[ Pobierz całość w formacie PDF ]
.openssl_seal() seals (encrypts) data by using RC4 with a randomly generated secretkey.The key is encrypted with each of the public keys associated with theidentifiers in pub_key_ids and each encryptedkey is returned in env_keys.This means that onecan send sealed data to multiple recipients (provided one has obtained theirpublic keys).Each recipient must receive both the sealed data and the envelopekey that was encrypted with the recipient's public key.PrzykÅ‚ad 1.openssl_seal() example// $data is assumed to contain the data to be sealed// fetch public keys for our recipients, and ready them$fp = fopen("/src/openssl-0.9.6/demos/maurice/cert.pem", "r");$cert = fread($fp, 8192);fclose($fp);$pk1 = openssl_get_publickey($cert);// Repeat for second recipient$fp = fopen("/src/openssl-0.9.6/demos/sign/cert.pem", "r");$cert = fread($fp, 8192);fclose($fp);$pk2 = openssl_get_publickey($cert);// seal message, only owners of $pk1 and $pk2 can decrypt $sealed with keys// $ekeys[0] and $ekeys[1] respectively.openssl_seal($data, $sealed, $ekeys, array($pk1,$pk2));// free the keys from memoryopenssl_free_key($pk1);openssl_free_key($pk2);See also openssl_open().openssl_sign(PHP 4 >= 4.4)openssl_sign -- Generate signatureDescriptionbool openssl_sign ( string data,string signature, mixed priv_key_id)Ostrze¿enieTa funkcja jest w stadium EKSPERYMENTALNYM.Oznacza to, że zachowaniefunkcji, jej nazwa, w zasadzie wszystko udokumentowane tutaj może zostaćzmienione w przyszÅ‚ych wersjach PHP bez wczeÅ›niejszego uprzedzenia.Używajtej funkcji na wÅ‚asne ryzyko.Returns TRUE on success, or FALSE on failure.If successful the signature isreturned in signature.openssl_sign() computes a signature for the specifieddata by using SHA1 for hashing followed byencryption using the private key associated with priv_key_id.Note that the data itself is notencrypted.PrzykÅ‚ad 1.openssl_sign() example// $data is assumed to contain the data to be signed// fetch private key from file and ready it$fp = fopen("/src/openssl-0.9.6/demos/sign/key.pem", "r");$priv_key = fread($fp, 8192);fclose($fp);$pkeyid = openssl_get_privatekey($priv_key);// compute signatureopenssl_sign($data, $signature, $pkeyid);// free the key from memoryopenssl_free_key($pkeyid);See also openssl_verify().openssl_verify(PHP 4 >= 4.4)openssl_verify -- Verify signatureDescriptionint openssl_verify ( string data,string signature, mixed pub_key_id)Ostrze¿enieTa funkcja jest w stadium EKSPERYMENTALNYM.Oznacza to, że zachowaniefunkcji, jej nazwa, w zasadzie wszystko udokumentowane tutaj może zostaćzmienione w przyszÅ‚ych wersjach PHP bez wczeÅ›niejszego uprzedzenia.Używajtej funkcji na wÅ‚asne ryzyko.Returns 1 if the signature is correct, 0 if it is incorrect, and -1 on error.openssl_verify() verifies that the signature is correct for the specified data using the public key associated with pub_key_id.This must be the public keycorresponding to the private key used for signing.PrzykÅ‚ad 1.openssl_verify() example// $data and $signature are assumed to contain the data and the signature// fetch public key from certificate and ready it$fp = fopen("/src/openssl-0.9.6/demos/sign/cert.pem", "r");$cert = fread($fp, 8192);fclose($fp);$pubkeyid = openssl_get_publickey($cert);// state whether signature is okay or not$ok = openssl_verify($data, $signature, $pubkeyid);if ($ok == 1)echo "good";elseif ($ok == 0)echo "bad";elseecho "ugly, error checking signature";// free the key from memoryopenssl_free_key($pubkeyid);See also openssl_sign().openssl_pkcs7_decrypt(PHP 4 >= 4.6)openssl_pkcs7_decrypt -- Decrypts an S/MIMEencrypted messageDescriptionbool openssl_pkcs7_decrypt ( stringinfilename, string outfilename, mixed recipcert, mixed recipkey)Ostrze¿enieTa funkcja jest w stadium EKSPERYMENTALNYM.Oznacza to, że zachowaniefunkcji, jej nazwa, w zasadzie wszystko udokumentowane tutaj może zostaćzmienione w przyszÅ‚ych wersjach PHP bez wczeÅ›niejszego uprzedzenia.Używajtej funkcji na wÅ‚asne ryzyko.Decrypts the S/MIME encrypted message contained in the file specified by infilename using the certificate and it's associatedprivate key specified by recipcert and recipkey.The decrypted message is output to the file specified by outfilenamePrzykÅ‚ad 1.openssl_pkcs7_decrypt()example// $cert and $key are assumed to contain your personal certificate and private// key pair, and that you are the recipient of an S/MIME message$infilename = "encrypted.msg"; // this file holds your encrypted message$outfilename = "decrypted.msg"; // make sure you can write to this fileif (openssl_pkcs7_decrypt($infilename, $outfilename, $cert, $key))echo "decrypted!";elseecho "failed to decrypt!";Notatka: This function was added in4.6.openssl_pkcs7_encrypt(PHP 4 >= 4.6)openssl_pkcs7_encrypt -- Encrypt an S/MIMEmessageDescriptionbool openssl_pkcs7_encrypt ( stringinfilename, string outfilename, mixed recipcerts, array headers [, long flags])Ostrze¿enieTa funkcja jest w stadium EKSPERYMENTALNYM.Oznacza to, że zachowaniefunkcji, jej nazwa, w zasadzie wszystko udokumentowane tutaj może zostaćzmienione w przyszÅ‚ych wersjach PHP bez wczeÅ›niejszego uprzedzenia.Używajtej funkcji na wÅ‚asne ryzyko.openssl_pkcs7_encrypt() takes the contents of the filenamed infilename and encrypts them using an RC240-bit cipher so that they can only be read by the intended recipients specifiedby recipcerts, which is either a lone X.509certificate, or an array of X.509 certificates.headers is an array of headers that will beprepended to the data after it has been encrypted.flags can be used to specify options that affect theencoding process - see PKCS7constants.headers can be either anassociative array keyed by header name, or an indexed array, where each elementcontains a single header line.PrzykÅ‚ad 1
[ Pobierz całość w formacie PDF ]