16 Most of the functions require a key or a certificate as a parameter; to make
25 Similarly, you can use the following methods of specifying a public key:
27 1. As a key resource returned from openssl_get_publickey
28 2. An X509 resource - public key only
30 4. As a string containing the data from the key file
32 Additionally, for a private key, when the openssl extension function does not
34 array($key, "passphrase") where $key can be a key specified using one of the
56 resource openssl_get_privatekey(mixed key [, string passphrase])
58 Parses the key data and returns a key resource identifier. If the key is
64 Extracts the public key from the given certificate or public key and returns
65 a key resource identifier.
68 void openssl_free_key(resource key)
70 Frees the resource given by the key resource identifier.
71 Note that this function does not accept the extended key specification
162 certificate and key pair identified by signcert/signkey.
163 Signkey must be the private key corresponding to signcert.
175 using the certificate and private key pair recipcert/recipkey.
183 bool openssl_sign(string data, &string signature, mixed key)
185 Uses key to create signature for data, returns true on success and false
190 int openssl_verify(string data, string signature, mixed key)
192 Uses key to verify that the signature is correct for the given data.
206 Opens (decrypts) sealed data using a private key and the corresponding
207 envelope key. Returns true on success and false on failure.  On success,
219 To do anything you need a private key and a certificate containing the
220 corresponding public key. This is similar to what you have using say an
226 Creating private key
228 To generate an unprotected 1024 bit RSA private key you can do
230    openssl genrsa -out /tmp/test.key 1024
237 To generate a self signed certificate from the key that is valid for
240     openssl req -new -key /tmp/test.key -out /tmp/test.crt -days 365 -x509
259      // get public key from certificate
261      // $pk1 is an encryption key resource id if success, else false
276      $fp = fopen("/src/openssl-0.9.6/demos/sign/key.pem", "r");
277      // Get PEM coded key into $pkey 
280      // $key will be resource id for unpacked $pkey
281      $key = openssl_get_privatekey($pkey);
283      openssl_open($sealed, $open, $ekeys[1], $key);
284      openssl_free_key($key);
294      // First we need to have a string containing the private key in PEM format
296      $fp = fopen("/src/openssl-0.9.6/demos/sign/key.pem", "r");
300      // get private key from the PEM format
301      // $key is an encr key resource id if success, else false
302      $key = openssl_get_privatekey($pkey);
305      openssl_sign($data, $signature, $key);
306      openssl_free_key($key);
314      // Get public key from the certificate
320      // free key

Last Index update Mon Sep 30 00:02:53 UTC 2024

Dedicated to & Maintained by Room-11