openssl_open

(PHP 4 >= 4.0.4, PHP 5, PHP 7, PHP 8)

openssl_open — Open sealed data

Description

openssl_open(
 string $data,
 string &$output,
 string $encrypted_key,
 OpenSSLAsymmetricKey|OpenSSLCertificate|array|string $private_key,
 string $cipher_algo,
 ?string $iv = null
): bool

openssl_open() opens (decrypts) data using the private key associated with the key identifier private_key and the envelope key encrypted_key, and fills output with the decrypted data. The envelope key is generated when the data are sealed and can only be used by one specific private key. See openssl_seal() for more information.

Parameters

data
output: If the call is successful the opened data is returned in this parameter.
encrypted_key
private_key
cipher_algo: The cipher method.

Caution
The default value ('RC4') is considered insecure. It is strongly recommended to explicitly specify a secure cipher method.
iv: The initialization vector.

Return Values

Returns true on success or false on failure.

Changelog

Version	Description
8.0.0	`private_key` accepts an OpenSSLAsymmetricKey or OpenSSLCertificate instance now; previously, a resource of type `OpenSSL key` or `OpenSSL X.509 CSR` was accepted.
8.0.0	`cipher_algo` is no longer an optional parameter.

Examples

Example #1 openssl_open() example

<?php
// $sealed and $env_key are assumed to contain the sealed data
// and our envelope key, both given to us by the sealer.

// fetch private key from file and ready it
$fp = fopen("/src/openssl-0.9.6/demos/sign/key.pem", "r");
$priv_key = fread($fp, 8192);
fclose($fp);
$pkeyid = openssl_get_privatekey($priv_key);

// decrypt the data and store it in $open
if (openssl_open($sealed, $open, $env_key, $pkeyid)) {
    echo "here is the opened data: ", $open;
} else {
    echo "failed to open data";
}

// free the private key from memory
openssl_free_key($pkeyid);
?>

Name	PHP
Version
Badge
Last Updated	2022-04-25T15:10:39Z