openssl_private_encrypt

(PHP 4 >= 4.0.6, PHP 5, PHP 7)

openssl_private_encrypt — Encrypts data with private key

Description

bool openssl_private_encrypt ( string $data , string &$crypted , mixed $key [, int $padding = OPENSSL_PKCS1_PADDING ] )

openssl_private_encrypt() encrypts data with private key and stores the result into crypted. Encrypted data can be decrypted via openssl_public_decrypt().

This function can be used e.g. to sign data (or its hash) to prove that it is not written by someone else.

Parameters

data
crypted
key
padding: padding can be one of OPENSSL_PKCS1_PADDING, OPENSSL_NO_PADDING.

Return Values

Returns TRUE on success or FALSE on failure.

User Contributed Notes

wfredkNOSPAM at L5DevelopmentNOSPAM dot com

14 years ago


Encrypt using private key, decrypt using public key.



Use this for posting signed messages:  Anyone with access to

your public key can read it, but they can't create one with

your signature.



<?php

echo "Source: $source";

$fp=fopen("/path/to/private.key","r");

$priv_key=fread($fp,8192);

fclose($fp);

// $passphrase is required if your key is encoded (suggested)

$res = openssl_get_privatekey($priv_key,$passphrase);

/*

 * NOTE:  Here you use the returned resource value

 */

openssl_private_encrypt($source,$crypttext,$res);

echo "String crypted: $crypttext";



$fp=fopen ("/path/to/certificate.crt","r");

$pub_key=fread($fp,8192);

fclose($fp);

openssl_get_publickey($pub_key);

/*

 * NOTE:  Here you use the $pub_key value (converted, I guess)

 */

openssl_public_decrypt($crypttext,$newsource,$pub_key);

echo "String decrypt : $newsource";

?>

adityasingh at techknowtrends dot com

4 years ago


Here is a over simplified version of using the crypt capabilities for getting started:

$res = openssl_pkey_new();

// Get private key
openssl_pkey_export($res, $privkey);

// Get public key
$pubkey = openssl_pkey_get_details($res);
$pubkey = $pubkey["key"];
var_dump($privkey);
var_dump($pubkey);

// get some text from command line to work with
$tocrypt = trim(fgets(STDIN));

// some variables to work with
$encryptedviaprivatekey = ""; //holds text encrypted with the private key
$decryptedviapublickey = ""; // holds text which was decrypted by the public key after being encrypted with the private key, should be same as $tocrypt
$encryptedviapublickey = ""; // holds text that was encrypted with the public key
$decryptedviaprivatekey = ""; // holds text that was decrypted with the private key after being encrypted with the public key, should be the same as $tocrypt

openssl_private_encrypt($tocrypt, $encryptedviaprivatekey, $privkey);
echo $tocrypt . "->" . $encryptedviaprivatekey;
echo "\n\n";
openssl_public_decrypt($encryptedviaprivatekey, $decryptedviapublickey, $pubkey);
echo $encryptedviaprivatekey . "->" . $decryptedviapublickey;
echo "\n\n";

openssl_public_encrypt($tocrypt,$encryptedviapublickey, $pubkey);
echo $tocrypt . "->" . $encryptedviapublickey;
echo "\n\n";
openssl_private_decrypt($encryptedviapublickey, $decryptedviaprivatekey, $privkey);
echo $encryptedviapublickey . "->" . $decryptedviaprivatekey;

Output:

string(887) "-----BEGIN RSA PRIVATE KEY-----
MIICXAIBAAKBgQCy745x8AqGKlTWBu2Ub80boPaQxo/midZ4LHZ0zbPpiCAfkADN
VYSe8OckPKutdjPX7SNAx66PgQRH1xrz1gysbRrf8K/mA0LQ00MKBFaFottWt5cC
IaUS9zvCgPw7prwng3hkGShnvTSMXiKFyt1E3RTvpXRk0u46D6hKiy+TSQIDAQAB
AoGBAJe1jjNCDtoz19vi4doBdIhhT8vt3iHbafBX2lMr+MceeAXqpRNy10+e9op9
uh0G4+vGDialZnYbMBLs6Ngl+nVnzn+cN1MMJ18brgf3biZKzVzK9wmOW4eycWaR
9eLa7/+ns8Cw5GsLJdG+OHR2gXRXU4hzUFdf90UUbP+kuqK1AkEA2X04XznFDNmT
NuhyCixwinlziazJBp/81jjaBhYj3cG0nTF0Gactc/yD0yudbrMqjLBfts+FbG3Z
yFHKrAB/cwJBANKetll3M3aCGsermEK+9hbB8yMihCju6pAwClUNkrAgrm9zU4LP
WkC81RDzXbz+pfIqpopfn34F3+U2iMiOe1MCQCXpTgpLZ631v1Oy8S4U0QlSYnF9
TQ16lfhBsL+e3GGrgnBkTniqS6IMQm5tC+RgFuqvU//p7LgZ7fydRVb2P0ECQFp9
YADuKskmutTAj6lVnCtI5upYgQmJJHQQf8/tBfHwCKHPnbic17zqpGwk80go7Ckw
U98tmDuv0HMNTBVGygsCQALck7VNBRjL9iFzJMFis+alcP1ZC88wOLPvIxYbevUH
c8rZwRqt1aHwaWOoxcVom+tyzRC6gEYoBarmU1bX4No=
-----END RSA PRIVATE KEY-----
"
string(272) "-----BEGIN PUBLIC KEY-----
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCy745x8AqGKlTWBu2Ub80boPaQ
xo/midZ4LHZ0zbPpiCAfkADNVYSe8OckPKutdjPX7SNAx66PgQRH1xrz1gysbRrf
8K/mA0LQ00MKBFaFottWt5cCIaUS9zvCgPw7prwng3hkGShnvTSMXiKFyt1E3RTv
pXRk0u46D6hKiy+TSQIDAQAB
-----END PUBLIC KEY-----
"
this is a test for crypting
( ¦E@n¥u?7Fëµ¥+-M¼ìk?7¥;t?8[j¼ñrƒ¦ª-TÜ++ßYG?-úö¦}9+k8OJn_?¦x?¦
dó+aév.cå?-ï`,¦?·5u¦p%Z²¤ÜI?û ¼

( ¦E@n¥u?7Fëµ¥+-M¼ìk?7¥;t?8[j¼ñrƒ¦ª-TÜ++ßYG?-úö¦}9+k8OJn_?¦x?¦
dó+aév.cå?-ï`,¦?·5u¦p%Z²¤ÜI?û ¼->this is a test for crypting

this is a test for crypting->hT!¡_
#+£-íßÿo»¢äSs+üSnäÖ-(¦ëIkl[¤¦=?í?Ç+Uy·N,=b=+¦TàmeNo¦A~ùÑtü¦@ÿ½»¦SV5Ñª*¦?·UÿoPÖFq
-? O{²¦á|,äIN)+_-öF+*¦{|??G-??£/?¬±"PFL

hT!¡_
#+£-íßÿo»¢äSs+üSnäÖ-(¦ëIkl[¤¦=?í?Ç+Uy·N,=b=+¦TàmeNo¦A~ùÑtü¦@ÿ½»¦SV5Ñª*¦?·UÿoPÖFq
-? O{²¦á|,äIN)+_-öF+*¦{|??G-??£/?¬±"PFL->this is a test for crypting

billnet at tiscalinet dot it

14 years ago


<?php
$fp=fopen ("/path/to/key.pem","r");
$priv_key=fread ($fp,8192);
fclose($fp);
openssl_get_privatekey ($priv_key);
openssl_private_encrypt($source,$finaltext,$priv_key);
echo "String crypted: $finaltext";
?>

CIAO !

P.Peyremorte

1 month ago


A trick not mentioned in manual to know :

- openssl_private_encrypt can encrypt a maximum of 117 chars at one time.
- the encrypted output string is always 129 char length. If you use base64_encode on the encrypted output, it will give always 172 chars, with the last always "=" (filler).

So, to encode a longer stream input you have to use something like :
<?php
$RawData = ... ; //Your input data to encode

$PartialData = '';
$EncodedData = '';
$Split = str_split($RawData , 117);
ForEach($Split as $Part)
{
  openssl_private_encrypt($Part, $PartialData, $PrivateKey);
  $EncodedData .= base64_encode($PartialData);
}
?> 

and then, to decode :

<?php
$OriginalData = '';
$Split = str_split($EncodedData , 172);
ForEach($Split as $Part)
{
  openssl_private_decrypt(base64_decode($Part), $PartialData, $PublicKey);
  $OriginalData .= $PartialData;
}
?>

openssl_private_encrypt

Description

Parameters

Return Values

See Also

User Contributed Notes