SQLiteCodeFirst icon indicating copy to clipboard operation
SQLiteCodeFirst copied to clipboard

Published 20 hours ago verified publisher icon msallin

Make SQLiteCodeFirst FIPS compliant

Open sergiom371 opened this issue 1 year ago • 0 comments

This PR makes SQLiteCodeFirst FIPS compliant, needed to operate on US federal or many state government systems as it is a requirement for software vendors.

SHA512.Create() will return a new SHA512Managed instance by default. But, if FIPS restriction is enabled, it will return an FIPS-compliant instance.

What is FIPS compliance? FIPS stands for Federal Information Processing Standards and are US Government standards that provide a benchmark for implementing cryptographic software

SHA512CryptoServiceProvider uses the FIPS 140-2 validated (FIPS = Federal Information Processing Standards) Crypto Service Provider (CSP) while SHA256Managed does not.

sergiom371 avatar Feb 07 '24 15:02 sergiom371