PRAGMA cipher is a relic dating back to the very first version of SQLCipher when OpenSSL was the only cryptographic backend. With the introduction of the cryptographic provider interface in SQLCipher, platform builds may use different providers depending on requirements, e.g. OpenSSL, CommonCrypto (Mac, iOS), Tomcrypt, or custom providers built by users. We can guarantee that AES 256 in CBC mode is supported, but unfortunately there is no common “extended” set of cipher, key length, and mode supported by all providers (or even within a single provider like OpenSSL the built in ciphers can vary).
In addition, not all cryptograpic libraries provide a simple, high level interface to the encryption libraries like the OpenSSL EVP functions. This can make runtime changes to the cipher key length and mode quite difficult and complex to implement.
Finally, the use of PRAGMA cipher can lead to runtime incompatibility between databases or even cases where an application using a shared library may work on one machined but not another.
Ultimately, we decided that this is not a good candidate for runtime configuration in the SQLCipher usage model. As such we have made the decision to deprecate the PRAGMA.
That said, it is still quite possible for developers to change around any settings they want at compile time. If a developer is really interested in modifying this behavior and has a controlled deployment model then can make an educated decision and adjust the build accordingly. They can do this either via defines (i.e. -DCIPHER=“aes-256-cfb”) or they can even construct their own custom cryptograpic provider for SQLCipher.