<?xml version="1.0" encoding="iso-8859-1"?>
<!-- $Revision: 1.6 $ -->
<!-- splitted from ./en/functions/openssl.xml, last change in rev 1.1 -->
  <refentry id="function.openssl-open">
   <refnamediv>
    <refname>openssl_open</refname>
    <refpurpose>Open sealed data</refpurpose>
   </refnamediv>
   <refsect1>
    <title>Description</title>
     <methodsynopsis>
      <type>bool</type><methodname>openssl_open</methodname>
      <methodparam><type>string</type><parameter>sealed_data</parameter></methodparam>
      <methodparam><type>string</type><parameter>&amp;open_data</parameter></methodparam>
      <methodparam><type>string</type><parameter>env_key</parameter></methodparam>
      <methodparam><type>mixed</type><parameter>priv_key_id</parameter></methodparam>
     </methodsynopsis>
    <para>
     &return.success; If successful the opened
     data is returned in <parameter>open_data</parameter>.
    </para>
    <para>
     <function>openssl_open</function> opens (decrypts)
     <parameter>sealed_data</parameter> using the private key associated with
     the key identifier <parameter>priv_key_id</parameter> and the envelope key
     <parameter>env_key</parameter>, and fills
     <parameter>open_data</parameter> with the decrypted data.
     The envelope key is generated when the
     data are sealed and can only be used by one specific private key. See
     <function>openssl_seal</function> for more information.
    </para>
    <para>
     <example>
      <title><function>openssl_open</function> example</title>
      <programlisting role="php">
<![CDATA[
<?php
// $sealed and $env_key are assumed to contain the sealed data
// and our envelope key, both given to us by the sealer.

// fetch private key from file and ready it
$fp = fopen("/src/openssl-0.9.6/demos/sign/key.pem", "r");
$priv_key = fread($fp, 8192);
fclose($fp);
$pkeyid = openssl_get_privatekey($priv_key);

// decrypt the data and store it in $open
if (openssl_open($sealed, $open, $env_key, $pkeyid)) {
    echo "here is the opened data: ", $open;
} else {
    echo "failed to open data";
}

// free the private key from memory
openssl_free_key($pkeyid);
?>
]]>
      </programlisting>
     </example>
    </para>
    <simpara>
     See also <function>openssl_seal</function>.
    </simpara>
   </refsect1>
  </refentry>

<!-- Keep this comment at the end of the file
Local variables:
mode: sgml
sgml-omittag:t
sgml-shorttag:t
sgml-minimize-attributes:nil
sgml-always-quote-attributes:t
sgml-indent-step:1
sgml-indent-data:t
indent-tabs-mode:nil
sgml-parent-document:nil
sgml-default-dtd-file:"../../../../manual.ced"
sgml-exposed-tags:nil
sgml-local-catalogs:nil
sgml-local-ecat-files:nil
End:
vim600: syn=xml fen fdm=syntax fdl=2 si
vim: et tw=78 syn=sgml
vi: ts=1 sw=1
-->