Is SQLite3MultipleCiphers FIPS compliant?

[chandrakanth-amuru]

Hi All,
I'm working for a tool that is FIPS 140-2 compliant and we exploring if SQLite3MultipleCiphers can be used for our project, as part of it would like to know if SQLite3MultipleCiphers is FIPS compliant. Could someone clarify?
Thanks.

[utelle]

SQLite3MultipleCiphers is not FIPS 140-2 validated. In theory, SQLite3MultipleCiphers could be made FIPS compliant by replacing the current implementation of cryptographic algorithms for example by calls to the OpenSSL FIPS module. However, at the moment I have no plans to implement selectable cryptographic providers for SQLite3MultipleCiphers.

There exist at least 2 FIPS-compliant encryption extensions for SQLite:

1. The creators of SQLite offer a commercial SQLite Encryption Extension that can be linked with OpenSSL.
2. The company Zetetic, creator of SQLCipher, offers a commercial FIPS-compliant SQLCipher variant.

[chandrakanth-amuru]

Thank you for the info.