHER_TDES\s0\fR)" 4
+.el .IP "``\s-1TDES''\s0 (\fB\s-1OSSL_SELF_TEST_DESC_CIPHER_TDES\s0\fR)" 4
+.IX Item "TDES (OSSL_SELF_TEST_DESC_CIPHER_TDES)"
+.PD
+Symmetric cipher tests used with the \*(L"KAT_Cipher\*(R" type.
+.ie n .IP """\s-1SHA1""\s0 (\fB\s-1OSSL_SELF_TEST_DESC_MD_SHA1\s0\fR)" 4
+.el .IP "``\s-1SHA1''\s0 (\fB\s-1OSSL_SELF_TEST_DESC_MD_SHA1\s0\fR)" 4
+.IX Item "SHA1 (OSSL_SELF_TEST_DESC_MD_SHA1)"
+.PD 0
+.ie n .IP """\s-1SHA2""\s0 (\fB\s-1OSSL_SELF_TEST_DESC_MD_SHA2\s0\fR)" 4
+.el .IP "``\s-1SHA2''\s0 (\fB\s-1OSSL_SELF_TEST_DESC_MD_SHA2\s0\fR)" 4
+.IX Item "SHA2 (OSSL_SELF_TEST_DESC_MD_SHA2)"
+.ie n .IP """\s-1SHA3""\s0 (\fB\s-1OSSL_SELF_TEST_DESC_MD_SHA3\s0\fR)" 4
+.el .IP "``\s-1SHA3''\s0 (\fB\s-1OSSL_SELF_TEST_DESC_MD_SHA3\s0\fR)" 4
+.IX Item "SHA3 (OSSL_SELF_TEST_DESC_MD_SHA3)"
+.PD
+Digest tests used with the \*(L"KAT_Digest\*(R" type.
+.ie n .IP """\s-1DSA""\s0 (\fB\s-1OSSL_SELF_TEST_DESC_SIGN_DSA\s0\fR)" 4
+.el .IP "``\s-1DSA''\s0 (\fB\s-1OSSL_SELF_TEST_DESC_SIGN_DSA\s0\fR)" 4
+.IX Item "DSA (OSSL_SELF_TEST_DESC_SIGN_DSA)"
+.PD 0
+.ie n .IP """\s-1RSA""\s0 (\fB\s-1OSSL_SELF_TEST_DESC_SIGN_RSA\s0\fR)" 4
+.el .IP "``\s-1RSA''\s0 (\fB\s-1OSSL_SELF_TEST_DESC_SIGN_RSA\s0\fR)" 4
+.IX Item "RSA (OSSL_SELF_TEST_DESC_SIGN_RSA)"
+.ie n .IP """\s-1ECDSA""\s0 (\fB\s-1OSSL_SELF_TEST_DESC_SIGN_ECDSA\s0\fR)" 4
+.el .IP "``\s-1ECDSA''\s0 (\fB\s-1OSSL_SELF_TEST_DESC_SIGN_ECDSA\s0\fR)" 4
+.IX Item "ECDSA (OSSL_SELF_TEST_DESC_SIGN_ECDSA)"
+.PD
+Signature tests used with the \*(L"KAT_Signature\*(R" type.
+.ie n .IP """\s-1ECDH""\s0 (\fB\s-1OSSL_SELF_TEST_DESC_KA_ECDH\s0\fR)" 4
+.el .IP "``\s-1ECDH''\s0 (\fB\s-1OSSL_SELF_TEST_DESC_KA_ECDH\s0\fR)" 4
+.IX Item "ECDH (OSSL_SELF_TEST_DESC_KA_ECDH)"
+.PD 0
+.ie n .IP """\s-1DH""\s0 (\fB\s-1OSSL_SELF_TEST_DESC_KA_DH\s0\fR)" 4
+.el .IP "``\s-1DH''\s0 (\fB\s-1OSSL_SELF_TEST_DESC_KA_DH\s0\fR)" 4
+.IX Item "DH (OSSL_SELF_TEST_DESC_KA_DH)"
+.PD
+Key agreement tests used with the \*(L"\s-1KAT_KA\*(R"\s0 type.
