diff --git a/.gitignore b/.gitignore
index 39fbaefd..bd2709d5 100644
--- a/.gitignore
+++ b/.gitignore
@@ -24,3 +24,5 @@ cmake-build-debug
 _deps
 
 DartConfiguration.tcl
+
+install
diff --git a/CMakeLists.txt b/CMakeLists.txt
index bfb5289c..bb60312f 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -20,7 +20,6 @@
 cmake_minimum_required(VERSION 3.14.0)
 project(CRYPTO C)
 
-set(CMAKE_INSTALL_RPATH "$ORIGIN/../lib")
 
 OPTION(DEBUG "Debug" OFF) # Disabled by default, enable with: -DDEBUG=ON
 OPTION(MYSQL "Mysql" OFF) # Disabled by default, enable with: -DMYSQL=ON
@@ -28,6 +27,19 @@ OPTION(LIBGCRYPT "Libgcrypt" ON) # Enabled by default, disable with: -DLIBGCRYPT
 OPTION(KMCCRYPTO "KmcCrypto" OFF) # Disabled by default, enable with: -DKMCCRYPTO=ON
 OPTION(ENCTEST "Encryption-Tests" OFF) # Disabled by default, enable with: -DENCTEST=ON
 OPTION(CODECOV "Code-Coverage" OFF) # Disabled by default, enable with: -DCODECOV=ON
+OPTION(SYSTEM_INSTALL "SystemInstall" OFF) #Disabled by default, enable with: -DSYSTEM_INSTALL=ON
+
+set(CMAKE_INSTALL_RPATH "$ORIGIN/../lib")
+set(CMAKE_INSTALL_PREFIX ${PROJECT_SOURCE_DIR}/install)
+
+IF(CRYPTO_SUBMODULE_INSTALL) #If building CryptoLib as a submodule of another build system (EG, JPL KMC, Nasa NOS3, etc...)
+    set(CMAKE_INSTALL_PREFIX ${CRYPTO_SUBMODULE_INSTALL})
+ENDIF()
+
+IF(SYSTEM_INSTALL)
+    set(CMAKE_INSTALL_PREFIX /usr/local)
+ENDIF()
+
 
 IF(DEBUG)
     ADD_DEFINITIONS(-DDEBUG -DOCF_DEBUG -DFECF_DEBUG -DSA_DEBUG -DPDU_DEBUG -DCCSDS_DEBUG -DTC_DEBUG -DMAC_DEBUG -DTM_DEBUG)
diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt
index 0c2b6f8b..692cdd39 100644
--- a/src/CMakeLists.txt
+++ b/src/CMakeLists.txt
@@ -72,11 +72,19 @@ if(MYSQL)
     target_link_libraries(Crypto ${MYSQL_LIBS})
 endif()
 
-
-#Include cmake install module - todo
-#include(GNUInstallDirs)
+set_target_properties(Crypto PROPERTIES PUBLIC_HEADER "../include/crypto.h;../include/crypto_config_structs.h;../include/crypto_error.h;../include/crypto_print.h;../include/crypto_structs.h;")
 
 add_custom_command(TARGET Crypto POST_BUILD
         COMMAND ${CMAKE_COMMAND} -E copy $<TARGET_FILE:Crypto> ${PROJECT_BINARY_DIR}/lib/libCrypto.so
         COMMENT "Created ${PROJECT_BINARY_DIR}/lib/libCrypto.so"
         )
+
+install(TARGETS Crypto
+        DESTINATION ${CMAKE_INSTALL_PREFIX}/lib
+        PUBLIC_HEADER DESTINATION ${CMAKE_INSTALL_PREFIX}/include)
+
+IF(MYSQL)
+    file(GLOB MYSQL_SCRIPTS crypto_sadb/sadb_mariadb_admin_scripts/*.sql)
+    install(FILES ${MYSQL_SCRIPTS}
+            DESTINATION ${CMAKE_INSTALL_PREFIX}/etc/sadb_mariadb_admin_scripts)
+endif()
\ No newline at end of file
diff --git a/src/src_cryptography/src_kmc_crypto_service/cryptography_interface_kmc_crypto_service.template.c b/src/src_cryptography/src_kmc_crypto_service/cryptography_interface_kmc_crypto_service.template.c
index f5ea6105..5db55ca4 100644
--- a/src/src_cryptography/src_kmc_crypto_service/cryptography_interface_kmc_crypto_service.template.c
+++ b/src/src_cryptography/src_kmc_crypto_service/cryptography_interface_kmc_crypto_service.template.c
@@ -262,7 +262,6 @@ static int32_t cryptography_authenticate(uint8_t* data_out, size_t len_data_out,
     iv = iv;
     iv_len = iv_len;
     ecs = ecs;
-    acs = acs;
 
     curl_easy_reset(curl);
     configure_curl_connect_opts(curl);
@@ -275,6 +274,13 @@ static int32_t cryptography_authenticate(uint8_t* data_out, size_t len_data_out,
     uint8_t* auth_payload = aad;
     size_t auth_payload_len = aad_len;
 
+    // Verify valid acs enum
+    int32_t algo = cryptography_get_acs_algo(acs);
+    if (algo == CRYPTO_LIB_ERR_UNSUPPORTED_ACS)
+    {
+        return CRYPTO_LIB_ERR_UNSUPPORTED_ACS;
+    }
+
     // Need to copy the data over, since authentication won't change/move the data directly
     if(data_out != NULL){
         memcpy(data_out, data_in, len_data_in);
@@ -488,7 +494,13 @@ static int32_t cryptography_validate_authentication(uint8_t* data_out, size_t le
     iv = iv;
     iv_len = iv_len;
     ecs = ecs;
-    acs = acs;
+
+    // Verify valid acs enum
+    int32_t algo = cryptography_get_acs_algo(acs);
+    if (algo == CRYPTO_LIB_ERR_UNSUPPORTED_ACS)
+    {
+        return CRYPTO_LIB_ERR_UNSUPPORTED_ACS;
+    }
 
     // Need to copy the data over, since authentication won't change/move the data directly
     if(data_out != NULL){
@@ -1253,9 +1265,9 @@ int32_t cryptography_get_acs_algo(int8_t algo_enum)
     int32_t algo = CRYPTO_LIB_ERR_UNSUPPORTED_ACS; // All valid algo enums will be positive
     switch (algo_enum)
     {
-        // case CRYPTO_AES256_CMAC:
-        //     algo = GCRY_MAC_CMAC_AES;
-        //     break;
+         case CRYPTO_AES256_CMAC:
+             algo = CRYPTO_AES256_CMAC;
+             break;
 
         default:
 #ifdef DEBUG
@@ -1264,5 +1276,5 @@ int32_t cryptography_get_acs_algo(int8_t algo_enum)
             break;
     }
 
-    return (int)algo;
+    return (int32_t)algo;
 }
\ No newline at end of file