sigmasternchen/php-doc-en
1
0
Fork 0
mirror of https://github.com/sigmasternchen/php-doc-en synced 2025-03-15 16:38:54 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

WS, prepare for new doc style

Browse source 
git-svn-id: https://svn.php.net/repository/phpdoc/en/trunk@237443 c90b9560-bf6c-de11-be94-00142212c4b1
This commit is contained in:
Mehdi Achour 2007-06-11 23:31:04 +00:00
parent 06b7c30d6c
commit ef445928fc
31 changed files with 1171 additions and 1171 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

60
reference/openssl/functions/openssl-csr-export-to-file.xml
View file

@ -1,35 +1,35 @@
<?xml version="1.0" encoding="iso-8859-1"?>
<!-- $Revision: 1.6 $ -->
<!-- $Revision: 1.7 $ -->
<!-- splitted from ./en/functions/openssl.xml, last change in rev 1.19 -->
<refentry id="function.openssl-csr-export-to-file">
<refnamediv>
<refname>openssl_csr_export_to_file</refname>
<refpurpose>Exports a CSR to a file</refpurpose>
</refnamediv>
<refsect1>
<title>Description</title>
<methodsynopsis>
<type>bool</type><methodname>openssl_csr_export_to_file</methodname>
<methodparam><type>resource</type><parameter>csr</parameter></methodparam>
<methodparam><type>string</type><parameter>outfilename</parameter></methodparam>
<methodparam choice="opt"><type>bool</type><parameter>notext</parameter></methodparam>
</methodsynopsis>
<para>
<function>openssl_csr_export_to_file</function> takes the Certificate
Signing Request represented by <parameter>csr</parameter> and saves it
as ascii-armoured text into the file named by <parameter>outfilename</parameter>.
</para>
&reference.openssl.parameter-notext;
<para>
&return.success;
</para>
<simpara>
See also <function>openssl_csr_export</function>,
<function>openssl_csr_new</function> and
<function>openssl_csr_sign</function>.
</simpara>
</refsect1>
</refentry>
<refentry id="function.openssl-csr-export-to-file">
<refnamediv>
<refname>openssl_csr_export_to_file</refname>
<refpurpose>Exports a CSR to a file</refpurpose>
</refnamediv>
<refsect1>
<title>Description</title>
<methodsynopsis>
<type>bool</type><methodname>openssl_csr_export_to_file</methodname>
<methodparam><type>resource</type><parameter>csr</parameter></methodparam>
<methodparam><type>string</type><parameter>outfilename</parameter></methodparam>
<methodparam choice="opt"><type>bool</type><parameter>notext</parameter></methodparam>
</methodsynopsis>
<para>
<function>openssl_csr_export_to_file</function> takes the Certificate
Signing Request represented by <parameter>csr</parameter> and saves it
as ascii-armoured text into the file named by <parameter>outfilename</parameter>.
</para>
&reference.openssl.parameter-notext;
<para>
&return.success;
</para>
<simpara>
See also <function>openssl_csr_export</function>,
<function>openssl_csr_new</function> and
<function>openssl_csr_sign</function>.
</simpara>
</refsect1>
</refentry>
<!-- Keep this comment at the end of the file
Local variables:

62
reference/openssl/functions/openssl-csr-export.xml
View file

@ -1,36 +1,36 @@
<?xml version="1.0" encoding="iso-8859-1"?>
<!-- $Revision: 1.6 $ -->
<!-- $Revision: 1.7 $ -->
<!-- splitted from ./en/functions/openssl.xml, last change in rev 1.19 -->
<refentry id="function.openssl-csr-export">
<refnamediv>
<refname>openssl_csr_export</refname>
<refpurpose>Exports a CSR as a string</refpurpose>
</refnamediv>
<refsect1>
<title>Description</title>
<methodsynopsis>
<type>bool</type><methodname>openssl_csr_export</methodname>
<methodparam><type>resource</type><parameter>csr</parameter></methodparam>
<methodparam><type>string</type><parameter role="reference">out</parameter></methodparam>
<methodparam choice="opt"><type>bool</type><parameter>notext</parameter></methodparam>
</methodsynopsis>
<para>
<function>openssl_csr_export</function> takes the Certificate Signing
Request represented by <parameter>csr</parameter> and stores it as
ascii-armoured text into <parameter>out</parameter>, which is passed by
reference.
</para>
&reference.openssl.parameter-notext;
<para>
&return.success;
</para>
<simpara>
See also <function>openssl_csr_export_to_file</function>,
<function>openssl_csr_new</function> and
<function>openssl_csr_sign</function>.
</simpara>
</refsect1>
</refentry>
<refentry id="function.openssl-csr-export">
<refnamediv>
<refname>openssl_csr_export</refname>
<refpurpose>Exports a CSR as a string</refpurpose>
</refnamediv>
<refsect1>
<title>Description</title>
<methodsynopsis>
<type>bool</type><methodname>openssl_csr_export</methodname>
<methodparam><type>resource</type><parameter>csr</parameter></methodparam>
<methodparam><type>string</type><parameter role="reference">out</parameter></methodparam>
<methodparam choice="opt"><type>bool</type><parameter>notext</parameter></methodparam>
</methodsynopsis>
<para>
<function>openssl_csr_export</function> takes the Certificate Signing
Request represented by <parameter>csr</parameter> and stores it as
ascii-armoured text into <parameter>out</parameter>, which is passed by
reference.
</para>
&reference.openssl.parameter-notext;
<para>
&return.success;
</para>
<simpara>
See also <function>openssl_csr_export_to_file</function>,
<function>openssl_csr_new</function> and
<function>openssl_csr_sign</function>.
</simpara>
</refsect1>
</refentry>
<!-- Keep this comment at the end of the file
Local variables:

234
reference/openssl/functions/openssl-csr-new.xml
View file

@ -1,118 +1,118 @@
<?xml version="1.0" encoding="iso-8859-1"?>
<!-- $Revision: 1.15 $ -->
<!-- $Revision: 1.16 $ -->
<!-- splitted from ./en/functions/openssl.xml, last change in rev 1.19 -->
<refentry id="function.openssl-csr-new">
<refnamediv>
<refname>openssl_csr_new</refname>
<refpurpose>Generates a CSR</refpurpose>
</refnamediv>
<refsect1>
<title>Description</title>
<methodsynopsis>
<type>mixed</type><methodname>openssl_csr_new</methodname>
<methodparam><type>array</type><parameter>dn</parameter></methodparam>
<methodparam><type>resource</type><parameter role="reference">privkey</parameter></methodparam>
<methodparam choice="opt"><type>array</type><parameter>configargs</parameter></methodparam>
<methodparam choice="opt"><type>array</type><parameter>extraattribs</parameter></methodparam>
</methodsynopsis>
<para>
<function>openssl_csr_new</function> generates a new CSR (Certificate Signing Request)
based on the information provided by <parameter>dn</parameter>, which represents the
Distinguished Name to be used in the certificate.
</para>
<para>
<parameter>privkey</parameter> should be set to a private key that was
previously generated by <function>openssl_pkey_new</function> (or
otherwise obtained from the other openssl_pkey family of functions).
The corresponding public portion of the key will be used to sign the
CSR.
</para>
<para>
<parameter>extraattribs</parameter> is used to specify additional
configuration options for the CSR. Both <parameter>dn</parameter> and
<parameter>extraattribs</parameter> are associative arrays whose keys are
converted to OIDs and applied to the relevant part of the request.
</para>
&reference.openssl.note-openssl-cnf;
<para>
By default, the information in your system <literal>openssl.conf</literal>
is used to initialize the request; you can specify a configuration file
section by setting the <literal>config_section_section</literal> key of
<parameter>configargs</parameter>. You can also specify an alternative
openssl configuration file by setting the value of the
<literal>config</literal> key to the path of the file you want to use.
The following keys, if present in <parameter>configargs</parameter>
behave as their equivalents in the <literal>openssl.conf</literal>, as
listed in the table below.
<refentry id="function.openssl-csr-new">
<refnamediv>
<refname>openssl_csr_new</refname>
<refpurpose>Generates a CSR</refpurpose>
</refnamediv>
<refsect1>
<title>Description</title>
<methodsynopsis>
<type>mixed</type><methodname>openssl_csr_new</methodname>
<methodparam><type>array</type><parameter>dn</parameter></methodparam>
<methodparam><type>resource</type><parameter role="reference">privkey</parameter></methodparam>
<methodparam choice="opt"><type>array</type><parameter>configargs</parameter></methodparam>
<methodparam choice="opt"><type>array</type><parameter>extraattribs</parameter></methodparam>
</methodsynopsis>
<para>
<function>openssl_csr_new</function> generates a new CSR (Certificate Signing Request)
based on the information provided by <parameter>dn</parameter>, which represents the
Distinguished Name to be used in the certificate.
</para>
<para>
<parameter>privkey</parameter> should be set to a private key that was
previously generated by <function>openssl_pkey_new</function> (or
otherwise obtained from the other openssl_pkey family of functions).
The corresponding public portion of the key will be used to sign the
CSR.
</para>
<para>
<parameter>extraattribs</parameter> is used to specify additional
configuration options for the CSR. Both <parameter>dn</parameter> and
<parameter>extraattribs</parameter> are associative arrays whose keys are
converted to OIDs and applied to the relevant part of the request.
</para>
&reference.openssl.note-openssl-cnf;
<para>
By default, the information in your system <literal>openssl.conf</literal>
is used to initialize the request; you can specify a configuration file
section by setting the <literal>config_section_section</literal> key of
<parameter>configargs</parameter>. You can also specify an alternative
openssl configuration file by setting the value of the
<literal>config</literal> key to the path of the file you want to use.
The following keys, if present in <parameter>configargs</parameter>
behave as their equivalents in the <literal>openssl.conf</literal>, as
listed in the table below.
<table>
<title>Configuration overrides</title>
<tgroup cols="3">
<thead>
<row>
<entry><parameter>configargs</parameter> key</entry>
<entry>type</entry>
<entry><literal>openssl.conf</literal> equivalent</entry>
<entry>description</entry>
</row>
</thead>
<tbody>
<row>
<entry>digest_alg</entry>
<entry><type>string</type></entry>
<entry>default_md</entry>
<entry>Selects which digest method to use</entry>
</row>
<row>
<entry>x509_extensions</entry>
<entry><type>string</type></entry>
<entry>x509_extensions</entry>
<entry>Selects which extensions should be used when creating an x509
certificate</entry>
</row>
<row>
<entry>req_extensions</entry>
<entry><type>string</type></entry>
<entry>req_extensions</entry>
<entry>Selects which extensions should be used when creating a CSR</entry>
</row>
<row>
<entry>private_key_bits</entry>
<entry><type>integer</type></entry>
<entry>default_bits</entry>
<entry>Specifies how many bits should be used to generate a private
key</entry>
</row>
<row>
<entry>private_key_type</entry>
<entry><type>integer</type></entry>
<entry>none</entry>
<entry>Specifies the type of private key to create. This can be one
of <constant>OPENSSL_KEYTYPE_DSA</constant>,
<constant>OPENSSL_KEYTYPE_DH</constant> or
<constant>OPENSSL_KEYTYPE_RSA</constant>.
The default value is <constant>OPENSSL_KEYTYPE_RSA</constant> which
is currently the only supported key type.
</entry>
</row>
<row>
<entry>encrypt_key</entry>
<entry><type>boolean</type></entry>
<entry>encrypt_key</entry>
<entry>Should an exported key (with passphrase) be encrypted?</entry>
</row>
</tbody>
</tgroup>
</table>
</para>
<simpara>
&return.success;
</simpara>
<para>
<example>
<title><function>openssl_csr_new</function> example - creating a
self-signed-certificate</title>
<programlisting role="php">
<table>
<title>Configuration overrides</title>
<tgroup cols="3">
<thead>
<row>
<entry><parameter>configargs</parameter> key</entry>
<entry>type</entry>
<entry><literal>openssl.conf</literal> equivalent</entry>
<entry>description</entry>
</row>
</thead>
<tbody>
<row>
<entry>digest_alg</entry>
<entry><type>string</type></entry>
<entry>default_md</entry>
<entry>Selects which digest method to use</entry>
</row>
<row>
<entry>x509_extensions</entry>
<entry><type>string</type></entry>
<entry>x509_extensions</entry>
<entry>Selects which extensions should be used when creating an x509
certificate</entry>
</row>
<row>
<entry>req_extensions</entry>
<entry><type>string</type></entry>
<entry>req_extensions</entry>
<entry>Selects which extensions should be used when creating a CSR</entry>
</row>
<row>
<entry>private_key_bits</entry>
<entry><type>integer</type></entry>
<entry>default_bits</entry>
<entry>Specifies how many bits should be used to generate a private
key</entry>
</row>
<row>
<entry>private_key_type</entry>
<entry><type>integer</type></entry>
<entry>none</entry>
<entry>Specifies the type of private key to create. This can be one
of <constant>OPENSSL_KEYTYPE_DSA</constant>,
<constant>OPENSSL_KEYTYPE_DH</constant> or
<constant>OPENSSL_KEYTYPE_RSA</constant>.
The default value is <constant>OPENSSL_KEYTYPE_RSA</constant> which
is currently the only supported key type.
</entry>
</row>
<row>
<entry>encrypt_key</entry>
<entry><type>boolean</type></entry>
<entry>encrypt_key</entry>
<entry>Should an exported key (with passphrase) be encrypted?</entry>
</row>
</tbody>
</tgroup>
</table>
</para>
<simpara>
&return.success;
</simpara>
<para>
<example>
<title><function>openssl_csr_new</function> example - creating a
self-signed-certificate</title>
<programlisting role="php">
<![CDATA[
<?php
// Fill in data for the distinguished name to be used in the cert
@ -161,11 +161,11 @@ while (($e = openssl_error_string()) !== false) {
}
?>
]]>
</programlisting>
</example>
</para>
</refsect1>
</refentry>
</programlisting>
</example>
</para>
</refsect1>
</refentry>
<!-- Keep this comment at the end of the file
Local variables:

