openssl_open
(PHP 4 >= 4.0.4, PHP 5, PHP 7, PHP 8)
openssl_open — Open sealed data
Description
string
$data,string
&$output,string
$encrypted_key,OpenSSLAsymmetricKey|OpenSSLCertificate|array|string
$private_key,string
$cipher_algo,?string
$iv = null): bool
openssl_open() opens (decrypts)
data using the private key associated with
the key identifier private_key and the envelope key
encrypted_key, and fills
output with the decrypted data.
The envelope key is generated when the
data are sealed and can only be used by one specific private key. See
openssl_seal() for more information.
Parameters
-
data -
-
output -
If the call is successful the opened data is returned in this parameter.
-
encrypted_key -
-
private_key -
-
cipher_algo -
The cipher method.
CautionThe default value (
'RC4') is considered insecure. It is strongly recommended to explicitly specify a secure cipher method. -
iv -
The initialization vector.
Return Values
Returns true on success or false on failure.
Changelog
| Version | Description |
|---|---|
| 8.0.0 |
private_key accepts an OpenSSLAsymmetricKey
or OpenSSLCertificate instance now;
previously, a resource of type OpenSSL key or OpenSSL X.509 CSR
was accepted.
|
| 8.0.0 |
cipher_algo is no longer an optional parameter.
|
Examples
Example #1 openssl_open() example
<?php
// $sealed and $env_key are assumed to contain the sealed data
// and our envelope key, both given to us by the sealer.
// fetch private key from file and ready it
$fp = fopen("/src/openssl-0.9.6/demos/sign/key.pem", "r");
$priv_key = fread($fp, 8192);
fclose($fp);
$pkeyid = openssl_get_privatekey($priv_key);
// decrypt the data and store it in $open
if (openssl_open($sealed, $open, $env_key, $pkeyid)) {
echo "here is the opened data: ", $open;
} else {
echo "failed to open data";
}
// free the private key from memory
openssl_free_key($pkeyid);
?>