+.ie n .IP """\s-1HKDF""\s0 (\fB\s-1OSSL_SELF_TEST_DESC_KDF_HKDF\s0\fR)" 4
+.el .IP "``\s-1HKDF''\s0 (\fB\s-1OSSL_SELF_TEST_DESC_KDF_HKDF\s0\fR)" 4
+.IX Item "HKDF (OSSL_SELF_TEST_DESC_KDF_HKDF)"
+.PD 0
+.ie n .IP """\s-1TLS13_KDF_EXTRACT""\s0 (\fB\s-1OSSL_SELF_TEST_DESC_KDF_TLS13_EXTRACT\s0\fR)" 4
+.el .IP "``\s-1TLS13_KDF_EXTRACT''\s0 (\fB\s-1OSSL_SELF_TEST_DESC_KDF_TLS13_EXTRACT\s0\fR)" 4
+.IX Item "TLS13_KDF_EXTRACT (OSSL_SELF_TEST_DESC_KDF_TLS13_EXTRACT)"
+.ie n .IP """\s-1TLS13_KDF_EXPAND""\s0 (\fB\s-1OSSL_SELF_TEST_DESC_KDF_TLS13_EXPAND\s0\fR)" 4
+.el .IP "``\s-1TLS13_KDF_EXPAND''\s0 (\fB\s-1OSSL_SELF_TEST_DESC_KDF_TLS13_EXPAND\s0\fR)" 4
+.IX Item "TLS13_KDF_EXPAND (OSSL_SELF_TEST_DESC_KDF_TLS13_EXPAND)"
+.ie n .IP """\s-1SSKDF""\s0 (\fB\s-1OSSL_SELF_TEST_DESC_KDF_SSKDF\s0\fR)" 4
+.el .IP "``\s-1SSKDF''\s0 (\fB\s-1OSSL_SELF_TEST_DESC_KDF_SSKDF\s0\fR)" 4
+.IX Item "SSKDF (OSSL_SELF_TEST_DESC_KDF_SSKDF)"
+.ie n .IP """X963KDF"" (\fB\s-1OSSL_SELF_TEST_DESC_KDF_X963KDF\s0\fR)" 4
+.el .IP "``X963KDF'' (\fB\s-1OSSL_SELF_TEST_DESC_KDF_X963KDF\s0\fR)" 4
+.IX Item "X963KDF (OSSL_SELF_TEST_DESC_KDF_X963KDF)"
+.ie n .IP """X942KDF"" (\fB\s-1OSSL_SELF_TEST_DESC_KDF_X942KDF\s0\fR)" 4
+.el .IP "``X942KDF'' (\fB\s-1OSSL_SELF_TEST_DESC_KDF_X942KDF\s0\fR)" 4
+.IX Item "X942KDF (OSSL_SELF_TEST_DESC_KDF_X942KDF)"
+.ie n .IP """\s-1PBKDF2""\s0 (\fB\s-1OSSL_SELF_TEST_DESC_KDF_PBKDF2\s0\fR)" 4
+.el .IP "``\s-1PBKDF2''\s0 (\fB\s-1OSSL_SELF_TEST_DESC_KDF_PBKDF2\s0\fR)" 4
+.IX Item "PBKDF2 (OSSL_SELF_TEST_DESC_KDF_PBKDF2)"
+.ie n .IP """\s-1SSHKDF""\s0 (\fB\s-1OSSL_SELF_TEST_DESC_KDF_SSHKDF\s0\fR)" 4
+.el .IP "``\s-1SSHKDF''\s0 (\fB\s-1OSSL_SELF_TEST_DESC_KDF_SSHKDF\s0\fR)" 4
+.IX Item "SSHKDF (OSSL_SELF_TEST_DESC_KDF_SSHKDF)"
+.ie n .IP """\s-1TLS12_PRF""\s0 (\fB\s-1OSSL_SELF_TEST_DESC_KDF_TLS12_PRF\s0\fR)" 4
+.el .IP "``\s-1TLS12_PRF''\s0 (\fB\s-1OSSL_SELF_TEST_DESC_KDF_TLS12_PRF\s0\fR)" 4
+.IX Item "TLS12_PRF (OSSL_SELF_TEST_DESC_KDF_TLS12_PRF)"
+.ie n .IP """\s-1KBKDF""\s0 (\fB\s-1OSSL_SELF_TEST_DESC_KDF_KBKDF\s0\fR)" 4
+.el .IP "``\s-1KBKDF''\s0 (\fB\s-1OSSL_SELF_TEST_DESC_KDF_KBKDF\s0\fR)" 4
+.IX Item "KBKDF (OSSL_SELF_TEST_DESC_KDF_KBKDF)"
+.PD
+Key Derivation Function tests used with the \*(L"\s-1KAT_KDF\*(R"\s0 type.
+.ie n .IP """\s-1CTR""\s0 (\fB\s-1OSSL_SELF_TEST_DESC_DRBG_CTR\s0\fR)" 4
+.el .IP "``\s-1CTR''\s0 (\fB\s-1OSSL_SELF_TEST_DESC_DRBG_CTR\s0\fR)" 4
+.IX Item "CTR (OSSL_SELF_TEST_DESC_DRBG_CTR)"
+.PD 0
+.ie n .IP """\s-1HASH""\s0 (\fB\s-1OSSL_SELF_TEST_DESC_DRBG_HASH\s0\fR)" 4
+.el .IP "``\s-1HASH''\s0 (\fB\s-1OSSL_SELF_TEST_DESC_DRBG_HASH\s0\fR)" 4
+.IX Item "HASH (OSSL_SELF_TEST_DESC_DRBG_HASH)"
+.ie n .IP """\s-1HMAC""\s0 (\fB\s-1OSSL_SELF_TEST_DESC_DRBG_HMAC\s0\fR)" 4
+.el .IP "``\s-1HMAC''\s0 (\fB\s-1OSSL_SELF_TEST_DESC_DRBG_HMAC\s0\fR)" 4
+.IX Item "HMAC (OSSL_SELF_TEST_DESC_DRBG_HMAC)"
+.PD
+\&\s-1DRBG\s0 tests used with the \*(L"\s-1DRBG\*(R"\s0 type.
