The Federal Information Processing Standard (or FIPS) is a cryptography standard created by the U.S. government. FIPS specifications require certain secure algorithms, cryptographic modules, and random number generation. The driver is FIPS compliant for data encryption when FIPS is enabled for the JVM on the client machine.

The following applies when the driver is running in a FIPS environment:

  • The driver complies with 140-3 and 140-2 standards.
  • The driver uses PKCS #11 providers to access keystores.

The driver was tested with FIPS 140-3 enabled using Red Hat OpenJDK 21 on a Red Hat Universal Base Image 9 instance.

Limitations

The MySQL driver is not FIPS compliant for non-TLS/SSL connections. This limitation is caused by MySQL using password encryption for userID/password authentication that uses the RSA_OAEP algorithm, which is not supported in the Red Hat FIPS 140-3 environment.