<?xml version="1.0" encoding="utf-8"?>
<!-- $Revision$ -->
<refentry xmlns="http://docbook.org/ns/docbook" xml:id="function.openssl-open">
 <refnamediv>
  <refname>openssl_open</refname>
  <refpurpose>Open sealed data</refpurpose>
 </refnamediv>
 
 <refsect1 role="description">
  &reftitle.description;
  <methodsynopsis>
   <type>bool</type><methodname>openssl_open</methodname>
   <methodparam><type>string</type><parameter>sealed_data</parameter></methodparam>
   <methodparam><type>string</type><parameter role="reference">open_data</parameter></methodparam>
   <methodparam><type>string</type><parameter>env_key</parameter></methodparam>
   <methodparam><type>mixed</type><parameter>priv_key_id</parameter></methodparam>
   <methodparam choice="opt"><type>string</type><parameter>method</parameter></methodparam>
  </methodsynopsis>
  <para>
   <function>openssl_open</function> opens (decrypts)
   <parameter>sealed_data</parameter> using the private key associated with
   the key identifier <parameter>priv_key_id</parameter> and the envelope key
   <parameter>env_key</parameter>, and fills
   <parameter>open_data</parameter> with the decrypted data.
   The envelope key is generated when the
   data are sealed and can only be used by one specific private key. See
   <function>openssl_seal</function> for more information.
  </para>
 </refsect1>

 <refsect1 role="parameters">
  &reftitle.parameters;
  <para>
   <variablelist>
    <varlistentry>
     <term><parameter>sealed_data</parameter></term>
     <listitem>
      <para>
      </para>
     </listitem>
    </varlistentry>
    <varlistentry>
     <term><parameter>open_data</parameter></term>
     <listitem>
      <para>
       If the call is successful the opened data is returned in this
       parameter.
      </para>
     </listitem>
    </varlistentry>
    <varlistentry>
     <term><parameter>env_key</parameter></term>
     <listitem>
      <para>
      </para>
     </listitem>
    </varlistentry>
    <varlistentry>
     <term><parameter>priv_key_id</parameter></term>
     <listitem>
      <para>
      </para>
     </listitem>
    </varlistentry>
   </variablelist>
  </para>
 </refsect1>

 <refsect1 role="returnvalues">
  &reftitle.returnvalues;
  <para>
   &return.success;
  </para>
 </refsect1>

 <refsect1 role="examples">
  &reftitle.examples;
  <para>
   <example>
    <title><function>openssl_open</function> example</title>
    <programlisting role="php">
<![CDATA[
<?php
// $sealed and $env_key are assumed to contain the sealed data
// and our envelope key, both given to us by the sealer.

// fetch private key from file and ready it
$fp = fopen("/src/openssl-0.9.6/demos/sign/key.pem", "r");
$priv_key = fread($fp, 8192);
fclose($fp);
$pkeyid = openssl_get_privatekey($priv_key);

// decrypt the data and store it in $open
if (openssl_open($sealed, $open, $env_key, $pkeyid)) {
    echo "here is the opened data: ", $open;
} else {
    echo "failed to open data";
}

// free the private key from memory
openssl_free_key($pkeyid);
?>
]]>
    </programlisting>
   </example>
  </para>
 </refsect1>

 <refsect1 role="seealso">
  &reftitle.seealso;
  <para>
   <simplelist>
    <member><function>openssl_seal</function></member>
   </simplelist>
  </para>
 </refsect1>

</refentry>

<!-- Keep this comment at the end of the file
Local variables:
mode: sgml
sgml-omittag:t
sgml-shorttag:t
sgml-minimize-attributes:nil
sgml-always-quote-attributes:t
sgml-indent-step:1
sgml-indent-data:t
indent-tabs-mode:nil
sgml-parent-document:nil
sgml-default-dtd-file:"~/.phpdoc/manual.ced"
sgml-exposed-tags:nil
sgml-local-catalogs:nil
sgml-local-ecat-files:nil
End:
vim600: syn=xml fen fdm=syntax fdl=2 si
vim: et tw=78 syn=sgml
vi: ts=1 sw=1
-->