+.Sp
+= item \*(L"\s-1RNG\*(R"\s0 (\fB\s-1OSSL_SELF_TEST_DESC_RNG\s0\fR)
+.Sp
+\&\*(L"Continuous_RNG_Test\*(R" uses this.
+.SH "EXAMPLES"
+.IX Header "EXAMPLES"
+A simple self test callback is shown below for illustrative purposes.
+.PP
+.Vb 1
+\& #include <openssl/self_test.h>
+\&
+\& static OSSL_CALLBACK self_test_cb;
+\&
+\& static int self_test_cb(const OSSL_PARAM params[], void *arg)
+\& {
+\& int ret = 0;
+\& const OSSL_PARAM *p = NULL;
+\& const char *phase = NULL, *type = NULL, *desc = NULL;
+\&
+\& p = OSSL_PARAM_locate_const(params, OSSL_PROV_PARAM_SELF_TEST_PHASE);
+\& if (p == NULL || p\->data_type != OSSL_PARAM_UTF8_STRING)
+\& goto err;
+\& phase = (const char *)p\->data;
+\&
+\& p = OSSL_PARAM_locate_const(params, OSSL_PROV_PARAM_SELF_TEST_DESC);
+\& if (p == NULL || p\->data_type != OSSL_PARAM_UTF8_STRING)
+\& goto err;
+\& desc = (const char *)p\->data;
+\&
+\& p = OSSL_PARAM_locate_const(params, OSSL_PROV_PARAM_SELF_TEST_TYPE);
+\& if (p == NULL || p\->data_type != OSSL_PARAM_UTF8_STRING)
+\& goto err;
+\& type = (const char *)p\->data;
+\&
+\& /* Do some logging */
+\& if (strcmp(phase, OSSL_SELF_TEST_PHASE_START) == 0)
+\& BIO_printf(bio_out, "%s : (%s) : ", desc, type);
+\& if (strcmp(phase, OSSL_SELF_TEST_PHASE_PASS) == 0
+\& || strcmp(phase, OSSL_SELF_TEST_PHASE_FAIL) == 0)
+\& BIO_printf(bio_out, "%s\en", phase);
+\&
+\& /* Corrupt the SHA1 self test during the \*(Aqcorrupt\*(Aq phase by returning 0 */
+\& if (strcmp(phase, OSSL_SELF_TEST_PHASE_CORRUPT) == 0
+\& && strcmp(desc, OSSL_SELF_TEST_DESC_MD_SHA1) == 0) {
+\& BIO_printf(bio_out, "%s %s", phase, desc);
+\& return 0;
+\& }
+\& ret = 1;
+\& err:
+\& return ret;
+\& }
+.Ve
+.SH "NOTES"
+.IX Header "NOTES"
+Some released versions of OpenSSL do not include a validated
+\&\s-1FIPS\s0 provider. To determine which versions have undergone
+the validation process, please refer to the
+OpenSSL Downloads page <https://www.openssl.org/source/>. If you
+require FIPS-approved functionality, it is essential to build your \s-1FIPS\s0
+provider using one of the validated versions listed there. Normally,
+it is possible to utilize a \s-1FIPS\s0 provider constructed from one of the
+validated versions alongside \fIlibcrypto\fR and \fIlibssl\fR compiled from any
+release within the same major release series. This flexibility enables
+you to address bug fixes and CVEs that fall outside the \s-1FIPS\s0 boundary.
+.SH "SEE ALSO"
+.IX Header "SEE ALSO"
+\&\fBopenssl\-fipsinstall\fR\|(1),
+\&\fBfips_config\fR\|(5),
+\&\fBOSSL_SELF_TEST_set_callback\fR\|(3),
+\&\fBOSSL_SELF_TEST_new\fR\|(3),
+\&\s-1\fBOSSL_PARAM\s0\fR\|(3),
+\&\fBopenssl\-core.h\fR\|(7),
+\&\fBopenssl\-core_dispatch.h\fR\|(7),
+\&\fBprovider\fR\|(7),
+<https://www.openssl.org/source/>
+.SH "HISTORY"
+.IX Header "HISTORY"
+This functionality was added in OpenSSL 3.0.
+.SH "COPYRIGHT"
+.IX Header "COPYRIGHT"
+Copyright 2019\-2023 The OpenSSL Project Authors. All Rights Reserved.
+.PP
+Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
+this file except in compliance with the License. You can obtain a copy
+in the file \s-1LICENSE\s0 in the source distribution or at
+<https://www.openssl.org/source/license.html>.
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-18 16:47:55 +0000