OpenSSL Crypto Driver and NSS Crypto Driver Interoperability Matrix

This shows the Interoperability Matrix for OpenSSL Crypto Driver and NSS Crypto Driver.

NOTE: This documentation is taken from include/apr_crypto.h in apr-util v1.5.3′s source code.
Thanks to Gregg for this information.

 * Symmetric Key types understood by the library.
 * NOTE: It is expected that this list will grow over time.
 * Interoperability Matrix:
 * The matrix is based on the testcrypto.c unit test, which attempts to
 * test whether a simple encrypt/decrypt will succeed, as well as testing
 * whether an encrypted string by one library can be decrypted by the
 * others.
 * Some libraries will successfully encrypt and decrypt their own data,
 * but won't decrypt data from another library. It is hoped that over
 * time these anomalies will be found and fixed, but until then it is
 * recommended that ciphers are chosen that interoperate across platform.
 * An X below means the test passes, it does not necessarily mean that
 * encryption performed is correct or secure. Applications should stick
 * to ciphers that pass the interoperablity tests on the right hand side
 * of the table.
 * Aligned data is data whose length is a multiple of the block size for
 * the chosen cipher. Padded data is data that is not aligned by block
 * size and must be padded by the crypto library.
 *                  OpenSSL      NSS      Interop
 *                 Align Pad  Align Pad  Align Pad
 * 3DES_192/CBC    X     X    X     X    X     X
 * 3DES_192/ECB    X     X
 * AES_256/CBC     X     X    X     X    X     X
 * AES_256/ECB     X     X    X          X
 * AES_192/CBC     X     X    X     X
 * AES_192/ECB     X     X    X
 * AES_128/CBC     X     X    X     X
 * AES_128/ECB     X     X    X
 * Conclusion: for padded data, use 3DES_192/CBC or AES_256/CBC. For
 * aligned data, use 3DES_192/CBC, AES_256/CBC or AES_256/ECB.




You may go back to the section, Installing PHP.