103
reference/openssl/functions/openssl-csr-sign.xml
View file

@ -1,51 +1,51 @@
<?xml version="1.0" encoding="iso-8859-1"?>
<!-- $Revision: 1.10 $ -->
<!-- $Revision: 1.11 $ -->
<!-- splitted from ./en/functions/openssl.xml, last change in rev 1.19 -->
<refentry id="function.openssl-csr-sign">
<refnamediv>
<refname>openssl_csr_sign</refname>
<refpurpose>Sign a CSR with another certificate (or itself) and generate a certificate</refpurpose>
</refnamediv>
<refsect1>
<title>Description</title>
<methodsynopsis>
<type>resource</type><methodname>openssl_csr_sign</methodname>
<methodparam><type>mixed</type><parameter>csr</parameter></methodparam>
<methodparam><type>mixed</type><parameter>cacert</parameter></methodparam>
<methodparam><type>mixed</type><parameter>priv_key</parameter></methodparam>
<methodparam><type>int</type><parameter>days</parameter></methodparam>
<methodparam choice="opt"><type>array</type><parameter>configargs</parameter></methodparam>
<methodparam choice="opt"><type>int</type><parameter>serial</parameter></methodparam>
</methodsynopsis>
<para>
<function>openssl_csr_sign</function> generates an x509 certificate
resource from the <parameter>csr</parameter> previously generated by
<function>openssl_csr_new</function>, but it can also be the path to
a PEM encoded CSR when specified as
<filename>file://path/to/csr</filename> or an exported string generated
by <function>openssl_csr_export</function>.
The generated certificate will be signed by
<parameter>cacert</parameter>. If <parameter>cacert</parameter> is &null;,
the generated certificate will be a self-signed certificate.
<parameter>priv_key</parameter> is the private key that corresponds to
<parameter>cacert</parameter>.
<parameter>days</parameter> specifies the length of time for which the
generated certificate will be valid, in days.
You can finetune the CSR signing by <parameter>configargs</parameter>.
See <function>openssl_csr_new</function> for more information about
<parameter>configargs</parameter>.
Since PHP 4.3.3 you can specify the serial number of issued certificate by
<parameter>serial</parameter>. In earlier versions, it was always 0.
</para>
<para>
Returns an x509 certificate resource on success, &false; on failure.
</para>
&reference.openssl.note-openssl-cnf;
<para>
<example>
<title><function>openssl_csr_sign</function> example - signing a
CSR (how to implement your own CA)</title>
<programlisting role="php">
<refentry id="function.openssl-csr-sign">
<refnamediv>
<refname>openssl_csr_sign</refname>
<refpurpose>Sign a CSR with another certificate (or itself) and generate a certificate</refpurpose>
</refnamediv>
<refsect1>
<title>Description</title>
<methodsynopsis>
<type>resource</type><methodname>openssl_csr_sign</methodname>
<methodparam><type>mixed</type><parameter>csr</parameter></methodparam>
<methodparam><type>mixed</type><parameter>cacert</parameter></methodparam>
<methodparam><type>mixed</type><parameter>priv_key</parameter></methodparam>
<methodparam><type>int</type><parameter>days</parameter></methodparam>
<methodparam choice="opt"><type>array</type><parameter>configargs</parameter></methodparam>
<methodparam choice="opt"><type>int</type><parameter>serial</parameter></methodparam>
</methodsynopsis>
<para>
<function>openssl_csr_sign</function> generates an x509 certificate
resource from the <parameter>csr</parameter> previously generated by
<function>openssl_csr_new</function>, but it can also be the path to
a PEM encoded CSR when specified as
<filename>file://path/to/csr</filename> or an exported string generated
by <function>openssl_csr_export</function>.
The generated certificate will be signed by
<parameter>cacert</parameter>. If <parameter>cacert</parameter> is &null;,
the generated certificate will be a self-signed certificate.
<parameter>priv_key</parameter> is the private key that corresponds to
<parameter>cacert</parameter>.
<parameter>days</parameter> specifies the length of time for which the
generated certificate will be valid, in days.
You can finetune the CSR signing by <parameter>configargs</parameter>.
See <function>openssl_csr_new</function> for more information about
<parameter>configargs</parameter>.
Since PHP 4.3.3 you can specify the serial number of issued certificate by
<parameter>serial</parameter>. In earlier versions, it was always 0.
</para>
<para>
Returns an x509 certificate resource on success, &false; on failure.
</para>
&reference.openssl.note-openssl-cnf;
<para>
<example>
<title><function>openssl_csr_sign</function> example - signing a
CSR (how to implement your own CA)</title>
<programlisting role="php">
<![CDATA[
<?php
// Let's assume that this script is set to receive a CSR that has
@ -75,12 +75,11 @@ while (($e = openssl_error_string()) !== false) {
}
?>
]]>
</programlisting>
</example>
</para>
</refsect1>
</refentry>
</programlisting>
</example>
</para>
</refsect1>
</refentry>
<!-- Keep this comment at the end of the file
Local variables:

60
reference/openssl/functions/openssl-error-string.xml
View file

@ -1,30 +1,30 @@
<?xml version="1.0" encoding="iso-8859-1"?>
<!-- $Revision: 1.7 $ -->
<!-- $Revision: 1.8 $ -->
<!-- splitted from ./en/functions/openssl.xml, last change in rev 1.4 -->
<refentry id="function.openssl-error-string">
<refnamediv>
<refname>openssl_error_string</refname>
<refpurpose>Return openSSL error message</refpurpose>
</refnamediv>
<refsect1>
<title>Description</title>
<methodsynopsis>
<type>string</type><methodname>openssl_error_string</methodname>
<void/>
</methodsynopsis>
<para>
Returns an error message string, or &false; if there are no more error
messages to return.
</para>
<para>
<function>openssl_error_string</function> returns the last error from the
openSSL library. Error messages are stacked, so this function should be
called multiple times to collect all of the information.
</para>
<para>
<example>
<title><function>openssl_error_string</function> example</title>
<programlisting role="php">
<refentry id="function.openssl-error-string">
<refnamediv>
<refname>openssl_error_string</refname>
<refpurpose>Return openSSL error message</refpurpose>
</refnamediv>
<refsect1>
<title>Description</title>
<methodsynopsis>
<type>string</type><methodname>openssl_error_string</methodname>
<void/>
</methodsynopsis>
<para>
Returns an error message string, or &false; if there are no more error
messages to return.
</para>
<para>
<function>openssl_error_string</function> returns the last error from the
openSSL library. Error messages are stacked, so this function should be
called multiple times to collect all of the information.
</para>
<para>
<example>
<title><function>openssl_error_string</function> example</title>
<programlisting role="php">
<![CDATA[
<?php
// lets assume you just called an openssl function that failed
@ -32,11 +32,11 @@ while ($msg = openssl_error_string())
echo $msg . "<br />\n";
?>
]]>
</programlisting>
</example>
</para>
</refsect1>
</refentry>
</programlisting>
</example>
</para>
</refsect1>
</refentry>
<!-- Keep this comment at the end of the file
Local variables:

36
reference/openssl/functions/openssl-free-key.xml
View file

@ -1,23 +1,23 @@
<?xml version="1.0" encoding="iso-8859-1"?>
<!-- $Revision: 1.3 $ -->
<!-- $Revision: 1.4 $ -->
<!-- splitted from ./en/functions/openssl.xml, last change in rev 1.1 -->
<refentry id="function.openssl-free-key">
<refnamediv>
<refname>openssl_free_key</refname>
<refpurpose>Free key resource</refpurpose>
</refnamediv>
<refsect1>
<title>Description</title>
<methodsynopsis>
<type>void</type><methodname>openssl_free_key</methodname>
<methodparam><type>resource</type><parameter>key_identifier</parameter></methodparam>
</methodsynopsis>
<para>
<function>openssl_free_key</function> frees the key associated with
the specified <parameter>key_identifier</parameter> from memory.
</para>
</refsect1>
</refentry>
<refentry id="function.openssl-free-key">
<refnamediv>
<refname>openssl_free_key</refname>
<refpurpose>Free key resource</refpurpose>
</refnamediv>
<refsect1>
<title>Description</title>
<methodsynopsis>
<type>void</type><methodname>openssl_free_key</methodname>
<methodparam><type>resource</type><parameter>key_identifier</parameter></methodparam>
</methodsynopsis>
<para>
<function>openssl_free_key</function> frees the key associated with
the specified <parameter>key_identifier</parameter> from memory.
</para>
</refsect1>
</refentry>
<!-- Keep this comment at the end of the file
Local variables:

82
reference/openssl/functions/openssl-open.xml
View file

@ -1,38 +1,38 @@
<?xml version="1.0" encoding="iso-8859-1"?>
<!-- $Revision: 1.7 $ -->
<!-- $Revision: 1.8 $ -->
<!-- splitted from ./en/functions/openssl.xml, last change in rev 1.1 -->
<refentry id="function.openssl-open">
<refnamediv>
<refname>openssl_open</refname>
<refpurpose>Open sealed data</refpurpose>
</refnamediv>
<refsect1>
<title>Description</title>
<methodsynopsis>
<type>bool</type><methodname>openssl_open</methodname>
<methodparam><type>string</type><parameter>sealed_data</parameter></methodparam>
<methodparam><type>string</type><parameter role="reference">open_data</parameter></methodparam>
<methodparam><type>string</type><parameter>env_key</parameter></methodparam>
<methodparam><type>mixed</type><parameter>priv_key_id</parameter></methodparam>
</methodsynopsis>
<para>
&return.success; If successful the opened
data is returned in <parameter>open_data</parameter>.
</para>
<para>
<function>openssl_open</function> opens (decrypts)
<parameter>sealed_data</parameter> using the private key associated with
the key identifier <parameter>priv_key_id</parameter> and the envelope key
<parameter>env_key</parameter>, and fills
<parameter>open_data</parameter> with the decrypted data.
The envelope key is generated when the
data are sealed and can only be used by one specific private key. See
<function>openssl_seal</function> for more information.
</para>
<para>
<example>
<title><function>openssl_open</function> example</title>
<programlisting role="php">
<refentry id="function.openssl-open">
<refnamediv>
<refname>openssl_open</refname>
<refpurpose>Open sealed data</refpurpose>
</refnamediv>
<refsect1>
<title>Description</title>
<methodsynopsis>
<type>bool</type><methodname>openssl_open</methodname>
<methodparam><type>string</type><parameter>sealed_data</parameter></methodparam>
<methodparam><type>string</type><parameter role="reference">open_data</parameter></methodparam>
<methodparam><type>string</type><parameter>env_key</parameter></methodparam>
<methodparam><type>mixed</type><parameter>priv_key_id</parameter></methodparam>
</methodsynopsis>
<para>
&return.success; If successful the opened
data is returned in <parameter>open_data</parameter>.
</para>
<para>
<function>openssl_open</function> opens (decrypts)
<parameter>sealed_data</parameter> using the private key associated with
the key identifier <parameter>priv_key_id</parameter> and the envelope key
<parameter>env_key</parameter>, and fills
<parameter>open_data</parameter> with the decrypted data.
The envelope key is generated when the
data are sealed and can only be used by one specific private key. See
<function>openssl_seal</function> for more information.
</para>
<para>
<example>
<title><function>openssl_open</function> example</title>
<programlisting role="php">
<![CDATA[
<?php
// $sealed and $env_key are assumed to contain the sealed data
@ -55,14 +55,14 @@ if (openssl_open($sealed, $open, $env_key, $pkeyid)) {
openssl_free_key($pkeyid);
?>
]]>
</programlisting>
</example>
</para>
<simpara>
See also <function>openssl_seal</function>.
</simpara>
</refsect1>
</refentry>
</programlisting>
</example>
</para>
<simpara>
See also <function>openssl_seal</function>.
</simpara>
</refsect1>
</refentry>
<!-- Keep this comment at the end of the file
Local variables:

