EVP_SIGNATURE-LMS(7ssl) OpenSSL EVP_SIGNATURE-LMS(7ssl) NAME EVP_SIGNATURE-LMS - The EVP_PKEY Leighton-Micali Signature (LMS) implementation DESCRIPTION The LMS EVP_PKEY implementation supports Leighton-Micali Signatures (LMS) described in [RFC 8554](https://datatracker.ietf.org/doc/html/rfc8854) and [SP 800-208](https://csrc.nist.gov/pubs/sp/800/208/final). The OpenSSL providers only support LMS signature verification, as this is a [SP 800-208](https://csrc.nist.gov/pubs/sp/800/208/final) requirement for FIPS software modules. EVP_PKEY_verify_message_init() and EVP_PKEY_verify() are the only supported functions used for LMS signatures. Streaming is not currently supported, and since the signature data contains data related to the digest used, functions that specify the digest name are not necessary. NOTES LMS support is disabled by default at compile-time. To enable, specify the enable-lms build configuration option. LMS should only be used for older deployments. New deployments should use either EVP_SIGNATURE-ML-DSA(7) or . EXAMPLES Error checking has been omitted from the following examples LMS signature verification /* See L. 3.6.0 2025-10-01 EVP_SIGNATURE-LMS(7ssl)