openssl_pkcs7_encrypt
(PHP 4 >= 4.0.6, PHP 5, PHP 7, PHP 8)
openssl_pkcs7_encrypt — Encrypt an S/MIME message
Description
openssl_pkcs7_encrypt(
string
string
OpenSSLCertificate|array|string
?array
int
int
): bool
string
$input_filename,string
$output_filename,OpenSSLCertificate|array|string
$certificate,?array
$headers,int
$flags = 0,int
$cipher_algo = OPENSSL_CIPHER_AES_128_CBC): bool
openssl_pkcs7_encrypt() takes the contents of the file named input_filename and encrypts them using an RC2 40-bit cipher so that they can only be read by the intended recipients specified by certificate.
Parameters
input_filenameoutput_filenamecertificateEither a lone X.509 certificate, or an array of X.509 certificates.
headersheadersis an array of headers that will be prepended to the data after it has been encrypted.headerscan be either an associative array keyed by header name, or an indexed array, where each element contains a single header line.flagsflagscan be used to specify options that affect the encoding process - see PKCS7 constants.cipher_algoOne of cipher constants.
Changelog
| Version | Description |
|---|---|
| 8.1.0 | The default cipher algorithm (cipher_algo) is now AES-128-CBC (OPENSSL_CIPHER_AES_128_CBC). Previously, PKCS7/CMS was used (OPENSSL_CIPHER_RC2_40). |
| 8.0.0 | certificate accepts an OpenSSLCertificate instance now; previously, a resource of type OpenSSL X.509 CSR was accepted. |
Examples
Example #1 openssl_pkcs7_encrypt() example
<?php
// the message you want to encrypt and send to your secret agent
// in the field, known as nighthawk. You have his certificate
// in the file nighthawk.pem
$data = <<<EOD
Nighthawk,
Top secret, for your eyes only!
The enemy is closing in! Meet me at the cafe at 8.30am
to collect your forged passport!
HQ
EOD;
// load key
$key = file_get_contents("nighthawk.pem");
// save message to file
$fp = fopen("msg.txt", "w");
fwrite($fp, $data);
fclose($fp);
// encrypt it
if (openssl_pkcs7_encrypt("msg.txt", "enc.txt", $key,
array("To" => "[email protected]", // keyed syntax
"From: HQ <[email protected]>", // indexed syntax
"Subject" => "Eyes only"))) {
// message encrypted - send it!
exec(ini_get("sendmail_path") . " < enc.txt");
}
?>↑ and ↓ to navigate • Enter to select • Esc to close • / to open