66
reference/openssl/functions/openssl-pkcs7-decrypt.xml
View file

@ -1,33 +1,33 @@
<?xml version="1.0" encoding="iso-8859-1"?>
<!-- $Revision: 1.7 $ -->
<!-- $Revision: 1.8 $ -->
<!-- splitted from ./en/functions/openssl.xml, last change in rev 1.4 -->
<refentry id="function.openssl-pkcs7-decrypt">
<refnamediv>
<refname>openssl_pkcs7_decrypt</refname>
<refpurpose>Decrypts an S/MIME encrypted message</refpurpose>
</refnamediv>
<refsect1>
<title>Description</title>
<methodsynopsis>
<type>bool</type><methodname>openssl_pkcs7_decrypt</methodname>
<methodparam><type>string</type><parameter>infilename</parameter></methodparam>
<methodparam><type>string</type><parameter>outfilename</parameter></methodparam>
<methodparam><type>mixed</type><parameter>recipcert</parameter></methodparam>
<methodparam choice="opt"><type>mixed</type><parameter>recipkey</parameter></methodparam>
</methodsynopsis>
<para>
Decrypts the S/MIME encrypted message contained in the file specified by
<parameter>infilename</parameter> using the certificate and its
associated private key specified by <parameter>recipcert</parameter> and
<parameter>recipkey</parameter>.
</para>
<para>The decrypted message is output to the
file specified by <parameter>outfilename</parameter>
</para>
<para>
<example>
<title><function>openssl_pkcs7_decrypt</function> example</title>
<programlisting role="php">
<refentry id="function.openssl-pkcs7-decrypt">
<refnamediv>
<refname>openssl_pkcs7_decrypt</refname>
<refpurpose>Decrypts an S/MIME encrypted message</refpurpose>
</refnamediv>
<refsect1>
<title>Description</title>
<methodsynopsis>
<type>bool</type><methodname>openssl_pkcs7_decrypt</methodname>
<methodparam><type>string</type><parameter>infilename</parameter></methodparam>
<methodparam><type>string</type><parameter>outfilename</parameter></methodparam>
<methodparam><type>mixed</type><parameter>recipcert</parameter></methodparam>
<methodparam choice="opt"><type>mixed</type><parameter>recipkey</parameter></methodparam>
</methodsynopsis>
<para>
Decrypts the S/MIME encrypted message contained in the file specified by
<parameter>infilename</parameter> using the certificate and its
associated private key specified by <parameter>recipcert</parameter> and
<parameter>recipkey</parameter>.
</para>
<para>The decrypted message is output to the
file specified by <parameter>outfilename</parameter>
</para>
<para>
<example>
<title><function>openssl_pkcs7_decrypt</function> example</title>
<programlisting role="php">
<![CDATA[
<?php
// $cert and $key are assumed to contain your personal certificate and private
@ -42,11 +42,11 @@ if (openssl_pkcs7_decrypt($infilename, $outfilename, $cert, $key)) {
}
?>
]]>
</programlisting>
</example>
</para>
</refsect1>
</refentry>
</programlisting>
</example>
</para>
</refsect1>
</refentry>
<!-- Keep this comment at the end of the file
Local variables:

84
reference/openssl/functions/openssl-pkcs7-encrypt.xml
View file

@ -1,42 +1,42 @@
<?xml version="1.0" encoding="iso-8859-1"?>
<!-- $Revision: 1.10 $ -->
<!-- $Revision: 1.11 $ -->
<!-- splitted from ./en/functions/openssl.xml, last change in rev 1.4 -->
<refentry id="function.openssl-pkcs7-encrypt">
<refnamediv>
<refname>openssl_pkcs7_encrypt</refname>
<refpurpose>Encrypt an S/MIME message</refpurpose>
</refnamediv>
<refsect1>
<title>Description</title>
<methodsynopsis>
<type>bool</type><methodname>openssl_pkcs7_encrypt</methodname>
<methodparam><type>string</type><parameter>infile</parameter></methodparam>
<methodparam><type>string</type><parameter>outfile</parameter></methodparam>
<methodparam><type>mixed</type><parameter>recipcerts</parameter></methodparam>
<methodparam><type>array</type><parameter>headers</parameter></methodparam>
<methodparam choice="opt"><type>int</type><parameter>flags</parameter></methodparam>
<methodparam choice="opt"><type>int</type><parameter>cipherid</parameter></methodparam>
</methodsynopsis>
<para>
<function>openssl_pkcs7_encrypt</function> takes the contents of the
file named <parameter>infile</parameter> and encrypts them using an RC2
40-bit cipher so that they can only be read by the intended recipients
specified by <parameter>recipcerts</parameter>, which is either a
lone X.509 certificate, or an array of X.509 certificates.
<parameter>headers</parameter> is an array of headers that
will be prepended to the data after it has been encrypted.
<parameter>flags</parameter> can be used to specify options that affect
the encoding process - see <link linkend="openssl.pkcs7.flags">PKCS7
constants</link>.
<parameter>headers</parameter> can be either an associative array
keyed by header name, or an indexed array, where each element contains
a single header line.
Cipher can be selected with <parameter>cipherid</parameter> since PHP 5.
</para>
<para>
<example>
<title><function>openssl_pkcs7_encrypt</function> example</title>
<programlisting role="php">
<refentry id="function.openssl-pkcs7-encrypt">
<refnamediv>
<refname>openssl_pkcs7_encrypt</refname>
<refpurpose>Encrypt an S/MIME message</refpurpose>
</refnamediv>
<refsect1>
<title>Description</title>
<methodsynopsis>
<type>bool</type><methodname>openssl_pkcs7_encrypt</methodname>
<methodparam><type>string</type><parameter>infile</parameter></methodparam>
<methodparam><type>string</type><parameter>outfile</parameter></methodparam>
<methodparam><type>mixed</type><parameter>recipcerts</parameter></methodparam>
<methodparam><type>array</type><parameter>headers</parameter></methodparam>
<methodparam choice="opt"><type>int</type><parameter>flags</parameter></methodparam>
<methodparam choice="opt"><type>int</type><parameter>cipherid</parameter></methodparam>
</methodsynopsis>
<para>
<function>openssl_pkcs7_encrypt</function> takes the contents of the
file named <parameter>infile</parameter> and encrypts them using an RC2
40-bit cipher so that they can only be read by the intended recipients
specified by <parameter>recipcerts</parameter>, which is either a
lone X.509 certificate, or an array of X.509 certificates.
<parameter>headers</parameter> is an array of headers that
will be prepended to the data after it has been encrypted.
<parameter>flags</parameter> can be used to specify options that affect
the encoding process - see <link linkend="openssl.pkcs7.flags">PKCS7
constants</link>.
<parameter>headers</parameter> can be either an associative array
keyed by header name, or an indexed array, where each element contains
a single header line.
Cipher can be selected with <parameter>cipherid</parameter> since PHP 5.
</para>
<para>
<example>
<title><function>openssl_pkcs7_encrypt</function> example</title>
<programlisting role="php">
<![CDATA[
<?php
// the message you want to encrypt and send to your secret agent
@ -71,12 +71,12 @@ if (openssl_pkcs7_encrypt("msg.txt", "enc.txt", $key,
}
?>
]]>
</programlisting>
</example>
</para>
</programlisting>
</example>
</para>
</refsect1>
</refentry>
</refsect1>
</refentry>
<!-- Keep this comment at the end of the file
Local variables:

98
reference/openssl/functions/openssl-pkcs7-sign.xml
View file

@ -1,49 +1,49 @@
<?xml version="1.0" encoding="iso-8859-1"?>
<!-- $Revision: 1.14 $ -->
<!-- $Revision: 1.15 $ -->
<!-- splitted from ./en/functions/openssl.xml, last change in rev 1.4 -->
<refentry id="function.openssl-pkcs7-sign">
<refnamediv>
<refname>openssl_pkcs7_sign</refname>
<refpurpose>Sign an S/MIME message</refpurpose>
</refnamediv>
<refsect1>
<title>Description</title>
<methodsynopsis>
<type>bool</type><methodname>openssl_pkcs7_sign</methodname>
<methodparam><type>string</type><parameter>infilename</parameter></methodparam>
<methodparam><type>string</type><parameter>outfilename</parameter></methodparam>
<methodparam><type>mixed</type><parameter>signcert</parameter></methodparam>
<methodparam><type>mixed</type><parameter>privkey</parameter></methodparam>
<methodparam><type>array</type><parameter>headers</parameter></methodparam>
<methodparam choice="opt"><type>int</type><parameter>flags</parameter></methodparam>
<methodparam choice="opt"><type>string</type><parameter>extracerts</parameter></methodparam>
</methodsynopsis>
<para>
<function>openssl_pkcs7_sign</function> takes the contents of the file
named <parameter>infilename</parameter> and signs them using the
certificate and its matching private key specified by
<parameter>signcert</parameter> and <parameter>privkey</parameter>
parameters.
</para>
<para><parameter>headers</parameter> is an array of headers that
will be prepended to the data after it has been signed (see
<function>openssl_pkcs7_encrypt</function> for more information about
the format of this parameter.
</para>
<para>
<parameter>flags</parameter> can be used to alter the output - see <link
linkend="openssl.pkcs7.flags">PKCS7 constants</link> - if not specified,
it defaults to PKCS7_DETACHED.
</para>
<para>
<parameter>extracerts</parameter> specifies the name of a file containing
a bunch of extra certificates to include in the signature which can for
example be used to help the recipient to verify the certificate that you used.
</para>
<para>
<example>
<title><function>openssl_pkcs7_sign</function> example</title>
<programlisting role="php">
<refentry id="function.openssl-pkcs7-sign">
<refnamediv>
<refname>openssl_pkcs7_sign</refname>
<refpurpose>Sign an S/MIME message</refpurpose>
</refnamediv>
<refsect1>
<title>Description</title>
<methodsynopsis>
<type>bool</type><methodname>openssl_pkcs7_sign</methodname>
<methodparam><type>string</type><parameter>infilename</parameter></methodparam>
<methodparam><type>string</type><parameter>outfilename</parameter></methodparam>
<methodparam><type>mixed</type><parameter>signcert</parameter></methodparam>
<methodparam><type>mixed</type><parameter>privkey</parameter></methodparam>
<methodparam><type>array</type><parameter>headers</parameter></methodparam>
<methodparam choice="opt"><type>int</type><parameter>flags</parameter></methodparam>
<methodparam choice="opt"><type>string</type><parameter>extracerts</parameter></methodparam>
</methodsynopsis>
<para>
<function>openssl_pkcs7_sign</function> takes the contents of the file
named <parameter>infilename</parameter> and signs them using the
certificate and its matching private key specified by
<parameter>signcert</parameter> and <parameter>privkey</parameter>
parameters.
</para>
<para><parameter>headers</parameter> is an array of headers that
will be prepended to the data after it has been signed (see
<function>openssl_pkcs7_encrypt</function> for more information about
the format of this parameter.
</para>
<para>
<parameter>flags</parameter> can be used to alter the output - see <link
linkend="openssl.pkcs7.flags">PKCS7 constants</link> - if not specified,
it defaults to PKCS7_DETACHED.
</para>
<para>
<parameter>extracerts</parameter> specifies the name of a file containing
a bunch of extra certificates to include in the signature which can for
example be used to help the recipient to verify the certificate that you used.
</para>
<para>
<example>
<title><function>openssl_pkcs7_sign</function> example</title>
<programlisting role="php">
<![CDATA[
<?php
// the message you want to sign so that recipient can be sure it was you that
@ -70,11 +70,11 @@ if (openssl_pkcs7_sign("msg.txt", "signed.txt", "mycert.pem",
}
?>
]]>
</programlisting>
</example>
</para>
</refsect1>
</refentry>
</programlisting>
</example>
</para>
</refsect1>
</refentry>
<!-- Keep this comment at the end of the file
Local variables:

102
reference/openssl/functions/openssl-pkcs7-verify.xml
View file

@ -1,56 +1,56 @@
<?xml version="1.0" encoding="iso-8859-1"?>
<!-- $Revision: 1.6 $ -->
<!-- $Revision: 1.7 $ -->
<!-- splitted from ./en/functions/openssl.xml, last change in rev 1.4 -->
<refentry id="function.openssl-pkcs7-verify">
<refnamediv>
<refname>openssl_pkcs7_verify</refname>
<refpurpose>Verifies the signature of an S/MIME signed message</refpurpose>
</refnamediv>
<refsect1>
<title>Description</title>
<methodsynopsis>
<type>mixed</type><methodname>openssl_pkcs7_verify</methodname>
<methodparam><type>string</type><parameter>filename</parameter></methodparam>
<methodparam><type>int</type><parameter>flags</parameter></methodparam>
<methodparam choice="opt"><type>string</type><parameter>outfilename</parameter></methodparam>
<methodparam choice="opt"><type>array</type><parameter>cainfo</parameter></methodparam>
<methodparam choice="opt"><type>string</type><parameter>extracerts</parameter></methodparam>
<methodparam choice="opt"><type>string</type><parameter>content</parameter></methodparam>
</methodsynopsis>
<para>
<function>openssl_pkcs7_verify</function> reads the S/MIME message
contained in the filename specified by <parameter>filename</parameter> and
examines the digital signature. It returns &true; if the signature is
verified, &false; if it is not correct (the message has been tampered with,
or the signing certificate is invalid), or -1 on error.
</para>
<para>
<parameter>flags</parameter> can be used to affect how the signature is
verified - see <link linkend="openssl.pkcs7.flags">PKCS7 constants</link>
for more information.
</para>
<para>
If the <parameter>outfilename</parameter> is specified, it should be a
string holding the name of a file into which the certificates of the
persons that signed the messages will be stored in PEM format.
</para>
<para>
If the <parameter>cainfo</parameter> is specified, it should hold
information about the trusted CA certificates to use in the verification
process - see <link linkend="openssl.cert.verification">certificate
verification</link> for more information about this parameter.
</para>
<para>
If the <parameter>extracerts</parameter> is specified, it is the filename
of a file containing a bunch of certificates to use as untrusted CAs.
</para>
<para>
You can specify a filename with <parameter>content</parameter> that will
be filled with the verified data, but with the signature information
stripped. This was added as of PHP 5.1.0.
</para>
</refsect1>
</refentry>
<refentry id="function.openssl-pkcs7-verify">
<refnamediv>
<refname>openssl_pkcs7_verify</refname>
<refpurpose>Verifies the signature of an S/MIME signed message</refpurpose>
</refnamediv>
<refsect1>
<title>Description</title>
<methodsynopsis>
<type>mixed</type><methodname>openssl_pkcs7_verify</methodname>
<methodparam><type>string</type><parameter>filename</parameter></methodparam>
<methodparam><type>int</type><parameter>flags</parameter></methodparam>
<methodparam choice="opt"><type>string</type><parameter>outfilename</parameter></methodparam>
<methodparam choice="opt"><type>array</type><parameter>cainfo</parameter></methodparam>
<methodparam choice="opt"><type>string</type><parameter>extracerts</parameter></methodparam>
<methodparam choice="opt"><type>string</type><parameter>content</parameter></methodparam>
</methodsynopsis>
<para>
<function>openssl_pkcs7_verify</function> reads the S/MIME message
contained in the filename specified by <parameter>filename</parameter> and
examines the digital signature. It returns &true; if the signature is
verified, &false; if it is not correct (the message has been tampered with,
or the signing certificate is invalid), or -1 on error.
</para>
<para>
<parameter>flags</parameter> can be used to affect how the signature is
verified - see <link linkend="openssl.pkcs7.flags">PKCS7 constants</link>
for more information.
</para>
<para>
If the <parameter>outfilename</parameter> is specified, it should be a
string holding the name of a file into which the certificates of the
persons that signed the messages will be stored in PEM format.
</para>
<para>
If the <parameter>cainfo</parameter> is specified, it should hold
information about the trusted CA certificates to use in the verification
process - see <link linkend="openssl.cert.verification">certificate
verification</link> for more information about this parameter.
</para>
<para>
If the <parameter>extracerts</parameter> is specified, it is the filename
of a file containing a bunch of certificates to use as untrusted CAs.
</para>
<para>
You can specify a filename with <parameter>content</parameter> that will
be filled with the verified data, but with the signature information
stripped. This was added as of PHP 5.1.0.
</para>
</refsect1>
</refentry>
<!-- Keep this comment at the end of the file
Local variables:

58
reference/openssl/functions/openssl-pkey-export-to-file.xml
View file

@ -1,34 +1,34 @@
<?xml version="1.0" encoding="iso-8859-1"?>
<!-- $Revision: 1.4 $ -->
<!-- $Revision: 1.5 $ -->
<!-- splitted from ./en/functions/openssl.xml, last change in rev 1.19 -->
<refentry id="function.openssl-pkey-export-to-file">
<refnamediv>
<refname>openssl_pkey_export_to_file</refname>
<refpurpose>Gets an exportable representation of a key into a file </refpurpose>
</refnamediv>
<refsect1>
<title>Description</title>
<methodsynopsis>
<type>bool</type><methodname>openssl_pkey_export_to_file</methodname>
<methodparam><type>mixed</type><parameter>key</parameter></methodparam>
<methodparam><type>string</type><parameter>outfilename</parameter></methodparam>
<methodparam choice="opt"><type>string</type><parameter>passphrase</parameter></methodparam>
<methodparam choice="opt"><type>array</type><parameter>configargs</parameter></methodparam>
</methodsynopsis>
<para>
<function>openssl_pkey_export_to_file</function> saves an ascii-armoured
(PEM encoded) rendition of <parameter>key</parameter> into the file named
by <parameter>outfilename</parameter>. The key can be optionally
protected by a <parameter>passphrase</parameter>.
<parameter>configargs</parameter> can be used to fine-tune the export
process by specifying and/or overriding options for the openssl
configuration file. See <function>openssl_csr_new</function> for more
information about <parameter>configargs</parameter>.
&return.success;
</para>
&reference.openssl.note-openssl-cnf;
</refsect1>
</refentry>
<refentry id="function.openssl-pkey-export-to-file">
<refnamediv>
<refname>openssl_pkey_export_to_file</refname>
<refpurpose>Gets an exportable representation of a key into a file </refpurpose>
</refnamediv>
<refsect1>
<title>Description</title>
<methodsynopsis>
<type>bool</type><methodname>openssl_pkey_export_to_file</methodname>
<methodparam><type>mixed</type><parameter>key</parameter></methodparam>
<methodparam><type>string</type><parameter>outfilename</parameter></methodparam>
<methodparam choice="opt"><type>string</type><parameter>passphrase</parameter></methodparam>
<methodparam choice="opt"><type>array</type><parameter>configargs</parameter></methodparam>
</methodsynopsis>
<para>
<function>openssl_pkey_export_to_file</function> saves an ascii-armoured
(PEM encoded) rendition of <parameter>key</parameter> into the file named
by <parameter>outfilename</parameter>. The key can be optionally
protected by a <parameter>passphrase</parameter>.
<parameter>configargs</parameter> can be used to fine-tune the export
process by specifying and/or overriding options for the openssl
configuration file. See <function>openssl_csr_new</function> for more
information about <parameter>configargs</parameter>.
&return.success;
</para>
&reference.openssl.note-openssl-cnf;
</refsect1>
</refentry>
<!-- Keep this comment at the end of the file
Local variables:

58
reference/openssl/functions/openssl-pkey-export.xml
View file

@ -1,34 +1,34 @@
<?xml version="1.0" encoding="iso-8859-1"?>
<!-- $Revision: 1.5 $ -->
<!-- $Revision: 1.6 $ -->
<!-- splitted from ./en/functions/openssl.xml, last change in rev 1.19 -->
<refentry id="function.openssl-pkey-export">
<refnamediv>
<refname>openssl_pkey_export</refname>
<refpurpose>Gets an exportable representation of a key into a string</refpurpose>
</refnamediv>
<refsect1>
<title>Description</title>
<methodsynopsis>
<type>bool</type><methodname>openssl_pkey_export</methodname>
<methodparam><type>mixed</type><parameter>key</parameter></methodparam>
<methodparam><type>string</type><parameter role="reference">out</parameter></methodparam>
<methodparam choice="opt"><type>string</type><parameter>passphrase</parameter></methodparam>
<methodparam choice="opt"><type>array</type><parameter>configargs</parameter></methodparam>
</methodsynopsis>
<para>
<function>openssl_pkey_export</function> exports
<parameter>key</parameter> as a PEM encoded string and stores it into
<parameter>out</parameter> (which is passed by reference).
The key is optionally protected by <parameter>passphrase</parameter>.
<parameter>configargs</parameter> can be used to fine-tune the export
process by specifying and/or overriding options for the openssl
configuration file. See <function>openssl_csr_new</function> for more
information about <parameter>configargs</parameter>.
&return.success;
</para>
&reference.openssl.note-openssl-cnf;
</refsect1>
</refentry>
<refentry id="function.openssl-pkey-export">
<refnamediv>
<refname>openssl_pkey_export</refname>
<refpurpose>Gets an exportable representation of a key into a string</refpurpose>
</refnamediv>
<refsect1>
<title>Description</title>
<methodsynopsis>
<type>bool</type><methodname>openssl_pkey_export</methodname>
<methodparam><type>mixed</type><parameter>key</parameter></methodparam>
<methodparam><type>string</type><parameter role="reference">out</parameter></methodparam>
<methodparam choice="opt"><type>string</type><parameter>passphrase</parameter></methodparam>
<methodparam choice="opt"><type>array</type><parameter>configargs</parameter></methodparam>
</methodsynopsis>
<para>
<function>openssl_pkey_export</function> exports
<parameter>key</parameter> as a PEM encoded string and stores it into
<parameter>out</parameter> (which is passed by reference).
The key is optionally protected by <parameter>passphrase</parameter>.
<parameter>configargs</parameter> can be used to fine-tune the export
process by specifying and/or overriding options for the openssl
configuration file. See <function>openssl_csr_new</function> for more
information about <parameter>configargs</parameter>.
&return.success;
</para>
&reference.openssl.note-openssl-cnf;
</refsect1>
</refentry>
<!-- Keep this comment at the end of the file
Local variables:

36
reference/openssl/functions/openssl-pkey-free.xml
View file

@ -1,22 +1,22 @@
<?xml version="1.0" encoding="iso-8859-1"?>
<!-- $Revision: 1.1 $ -->
<refentry id="function.openssl-pkey-free">
<refnamediv>
<refname>openssl_pkey_free</refname>
<refpurpose>Frees a private key</refpurpose>
</refnamediv>
<refsect1>
<title>Description</title>
<methodsynopsis>
<type>void</type><methodname>openssl_pkey_free</methodname>
<methodparam><type>resource</type><parameter>key</parameter></methodparam>
</methodsynopsis>
<para>
This function frees a private key created by
<function>openssl_pkey_new</function>.
</para>
</refsect1>
</refentry>
<!-- $Revision: 1.2 $ -->
<refentry id="function.openssl-pkey-free">
<refnamediv>
<refname>openssl_pkey_free</refname>
<refpurpose>Frees a private key</refpurpose>
</refnamediv>
<refsect1>
<title>Description</title>
<methodsynopsis>
<type>void</type><methodname>openssl_pkey_free</methodname>
<methodparam><type>resource</type><parameter>key</parameter></methodparam>
</methodsynopsis>
<para>
This function frees a private key created by
<function>openssl_pkey_new</function>.
</para>
</refsect1>
</refentry>
<!-- Keep this comment at the end of the file
Local variables:

72
reference/openssl/functions/openssl-pkey-get-private.xml
View file

@ -1,42 +1,42 @@
<?xml version="1.0" encoding="iso-8859-1"?>
<!-- $Revision: 1.2 $ -->
<!-- $Revision: 1.3 $ -->
<!-- splitted from ./en/functions/openssl.xml, last change in rev 1.1 -->
<refentry id="function.openssl-pkey-get-private">
<refnamediv>
<refname>openssl_pkey_get_private</refname>
<refpurpose>Get a private key</refpurpose>
</refnamediv>
<refsect1>
<title>Description</title>
<methodsynopsis>
<type>resource</type><methodname>openssl_pkey_get_private</methodname>
<methodparam><type>mixed</type><parameter>key</parameter></methodparam>
<methodparam choice="opt"><type>string</type><parameter>passphrase</parameter></methodparam>
</methodsynopsis>
<para>
Returns a positive key resource identifier on success, or &false; on error.
</para>
<para>
<function>openssl_get_privatekey</function> parses
<parameter>key</parameter> and prepares it for use by other functions.
<refentry id="function.openssl-pkey-get-private">
<refnamediv>
<refname>openssl_pkey_get_private</refname>
<refpurpose>Get a private key</refpurpose>
</refnamediv>
<refsect1>
<title>Description</title>
<methodsynopsis>
<type>resource</type><methodname>openssl_pkey_get_private</methodname>
<methodparam><type>mixed</type><parameter>key</parameter></methodparam>
<methodparam choice="opt"><type>string</type><parameter>passphrase</parameter></methodparam>
</methodsynopsis>
<para>
Returns a positive key resource identifier on success, or &false; on error.
</para>
<para>
<function>openssl_get_privatekey</function> parses
<parameter>key</parameter> and prepares it for use by other functions.
<parameter>key</parameter> can be one of the following:
<orderedlist>
<listitem><simpara>a string having the format
<filename>file://path/to/file.pem</filename>. The named file must
contain a PEM encoded certificate/private key (it may contain both).
</simpara>
</listitem>
<listitem><simpara>A PEM formatted private key.</simpara></listitem>
</orderedlist>
</para>
<para>
The optional parameter <parameter>passphrase</parameter> must be used if
the specified key is encrypted (protected by a passphrase).
</para>
</refsect1>
</refentry>
<parameter>key</parameter> can be one of the following:
<orderedlist>
<listitem><simpara>a string having the format
<filename>file://path/to/file.pem</filename>. The named file must
contain a PEM encoded certificate/private key (it may contain both).
</simpara>
</listitem>
<listitem><simpara>A PEM formatted private key.</simpara></listitem>
</orderedlist>
</para>
<para>
The optional parameter <parameter>passphrase</parameter> must be used if
the specified key is encrypted (protected by a passphrase).
</para>
</refsect1>
</refentry>
<!-- Keep this comment at the end of the file
Local variables:

64
reference/openssl/functions/openssl-pkey-get-public.xml
View file

@ -1,37 +1,37 @@
<?xml version="1.0" encoding="iso-8859-1"?>
<!-- $Revision: 1.2 $ -->
<!-- $Revision: 1.3 $ -->
<!-- splitted from ./en/functions/openssl.xml, last change in rev 1.1 -->
<refentry id="function.openssl-pkey-get-public">
<refnamediv>
<refname>openssl_pkey_get_public</refname>
<refpurpose>Extract public key from certificate and prepare it for use</refpurpose>
</refnamediv>
<refsect1>
<title>Description</title>
<methodsynopsis>
<type>resource</type><methodname>openssl_pkey_get_public</methodname>
<methodparam><type>mixed</type><parameter>certificate</parameter></methodparam>
</methodsynopsis>
<para>
Returns a positive key resource identifier on success, or &false; on error.
</para>
<para>
<function>openssl_get_publickey</function> extracts the
public key from <parameter>certificate</parameter> and
prepares it for use by other functions.
<parameter>certificate</parameter> can be one of the following:
<orderedlist>
<listitem><simpara>an X.509 certificate resource</simpara></listitem>
<listitem><simpara>a string having the format
<filename>file://path/to/file.pem</filename>. The named file must
contain a PEM encoded certificate/private key (it may contain both).
</simpara>
</listitem>
<listitem><simpara>A PEM formatted private key.</simpara></listitem>
</orderedlist>
</para>
</refsect1>
</refentry>
<refentry id="function.openssl-pkey-get-public">
<refnamediv>
<refname>openssl_pkey_get_public</refname>
<refpurpose>Extract public key from certificate and prepare it for use</refpurpose>
</refnamediv>
<refsect1>
<title>Description</title>
<methodsynopsis>
<type>resource</type><methodname>openssl_pkey_get_public</methodname>
<methodparam><type>mixed</type><parameter>certificate</parameter></methodparam>
</methodsynopsis>
<para>
Returns a positive key resource identifier on success, or &false; on error.
</para>
<para>
<function>openssl_get_publickey</function> extracts the
public key from <parameter>certificate</parameter> and
prepares it for use by other functions.
<parameter>certificate</parameter> can be one of the following:
<orderedlist>
<listitem><simpara>an X.509 certificate resource</simpara></listitem>
<listitem><simpara>a string having the format
<filename>file://path/to/file.pem</filename>. The named file must
contain a PEM encoded certificate/private key (it may contain both).
</simpara>
</listitem>
<listitem><simpara>A PEM formatted private key.</simpara></listitem>
</orderedlist>
</para>
</refsect1>
</refentry>
<!-- Keep this comment at the end of the file
Local variables:

48
reference/openssl/functions/openssl-pkey-new.xml
View file

@ -1,29 +1,29 @@
<?xml version="1.0" encoding="iso-8859-1"?>
<!-- $Revision: 1.4 $ -->
<!-- $Revision: 1.5 $ -->
<!-- splitted from ./en/functions/openssl.xml, last change in rev 1.19 -->
<refentry id="function.openssl-pkey-new">
<refnamediv>
<refname>openssl_pkey_new</refname>
<refpurpose>Generates a new private key </refpurpose>
</refnamediv>
<refsect1>
<title>Description</title>
<methodsynopsis>
<type>resource</type><methodname>openssl_pkey_new</methodname>
<methodparam choice="opt"><type>array</type><parameter>configargs</parameter></methodparam>
</methodsynopsis>
<para>
<function>openssl_pkey_new</function> generates a new private and public
key pair. The public component of the key can be obtained using
<function>openssl_pkey_get_public</function>.
You can finetune the key generation (such as specifying the number of
bits) using <parameter>configargs</parameter>. See
<function>openssl_csr_new</function> for more information about
<parameter>configargs</parameter>.
</para>
&reference.openssl.note-openssl-cnf;
</refsect1>
</refentry>
<refentry id="function.openssl-pkey-new">
<refnamediv>
<refname>openssl_pkey_new</refname>
<refpurpose>Generates a new private key </refpurpose>
</refnamediv>
<refsect1>
<title>Description</title>
<methodsynopsis>
<type>resource</type><methodname>openssl_pkey_new</methodname>
<methodparam choice="opt"><type>array</type><parameter>configargs</parameter></methodparam>
</methodsynopsis>
<para>
<function>openssl_pkey_new</function> generates a new private and public
key pair. The public component of the key can be obtained using
<function>openssl_pkey_get_public</function>.
You can finetune the key generation (such as specifying the number of
bits) using <parameter>configargs</parameter>. See
<function>openssl_csr_new</function> for more information about
<parameter>configargs</parameter>.
</para>
&reference.openssl.note-openssl-cnf;
</refsect1>
</refentry>
<!-- Keep this comment at the end of the file
Local variables:

80
reference/openssl/functions/openssl-private-decrypt.xml
View file

@ -1,45 +1,45 @@
<?xml version="1.0" encoding="iso-8859-1"?>
<!-- $Revision: 1.8 $ -->
<!-- $Revision: 1.9 $ -->
<!-- splitted from ./en/functions/openssl.xml, last change in rev 1.19 -->
<refentry id="function.openssl-private-decrypt">
<refnamediv>
<refname>openssl_private_decrypt</refname>
<refpurpose>Decrypts data with private key </refpurpose>
</refnamediv>
<refsect1>
<title>Description</title>
<methodsynopsis>
<type>bool</type><methodname>openssl_private_decrypt</methodname>
<methodparam><type>string</type><parameter>data</parameter></methodparam>
<methodparam><type>string</type><parameter role="reference">decrypted</parameter></methodparam>
<methodparam><type>mixed</type><parameter>key</parameter></methodparam>
<methodparam choice="opt"><type>int</type><parameter>padding</parameter></methodparam>
</methodsynopsis>
<para>
<function>openssl_private_decrypt</function> decrypts
<parameter>data</parameter> that was previous encrypted via
<function>openssl_public_encrypt</function> and stores the result into
<parameter>decrypted</parameter>. <parameter>key</parameter> must be the
private key corresponding that was used to encrypt the
data. <parameter>padding</parameter> defaults to
<constant>OPENSSL_PKCS1_PADDING</constant>, but can also be one of
<constant>OPENSSL_SSLV23_PADDING</constant>,
<constant>OPENSSL_PKCS1_OAEP_PADDING</constant>,
<constant>OPENSSL_NO_PADDING</constant>.
</para>
<para>
&return.success;
</para>
<para>
You can use this function e.g. to decrypt data which were supposed only to
you.
</para>
<para>
See also <function>openssl_public_encrypt</function> and
<function>openssl_public_decrypt</function>.
</para>
</refsect1>
</refentry>
<refentry id="function.openssl-private-decrypt">
<refnamediv>
<refname>openssl_private_decrypt</refname>
<refpurpose>Decrypts data with private key </refpurpose>
</refnamediv>
<refsect1>
<title>Description</title>
<methodsynopsis>
<type>bool</type><methodname>openssl_private_decrypt</methodname>
<methodparam><type>string</type><parameter>data</parameter></methodparam>
<methodparam><type>string</type><parameter role="reference">decrypted</parameter></methodparam>
<methodparam><type>mixed</type><parameter>key</parameter></methodparam>
<methodparam choice="opt"><type>int</type><parameter>padding</parameter></methodparam>
</methodsynopsis>
<para>
<function>openssl_private_decrypt</function> decrypts
<parameter>data</parameter> that was previous encrypted via
<function>openssl_public_encrypt</function> and stores the result into
<parameter>decrypted</parameter>. <parameter>key</parameter> must be the
private key corresponding that was used to encrypt the
data. <parameter>padding</parameter> defaults to
<constant>OPENSSL_PKCS1_PADDING</constant>, but can also be one of
<constant>OPENSSL_SSLV23_PADDING</constant>,
<constant>OPENSSL_PKCS1_OAEP_PADDING</constant>,
<constant>OPENSSL_NO_PADDING</constant>.
</para>
<para>
&return.success;
</para>
<para>
You can use this function e.g. to decrypt data which were supposed only to
you.
</para>
<para>
See also <function>openssl_public_encrypt</function> and
<function>openssl_public_decrypt</function>.
</para>
</refsect1>
</refentry>
<!-- Keep this comment at the end of the file
Local variables:

72
reference/openssl/functions/openssl-private-encrypt.xml
View file

@ -1,41 +1,41 @@
<?xml version="1.0" encoding="iso-8859-1"?>
<!-- $Revision: 1.8 $ -->
<!-- $Revision: 1.9 $ -->
<!-- splitted from ./en/functions/openssl.xml, last change in rev 1.19 -->
<refentry id="function.openssl-private-encrypt">
<refnamediv>
<refname>openssl_private_encrypt</refname>
<refpurpose>Encrypts data with private key </refpurpose>
</refnamediv>
<refsect1>
<title>Description</title>
<methodsynopsis>
<type>bool</type><methodname>openssl_private_encrypt</methodname>
<methodparam><type>string</type><parameter>data</parameter></methodparam>
<methodparam><type>string</type><parameter role="reference">crypted</parameter></methodparam>
<methodparam><type>mixed</type><parameter>key</parameter></methodparam>
<methodparam choice="opt"><type>int</type><parameter>padding</parameter></methodparam>
</methodsynopsis>
<para>
<function>openssl_private_encrypt</function> encrypts <parameter>data</parameter>
with private <parameter>key</parameter> and stores the result into
<parameter>crypted</parameter>. Encrypted data can be decrypted via
<function>openssl_public_decrypt</function>. <parameter>padding</parameter>
defaults to <constant>OPENSSL_PKCS1_PADDING</constant>, but can also be
<constant>OPENSSL_NO_PADDING</constant>.
</para>
<para>
&return.success;
</para>
<para>
This function can be used e.g. to sign data (or its hash) to prove that it
is not written by someone else.
</para>
<para>
See also <function>openssl_public_decrypt</function> and
<function>openssl_public_encrypt</function>.
</para>
</refsect1>
</refentry>
<refentry id="function.openssl-private-encrypt">
<refnamediv>
<refname>openssl_private_encrypt</refname>
<refpurpose>Encrypts data with private key </refpurpose>
</refnamediv>
<refsect1>
<title>Description</title>
<methodsynopsis>
<type>bool</type><methodname>openssl_private_encrypt</methodname>
<methodparam><type>string</type><parameter>data</parameter></methodparam>
<methodparam><type>string</type><parameter role="reference">crypted</parameter></methodparam>
<methodparam><type>mixed</type><parameter>key</parameter></methodparam>
<methodparam choice="opt"><type>int</type><parameter>padding</parameter></methodparam>
</methodsynopsis>
<para>
<function>openssl_private_encrypt</function> encrypts <parameter>data</parameter>
with private <parameter>key</parameter> and stores the result into
<parameter>crypted</parameter>. Encrypted data can be decrypted via
<function>openssl_public_decrypt</function>. <parameter>padding</parameter>
defaults to <constant>OPENSSL_PKCS1_PADDING</constant>, but can also be
<constant>OPENSSL_NO_PADDING</constant>.
</para>
<para>
&return.success;
</para>
<para>
This function can be used e.g. to sign data (or its hash) to prove that it
is not written by someone else.
</para>
<para>
See also <function>openssl_public_decrypt</function> and
<function>openssl_public_encrypt</function>.
</para>
</refsect1>
</refentry>
<!-- Keep this comment at the end of the file
Local variables:

76
reference/openssl/functions/openssl-public-decrypt.xml
View file

@ -1,43 +1,43 @@
<?xml version="1.0" encoding="iso-8859-1"?>
<!-- $Revision: 1.8 $ -->
<!-- $Revision: 1.9 $ -->
<!-- splitted from ./en/functions/openssl.xml, last change in rev 1.19 -->
<refentry id="function.openssl-public-decrypt">
<refnamediv>
<refname>openssl_public_decrypt</refname>
<refpurpose>Decrypts data with public key </refpurpose>
</refnamediv>
<refsect1>
<title>Description</title>
<methodsynopsis>
<type>bool</type><methodname>openssl_public_decrypt</methodname>
<methodparam><type>string</type><parameter>data</parameter></methodparam>
<methodparam><type>string</type><parameter role="reference">decrypted</parameter></methodparam>
<methodparam><type>mixed</type><parameter>key</parameter></methodparam>
<methodparam choice="opt"><type>int</type><parameter>padding</parameter></methodparam>
</methodsynopsis>
<para>
<function>openssl_public_decrypt</function> decrypts
<parameter>data</parameter> that was previous encrypted via
<function>openssl_private_encrypt</function> and stores the result into
<parameter>decrypted</parameter>. <parameter>key</parameter> must be the
public key corresponding that was used to encrypt the
data. <parameter>padding</parameter> defaults to
<constant>OPENSSL_PKCS1_PADDING</constant>, but can also be
<constant>OPENSSL_NO_PADDING</constant>.
</para>
<para>
&return.success;
</para>
<para>
You can use this function e.g. to check if the message was written by the
owner of the private key.
</para>
<para>
See also <function>openssl_private_encrypt</function> and
<function>openssl_private_decrypt</function>.
</para>
</refsect1>
</refentry>
<refentry id="function.openssl-public-decrypt">
<refnamediv>
<refname>openssl_public_decrypt</refname>
<refpurpose>Decrypts data with public key </refpurpose>
</refnamediv>
<refsect1>
<title>Description</title>
<methodsynopsis>
<type>bool</type><methodname>openssl_public_decrypt</methodname>
<methodparam><type>string</type><parameter>data</parameter></methodparam>
<methodparam><type>string</type><parameter role="reference">decrypted</parameter></methodparam>
<methodparam><type>mixed</type><parameter>key</parameter></methodparam>
<methodparam choice="opt"><type>int</type><parameter>padding</parameter></methodparam>
</methodsynopsis>
<para>
<function>openssl_public_decrypt</function> decrypts
<parameter>data</parameter> that was previous encrypted via
<function>openssl_private_encrypt</function> and stores the result into
<parameter>decrypted</parameter>. <parameter>key</parameter> must be the
public key corresponding that was used to encrypt the
data. <parameter>padding</parameter> defaults to
<constant>OPENSSL_PKCS1_PADDING</constant>, but can also be
<constant>OPENSSL_NO_PADDING</constant>.
</para>
<para>
&return.success;
</para>
<para>
You can use this function e.g. to check if the message was written by the
owner of the private key.
</para>
<para>
See also <function>openssl_private_encrypt</function> and
<function>openssl_private_decrypt</function>.
</para>
</refsect1>
</refentry>
<!-- Keep this comment at the end of the file
Local variables:

78
reference/openssl/functions/openssl-public-encrypt.xml
View file

@ -1,44 +1,44 @@
<?xml version="1.0" encoding="iso-8859-1"?>
<!-- $Revision: 1.8 $ -->
<!-- $Revision: 1.9 $ -->
<!-- splitted from ./en/functions/openssl.xml, last change in rev 1.19 -->
<refentry id="function.openssl-public-encrypt">
<refnamediv>
<refname>openssl_public_encrypt</refname>
<refpurpose>Encrypts data with public key </refpurpose>
</refnamediv>
<refsect1>
<title>Description</title>
<methodsynopsis>
<type>bool</type><methodname>openssl_public_encrypt</methodname>
<methodparam><type>string</type><parameter>data</parameter></methodparam>
<methodparam><type>string</type><parameter role="reference">crypted</parameter></methodparam>
<methodparam><type>mixed</type><parameter>key</parameter></methodparam>
<methodparam choice="opt"><type>int</type><parameter>padding</parameter></methodparam>
</methodsynopsis>
<para>
<function>openssl_public_encrypt</function> encrypts <parameter>data</parameter>
with public <parameter>key</parameter> and stores the result into
<parameter>crypted</parameter>. Encrypted data can be decrypted via
<function>openssl_private_decrypt</function>. <parameter>padding</parameter>
defaults to <constant>OPENSSL_PKCS1_PADDING</constant>, but can also be
one of <constant>OPENSSL_SSLV23_PADDING</constant>,
<constant>OPENSSL_PKCS1_OAEP_PADDING</constant>,
<constant>OPENSSL_NO_PADDING</constant>.
</para>
<para>
&return.success;
</para>
<para>
This function can be used e.g. to encrypt message which can be then read
only by owner of the private key. It can be also used to store secure data
in database.
</para>
<para>
See also <function>openssl_private_decrypt</function> and
<function>openssl_private_encrypt</function>.
</para>
</refsect1>
</refentry>
<refentry id="function.openssl-public-encrypt">
<refnamediv>
<refname>openssl_public_encrypt</refname>
<refpurpose>Encrypts data with public key </refpurpose>
</refnamediv>
<refsect1>
<title>Description</title>
<methodsynopsis>
<type>bool</type><methodname>openssl_public_encrypt</methodname>
<methodparam><type>string</type><parameter>data</parameter></methodparam>
<methodparam><type>string</type><parameter role="reference">crypted</parameter></methodparam>
<methodparam><type>mixed</type><parameter>key</parameter></methodparam>
<methodparam choice="opt"><type>int</type><parameter>padding</parameter></methodparam>
</methodsynopsis>
<para>
<function>openssl_public_encrypt</function> encrypts <parameter>data</parameter>
with public <parameter>key</parameter> and stores the result into
<parameter>crypted</parameter>. Encrypted data can be decrypted via
<function>openssl_private_decrypt</function>. <parameter>padding</parameter>
defaults to <constant>OPENSSL_PKCS1_PADDING</constant>, but can also be
one of <constant>OPENSSL_SSLV23_PADDING</constant>,
<constant>OPENSSL_PKCS1_OAEP_PADDING</constant>,
<constant>OPENSSL_NO_PADDING</constant>.
</para>
<para>
&return.success;
</para>
<para>
This function can be used e.g. to encrypt message which can be then read
only by owner of the private key. It can be also used to store secure data
in database.
</para>
<para>
See also <function>openssl_private_decrypt</function> and
<function>openssl_private_encrypt</function>.
</para>
</refsect1>
</refentry>
<!-- Keep this comment at the end of the file
Local variables:

88
reference/openssl/functions/openssl-seal.xml
View file

@ -1,42 +1,42 @@
<?xml version="1.0" encoding="iso-8859-1"?>
<!-- $Revision: 1.7 $ -->
<!-- $Revision: 1.8 $ -->
<!-- splitted from ./en/functions/openssl.xml, last change in rev 1.1 -->
<refentry id="function.openssl-seal">
<refnamediv>
<refname>openssl_seal</refname>
<refpurpose>Seal (encrypt) data</refpurpose>
</refnamediv>
<refsect1>
<title>Description</title>
<methodsynopsis>
<type>int</type><methodname>openssl_seal</methodname>
<methodparam><type>string</type><parameter>data</parameter></methodparam>
<methodparam><type>string</type><parameter role="reference">sealed_data</parameter></methodparam>
<methodparam><type>array</type><parameter role="reference">env_keys</parameter></methodparam>
<methodparam><type>array</type><parameter>pub_key_ids</parameter></methodparam>
</methodsynopsis>
<para>
Returns the length of the sealed data on success, or &false; on error.
If successful the sealed data is returned in
<parameter>sealed_data</parameter>, and the envelope keys in
<parameter>env_keys</parameter>.
<refentry id="function.openssl-seal">
<refnamediv>
<refname>openssl_seal</refname>
<refpurpose>Seal (encrypt) data</refpurpose>
</refnamediv>
<refsect1>
<title>Description</title>
<methodsynopsis>
<type>int</type><methodname>openssl_seal</methodname>
<methodparam><type>string</type><parameter>data</parameter></methodparam>
<methodparam><type>string</type><parameter role="reference">sealed_data</parameter></methodparam>
<methodparam><type>array</type><parameter role="reference">env_keys</parameter></methodparam>
<methodparam><type>array</type><parameter>pub_key_ids</parameter></methodparam>
</methodsynopsis>
<para>
Returns the length of the sealed data on success, or &false; on error.
If successful the sealed data is returned in
<parameter>sealed_data</parameter>, and the envelope keys in
<parameter>env_keys</parameter>.
</para>
<para>
<function>openssl_seal</function> seals (encrypts)
<parameter>data</parameter> by using RC4 with a randomly generated
secret key. The key is encrypted with each of the public keys
associated with the identifiers in <parameter>pub_key_ids</parameter>
and each encrypted key is returned
in <parameter>env_keys</parameter>. This means that one can send
sealed data to multiple recipients (provided one has obtained their
public keys). Each recipient must receive both the sealed data and
the envelope key that was encrypted with the recipient's public key.
</para>
<para>
<example>
<title><function>openssl_seal</function> example</title>
<programlisting role="php">
</para>
<para>
<function>openssl_seal</function> seals (encrypts)
<parameter>data</parameter> by using RC4 with a randomly generated
secret key. The key is encrypted with each of the public keys
associated with the identifiers in <parameter>pub_key_ids</parameter>
and each encrypted key is returned
in <parameter>env_keys</parameter>. This means that one can send
sealed data to multiple recipients (provided one has obtained their
public keys). Each recipient must receive both the sealed data and
the envelope key that was encrypted with the recipient's public key.
</para>
<para>
<example>
<title><function>openssl_seal</function> example</title>
<programlisting role="php">
<![CDATA[
<?php
// $data is assumed to contain the data to be sealed
@ -61,14 +61,14 @@ openssl_free_key($pk1);
openssl_free_key($pk2);
?>
]]>
</programlisting>
</example>
</para>
<simpara>
See also <function>openssl_open</function>.
</simpara>
</refsect1>
</refentry>
</programlisting>
</example>
</para>
<simpara>
See also <function>openssl_open</function>.
</simpara>
</refsect1>
</refentry>
<!-- Keep this comment at the end of the file
Local variables:

94
reference/openssl/functions/openssl-sign.xml
View file

@ -1,44 +1,44 @@
<?xml version="1.0" encoding="iso-8859-1"?>
<!-- $Revision: 1.9 $ -->
<!-- $Revision: 1.10 $ -->
<!-- splitted from ./en/functions/openssl.xml, last change in rev 1.1 -->
<refentry id="function.openssl-sign">
<refnamediv>
<refname>openssl_sign</refname>
<refpurpose>Generate signature</refpurpose>
</refnamediv>
<refsect1>
<title>Description</title>
<methodsynopsis>
<type>bool</type><methodname>openssl_sign</methodname>
<methodparam><type>string</type><parameter>data</parameter></methodparam>
<methodparam><type>string</type><parameter role="reference">signature</parameter></methodparam>
<methodparam><type>mixed</type><parameter>priv_key_id</parameter></methodparam>
<methodparam choice="opt"><type>int</type><parameter>signature_alg</parameter></methodparam>
</methodsynopsis>
<para>
&return.success;
If successful the signature is returned in
<parameter>signature</parameter>.
</para>
<para>
<function>openssl_sign</function> computes a signature for the
specified <parameter>data</parameter> by using SHA1 for hashing
followed by encryption using the private key associated with
<parameter>priv_key_id</parameter>. Note that the data itself is
not encrypted.
</para>
<note>
<para>
Optional 4th parameter <parameter>signature_alg</parameter> was added in
version 5.0.0. Its default value is
<constant>OPENSSL_ALGO_SHA1</constant>. For more information see the
list of <link linkend="openssl.signature-algos">Signature Algorithms</link>.
</para>
</note>
<para>
<example>
<title><function>openssl_sign</function> example</title>
<programlisting role="php">
<refentry id="function.openssl-sign">
<refnamediv>
<refname>openssl_sign</refname>
<refpurpose>Generate signature</refpurpose>
</refnamediv>
<refsect1>
<title>Description</title>
<methodsynopsis>
<type>bool</type><methodname>openssl_sign</methodname>
<methodparam><type>string</type><parameter>data</parameter></methodparam>
<methodparam><type>string</type><parameter role="reference">signature</parameter></methodparam>
<methodparam><type>mixed</type><parameter>priv_key_id</parameter></methodparam>
<methodparam choice="opt"><type>int</type><parameter>signature_alg</parameter></methodparam>
</methodsynopsis>
<para>
&return.success;
If successful the signature is returned in
<parameter>signature</parameter>.
</para>
<para>
<function>openssl_sign</function> computes a signature for the
specified <parameter>data</parameter> by using SHA1 for hashing
followed by encryption using the private key associated with
<parameter>priv_key_id</parameter>. Note that the data itself is
not encrypted.
</para>
<note>
<para>
Optional 4th parameter <parameter>signature_alg</parameter> was added in
version 5.0.0. Its default value is
<constant>OPENSSL_ALGO_SHA1</constant>. For more information see the
list of <link linkend="openssl.signature-algos">Signature Algorithms</link>.
</para>
</note>
<para>
<example>
<title><function>openssl_sign</function> example</title>
<programlisting role="php">
<![CDATA[
<?php
// $data is assumed to contain the data to be signed
@ -56,14 +56,14 @@ openssl_sign($data, $signature, $pkeyid);
openssl_free_key($pkeyid);
?>
]]>
</programlisting>
</example>
</para>
<simpara>
See also <function>openssl_verify</function>.
</simpara>
</refsect1>
</refentry>
</programlisting>
</example>
</para>
<simpara>
See also <function>openssl_verify</function>.
</simpara>
</refsect1>
</refentry>
<!-- Keep this comment at the end of the file
Local variables:

92
reference/openssl/functions/openssl-verify.xml
View file

@ -1,43 +1,43 @@
<?xml version="1.0" encoding="iso-8859-1"?>
<!-- $Revision: 1.7 $ -->
<!-- $Revision: 1.8 $ -->
<!-- splitted from ./en/functions/openssl.xml, last change in rev 1.1 -->
<refentry id="function.openssl-verify">
<refnamediv>
<refname>openssl_verify</refname>
<refpurpose>Verify signature</refpurpose>
</refnamediv>
<refsect1>
<title>Description</title>
<methodsynopsis>
<type>int</type><methodname>openssl_verify</methodname>
<methodparam><type>string</type><parameter>data</parameter></methodparam>
<methodparam><type>string</type><parameter>signature</parameter></methodparam>
<methodparam><type>mixed</type><parameter>pub_key_id</parameter></methodparam>
<methodparam choice="opt"><type>int</type><parameter>signature_alg</parameter></methodparam>
</methodsynopsis>
<para>
Returns 1 if the signature is correct, 0 if it is incorrect, and
-1 on error.
</para>
<para>
<function>openssl_verify</function> verifies that the
<parameter>signature</parameter> is correct for the specified
<parameter>data</parameter> using the public key associated with
<parameter>pub_key_id</parameter>. This must be the public key
corresponding to the private key used for signing.
</para>
<note>
<para>
Optional 4th parameter <parameter>signature_alg</parameter> was added in
version 5.2.0. Its default value is
<constant>OPENSSL_ALGO_SHA1</constant>. For more information see the
list of <link linkend="openssl.signature-algos">Signature Algorithms</link>.
</para>
</note>
<para>
<example>
<title><function>openssl_verify</function> example</title>
<programlisting role="php">
<refentry id="function.openssl-verify">
<refnamediv>
<refname>openssl_verify</refname>
<refpurpose>Verify signature</refpurpose>
</refnamediv>
<refsect1>
<title>Description</title>
<methodsynopsis>
<type>int</type><methodname>openssl_verify</methodname>
<methodparam><type>string</type><parameter>data</parameter></methodparam>
<methodparam><type>string</type><parameter>signature</parameter></methodparam>
<methodparam><type>mixed</type><parameter>pub_key_id</parameter></methodparam>
<methodparam choice="opt"><type>int</type><parameter>signature_alg</parameter></methodparam>
</methodsynopsis>
<para>
Returns 1 if the signature is correct, 0 if it is incorrect, and
-1 on error.
</para>
<para>
<function>openssl_verify</function> verifies that the
<parameter>signature</parameter> is correct for the specified
<parameter>data</parameter> using the public key associated with
<parameter>pub_key_id</parameter>. This must be the public key
corresponding to the private key used for signing.
</para>
<note>
<para>
Optional 4th parameter <parameter>signature_alg</parameter> was added in
version 5.2.0. Its default value is
<constant>OPENSSL_ALGO_SHA1</constant>. For more information see the
list of <link linkend="openssl.signature-algos">Signature Algorithms</link>.
</para>
</note>
<para>
<example>
<title><function>openssl_verify</function> example</title>
<programlisting role="php">
<![CDATA[
<?php
// $data and $signature are assumed to contain the data and the signature
@ -61,14 +61,14 @@ if ($ok == 1) {
openssl_free_key($pubkeyid);
?>
]]>
</programlisting>
</example>
</para>
<simpara>
See also <function>openssl_sign</function>.
</simpara>
</refsect1>
</refentry>
</programlisting>
</example>
</para>
<simpara>
See also <function>openssl_sign</function>.
</simpara>
</refsect1>
</refentry>
<!-- Keep this comment at the end of the file
Local variables:

40
reference/openssl/functions/openssl-x509-check-private-key.xml
View file

@ -1,25 +1,25 @@
<?xml version="1.0" encoding="iso-8859-1"?>
<!-- $Revision: 1.3 $ -->
<!-- $Revision: 1.4 $ -->
<!-- splitted from ./en/functions/openssl.xml, last change in rev 1.19 -->
<refentry id="function.openssl-x509-check-private-key">
<refnamediv>
<refname>openssl_x509_check_private_key</refname>
<refpurpose>Checks if a private key corresponds to a certificate</refpurpose>
</refnamediv>
<refsect1>
<title>Description</title>
<methodsynopsis>
<type>bool</type><methodname>openssl_x509_check_private_key</methodname>
<methodparam><type>mixed</type><parameter>cert</parameter></methodparam>
<methodparam><type>mixed</type><parameter>key</parameter></methodparam>
</methodsynopsis>
<para>
<function>openssl_x509_check_private_key</function> returns &true; if
<parameter>key</parameter> is the private key that corresponds to
<parameter>cert</parameter>, or &false; otherwise.
</para>
</refsect1>
</refentry>
<refentry id="function.openssl-x509-check-private-key">
<refnamediv>
<refname>openssl_x509_check_private_key</refname>
<refpurpose>Checks if a private key corresponds to a certificate</refpurpose>
</refnamediv>
<refsect1>
<title>Description</title>
<methodsynopsis>
<type>bool</type><methodname>openssl_x509_check_private_key</methodname>
<methodparam><type>mixed</type><parameter>cert</parameter></methodparam>
<methodparam><type>mixed</type><parameter>key</parameter></methodparam>
</methodsynopsis>
<para>
<function>openssl_x509_check_private_key</function> returns &true; if
<parameter>key</parameter> is the private key that corresponds to
<parameter>cert</parameter>, or &false; otherwise.
</para>
</refsect1>
</refentry>
<!-- Keep this comment at the end of the file
Local variables:

167
reference/openssl/functions/openssl-x509-checkpurpose.xml
View file

@ -1,89 +1,88 @@
<?xml version="1.0" encoding="iso-8859-1"?>
<!-- $Revision: 1.6 $ -->
<!-- $Revision: 1.7 $ -->
<!-- splitted from ./en/functions/openssl.xml, last change in rev 1.4 -->
<refentry id="function.openssl-x509-checkpurpose">
<refnamediv>
<refname>openssl_x509_checkpurpose</refname>
<refpurpose>Verifies if a certificate can be used for a particular
purpose</refpurpose>
</refnamediv>
<refsect1>
<title>Description</title>
<methodsynopsis>
<type>int</type><methodname>openssl_x509_checkpurpose</methodname>
<methodparam><type>mixed</type><parameter>x509cert</parameter></methodparam>
<methodparam><type>int</type><parameter>purpose</parameter></methodparam>
<methodparam choice="opt"><type>array</type><parameter>cainfo</parameter></methodparam>
<methodparam choice="opt"><type>string</type><parameter>untrustedfile</parameter></methodparam>
</methodsynopsis>
<para>
Returns &true; if the certificate can be used for the intended purpose,
&false; if it cannot, or -1 on error.
</para>
<para>
<function>openssl_x509_checkpurpose</function> examines the certificate
specified by <parameter>x509cert</parameter> to see if it can be used for
the purpose specified by <parameter>purpose</parameter>.
</para>
<para>
<parameter>cainfo</parameter> should be an array of trusted CA files/dirs
as described in <link linkend="openssl.cert.verification">Certificate
Verification</link>. It defaults to an empty array.
</para>
<para><parameter>untrustedfile</parameter>, if specified,
is the name of a PEM encoded file holding certificates that can be used to
help verify the certificate, although no trust in placed in the
certificates that come from that file.
</para>
<para>
<table>
<title><function>openssl_x509_checkpurpose</function> purposes</title>
<tgroup cols="2">
<thead>
<row>
<entry>Constant</entry>
<entry>Description</entry>
</row>
</thead>
<tbody>
<row>
<entry>X509_PURPOSE_SSL_CLIENT</entry>
<entry>Can the certificate be used for the client side of an SSL
connection?</entry>
</row>
<row>
<entry>X509_PURPOSE_SSL_SERVER</entry>
<entry>Can the certificate be used for the server side of an SSL
connection?</entry>
</row>
<row>
<entry>X509_PURPOSE_NS_SSL_SERVER</entry>
<entry>Can the cert be used for Netscape SSL server?</entry>
</row>
<row>
<entry>X509_PURPOSE_SMIME_SIGN</entry>
<entry>Can the cert be used to sign S/MIME email?</entry>
</row>
<row>
<entry>X509_PURPOSE_SMIME_ENCRYPT</entry>
<entry>Can the cert be used to encrypt S/MIME email?</entry>
</row>
<row>
<entry>X509_PURPOSE_CRL_SIGN</entry>
<entry>Can the cert be used to sign a certificate revocation list
(CRL)?</entry>
</row>
<row>
<entry>X509_PURPOSE_ANY</entry>
<entry>Can the cert be used for Any/All purposes?</entry>
</row>
</tbody>
</tgroup>
</table>
These options are not bitfields - you may specify one only!
</para>
</refsect1>
</refentry>
<refentry id="function.openssl-x509-checkpurpose">
<refnamediv>
<refname>openssl_x509_checkpurpose</refname>
<refpurpose>Verifies if a certificate can be used for a particular purpose</refpurpose>
</refnamediv>
<refsect1>
<title>Description</title>
<methodsynopsis>
<type>int</type><methodname>openssl_x509_checkpurpose</methodname>
<methodparam><type>mixed</type><parameter>x509cert</parameter></methodparam>
<methodparam><type>int</type><parameter>purpose</parameter></methodparam>
<methodparam choice="opt"><type>array</type><parameter>cainfo</parameter></methodparam>
<methodparam choice="opt"><type>string</type><parameter>untrustedfile</parameter></methodparam>
</methodsynopsis>
<para>
Returns &true; if the certificate can be used for the intended purpose,
&false; if it cannot, or -1 on error.
</para>
<para>
<function>openssl_x509_checkpurpose</function> examines the certificate
specified by <parameter>x509cert</parameter> to see if it can be used for
the purpose specified by <parameter>purpose</parameter>.
</para>
<para>
<parameter>cainfo</parameter> should be an array of trusted CA files/dirs
as described in <link linkend="openssl.cert.verification">Certificate
Verification</link>. It defaults to an empty array.
</para>
<para><parameter>untrustedfile</parameter>, if specified,
is the name of a PEM encoded file holding certificates that can be used to
help verify the certificate, although no trust in placed in the
certificates that come from that file.
</para>
<para>
<table>
<title><function>openssl_x509_checkpurpose</function> purposes</title>
<tgroup cols="2">
<thead>
<row>
<entry>Constant</entry>
<entry>Description</entry>
</row>
</thead>
<tbody>
<row>
<entry>X509_PURPOSE_SSL_CLIENT</entry>
<entry>Can the certificate be used for the client side of an SSL
connection?</entry>
</row>
<row>
<entry>X509_PURPOSE_SSL_SERVER</entry>
<entry>Can the certificate be used for the server side of an SSL
connection?</entry>
</row>
<row>
<entry>X509_PURPOSE_NS_SSL_SERVER</entry>
<entry>Can the cert be used for Netscape SSL server?</entry>
</row>
<row>
<entry>X509_PURPOSE_SMIME_SIGN</entry>
<entry>Can the cert be used to sign S/MIME email?</entry>
</row>
<row>
<entry>X509_PURPOSE_SMIME_ENCRYPT</entry>
<entry>Can the cert be used to encrypt S/MIME email?</entry>
</row>
<row>
<entry>X509_PURPOSE_CRL_SIGN</entry>
<entry>Can the cert be used to sign a certificate revocation list
(CRL)?</entry>
</row>
<row>
<entry>X509_PURPOSE_ANY</entry>
<entry>Can the cert be used for Any/All purposes?</entry>
</row>
</tbody>
</tgroup>
</table>
These options are not bitfields - you may specify one only!
</para>
</refsect1>
</refentry>
<!-- Keep this comment at the end of the file
Local variables:

50
reference/openssl/functions/openssl-x509-export-to-file.xml
View file

@ -1,30 +1,30 @@
<?xml version="1.0" encoding="iso-8859-1"?>
<!-- $Revision: 1.6 $ -->
<!-- $Revision: 1.7 $ -->
<!-- splitted from ./en/functions/openssl.xml, last change in rev 1.19 -->
<refentry id="function.openssl-x509-export-to-file">
<refnamediv>
<refname>openssl_x509_export_to_file</refname>
<refpurpose>Exports a certificate to file</refpurpose>
</refnamediv>
<refsect1>
<title>Description</title>
<methodsynopsis>
<type>bool</type><methodname>openssl_x509_export_to_file</methodname>
<methodparam><type>mixed</type><parameter>x509</parameter></methodparam>
<methodparam><type>string</type><parameter>outfilename</parameter></methodparam>
<methodparam choice="opt"><type>bool</type><parameter>notext</parameter></methodparam>
</methodsynopsis>
<para>
<function>openssl_x509_export_to_file</function> stores
<parameter>x509</parameter> into a file named by
<parameter>outfilename</parameter> in a PEM encoded format.
</para>
&reference.openssl.parameter-notext;
<para>
&return.success;
</para>
</refsect1>
</refentry>
<refentry id="function.openssl-x509-export-to-file">
<refnamediv>
<refname>openssl_x509_export_to_file</refname>
<refpurpose>Exports a certificate to file</refpurpose>
</refnamediv>
<refsect1>
<title>Description</title>
<methodsynopsis>
<type>bool</type><methodname>openssl_x509_export_to_file</methodname>
<methodparam><type>mixed</type><parameter>x509</parameter></methodparam>
<methodparam><type>string</type><parameter>outfilename</parameter></methodparam>
<methodparam choice="opt"><type>bool</type><parameter>notext</parameter></methodparam>
</methodsynopsis>
<para>
<function>openssl_x509_export_to_file</function> stores
<parameter>x509</parameter> into a file named by
<parameter>outfilename</parameter> in a PEM encoded format.
</para>
&reference.openssl.parameter-notext;
<para>
&return.success;
</para>
</refsect1>
</refentry>
<!-- Keep this comment at the end of the file
Local variables:

50
reference/openssl/functions/openssl-x509-export.xml
View file

@ -1,30 +1,30 @@
<?xml version="1.0" encoding="iso-8859-1"?>
<!-- $Revision: 1.6 $ -->
<!-- $Revision: 1.7 $ -->
<!-- splitted from ./en/functions/openssl.xml, last change in rev 1.19 -->
<refentry id="function.openssl-x509-export">
<refnamediv>
<refname>openssl_x509_export</refname>
<refpurpose>Exports a certificate as a string</refpurpose>
</refnamediv>
<refsect1>
<title>Description</title>
<methodsynopsis>
<type>bool</type><methodname>openssl_x509_export</methodname>
<methodparam><type>mixed</type><parameter>x509</parameter></methodparam>
<methodparam><type>string</type><parameter role="reference">output</parameter></methodparam>
<methodparam choice="opt"><type>bool</type><parameter>notext</parameter></methodparam>
</methodsynopsis>
<para>
<function>openssl_x509_export</function> stores
<parameter>x509</parameter> into a string named by
<parameter>output</parameter> in a PEM encoded format.
</para>
&reference.openssl.parameter-notext;
<para>
&return.success;
</para>
</refsect1>
</refentry>
<refentry id="function.openssl-x509-export">
<refnamediv>
<refname>openssl_x509_export</refname>
<refpurpose>Exports a certificate as a string</refpurpose>
</refnamediv>
<refsect1>
<title>Description</title>
<methodsynopsis>
<type>bool</type><methodname>openssl_x509_export</methodname>
<methodparam><type>mixed</type><parameter>x509</parameter></methodparam>
<methodparam><type>string</type><parameter role="reference">output</parameter></methodparam>
<methodparam choice="opt"><type>bool</type><parameter>notext</parameter></methodparam>
</methodsynopsis>
<para>
<function>openssl_x509_export</function> stores
<parameter>x509</parameter> into a string named by
<parameter>output</parameter> in a PEM encoded format.
</para>
&reference.openssl.parameter-notext;
<para>
&return.success;
</para>
</refsect1>
</refentry>
<!-- Keep this comment at the end of the file
Local variables:

36
reference/openssl/functions/openssl-x509-free.xml
View file

@ -1,23 +1,23 @@
<?xml version="1.0" encoding="iso-8859-1"?>
<!-- $Revision: 1.4 $ -->
<!-- $Revision: 1.5 $ -->
<!-- splitted from ./en/functions/openssl.xml, last change in rev 1.4 -->
<refentry id="function.openssl-x509-free">
<refnamediv>
<refname>openssl_x509_free</refname>
<refpurpose>Free certificate resource</refpurpose>
</refnamediv>
<refsect1>
<title>Description</title>
<methodsynopsis>
<type>void</type><methodname>openssl_x509_free</methodname>
<methodparam><type>resource</type><parameter>x509cert</parameter></methodparam>
</methodsynopsis>
<para>
<function>openssl_x509_free</function> frees the certificate associated
with the specified <parameter>x509cert</parameter> resource from memory.
</para>
</refsect1>
</refentry>
<refentry id="function.openssl-x509-free">
<refnamediv>
<refname>openssl_x509_free</refname>
<refpurpose>Free certificate resource</refpurpose>
</refnamediv>
<refsect1>
<title>Description</title>
<methodsynopsis>
<type>void</type><methodname>openssl_x509_free</methodname>
<methodparam><type>resource</type><parameter>x509cert</parameter></methodparam>
</methodsynopsis>
<para>
<function>openssl_x509_free</function> frees the certificate associated
with the specified <parameter>x509cert</parameter> resource from memory.
</para>
</refsect1>
</refentry>
<!-- Keep this comment at the end of the file
Local variables:

56
reference/openssl/functions/openssl-x509-parse.xml
View file

@ -1,32 +1,34 @@
<?xml version="1.0" encoding="iso-8859-1"?>
<!-- $Revision: 1.5 $ -->
<!-- $Revision: 1.6 $ -->
<!-- splitted from ./en/functions/openssl.xml, last change in rev 1.4 -->
<refentry id="function.openssl-x509-parse">
<refnamediv>
<refname>openssl_x509_parse</refname>
<refpurpose>Parse an X509 certificate and return the information as an
array</refpurpose>
</refnamediv>
<refsect1>
<title>Description</title>
<methodsynopsis>
<type>array</type><methodname>openssl_x509_parse</methodname>
<methodparam><type>mixed</type><parameter>x509cert</parameter></methodparam>
<methodparam choice="opt"><type>bool</type><parameter>shortnames</parameter></methodparam>
</methodsynopsis>
<para>
<function>openssl_x509_parse</function> returns information about the
supplied <parameter>x509cert</parameter>, including fields such as subject
name, issuer name, purposes, valid from and valid to dates etc.
<parameter>shortnames</parameter> controls how the data is indexed in the
array - if <parameter>shortnames</parameter> is &true; (the default) then
fields will be indexed with the short name form, otherwise, the long name
form will be used - e.g.: CN is the shortname form of commonName.
</para>
<para><emphasis>The structure of the returned data is (deliberately) not
yet documented, as it is still subject to change.</emphasis></para>
</refsect1>
</refentry>
<refentry id="function.openssl-x509-parse">
<refnamediv>
<refname>openssl_x509_parse</refname>
<refpurpose>Parse an X509 certificate and return the information as an
array</refpurpose>
</refnamediv>
<refsect1>
<title>Description</title>
<methodsynopsis>
<type>array</type><methodname>openssl_x509_parse</methodname>
<methodparam><type>mixed</type><parameter>x509cert</parameter></methodparam>
<methodparam choice="opt"><type>bool</type><parameter>shortnames</parameter></methodparam>
</methodsynopsis>
<para>
<function>openssl_x509_parse</function> returns information about the
supplied <parameter>x509cert</parameter>, including fields such as subject
name, issuer name, purposes, valid from and valid to dates etc.
<parameter>shortnames</parameter> controls how the data is indexed in the
array - if <parameter>shortnames</parameter> is &true; (the default) then
fields will be indexed with the short name form, otherwise, the long name
form will be used - e.g.: CN is the shortname form of commonName.
</para>
<para>
<emphasis>The structure of the returned data is (deliberately) not
yet documented, as it is still subject to change.</emphasis>
</para>
</refsect1>
</refentry>
<!-- Keep this comment at the end of the file
Local variables:

40
reference/openssl/functions/openssl-x509-read.xml
View file

@ -1,25 +1,25 @@
<?xml version="1.0" encoding="iso-8859-1"?>
<!-- $Revision: 1.4 $ -->
<!-- $Revision: 1.5 $ -->
<!-- splitted from ./en/functions/openssl.xml, last change in rev 1.4 -->
<refentry id="function.openssl-x509-read">
<refnamediv>
<refname>openssl_x509_read</refname>
<refpurpose>Parse an X.509 certificate and return a resource identifier for
it</refpurpose>
</refnamediv>
<refsect1>
<title>Description</title>
<methodsynopsis>
<type>resource</type><methodname>openssl_x509_read</methodname>
<methodparam><type>mixed</type><parameter>x509certdata</parameter></methodparam>
</methodsynopsis>
<para>
<function>openssl_x509_read</function> parses the certificate supplied by
<parameter>x509certdata</parameter> and returns a resource identifier for
it.
</para>
</refsect1>
</refentry>
<refentry id="function.openssl-x509-read">
<refnamediv>
<refname>openssl_x509_read</refname>
<refpurpose>Parse an X.509 certificate and return a resource identifier for
it</refpurpose>
</refnamediv>
<refsect1>
<title>Description</title>
<methodsynopsis>
<type>resource</type><methodname>openssl_x509_read</methodname>
<methodparam><type>mixed</type><parameter>x509certdata</parameter></methodparam>
</methodsynopsis>
<para>
<function>openssl_x509_read</function> parses the certificate supplied by
<parameter>x509certdata</parameter> and returns a resource identifier for
it.
</para>
</refsect1>
</refentry>
<!-- Keep this comment at the end of the file
Local variables: