◐ Shell
reader mode source ↗

    openssl_private_decrypt

    (PHP 4 >= 4.0.6, PHP 5, PHP 7, PHP 8)

    openssl_private_decryptDecrypts data with private key

    Description

    function openssl_private_decrypt(
        string $data,
        #[\SensitiveParameter]string &$decrypted_data,
        #[\SensitiveParameter]OpenSSLAsymmetricKey|OpenSSLCertificate|array|string $private_key,
        int $padding = OPENSSL_PKCS1_PADDING,
        ?string $digest_algo = null
    ): bool

    openssl_private_decrypt() decrypts data that was previously encrypted via openssl_public_encrypt() and stores the result into decrypted_data.

    You can use this function e.g. to decrypt data which is supposed to only be available to you.

    Parameters

    data

    decrypted_data

    private_key

    private_key must be the private key that corresponds to the public key that was used to encrypt the data.

    padding

    padding can be one of OPENSSL_PKCS1_PADDING, OPENSSL_SSLV23_PADDING, OPENSSL_PKCS1_OAEP_PADDING, OPENSSL_NO_PADDING.

    digest_algo
    The digest algorithm for OAEP padding, or null to use the default algorithm.

    Return Values

    Returns true on success or false on failure.

    Changelog

    Version Description
    8.5.0 The optional parameter digest_algo has been added.
    8.0.0 private_key accepts an OpenSSLAsymmetricKey or OpenSSLCertificate instance now; previously, a resource of type OpenSSL key or OpenSSL X.509 was accepted.

    See Also

    Found A Problem?

    Learn How To Improve This PageSubmit a Pull RequestReport a Bug
    add a note

    User Contributed Notes 1 note

    up
    12
    wfredkNOSPAM at L5DevelopmentNOSPAM dot com
    24 years ago
    Encrypt using public key, decrypt using private key.

Use this to store stuff in your database: Unless someone
has your private key, the database contents are useless.

Also, use this for sending to a specific individual:  Get
their public key, encrypt the message, only they can use
their private key to decode it.

<?php
echo "Source: $source";
$fp=fopen("/path/to/certificate.crt","r");
$pub_key=fread($fp,8192);
fclose($fp);
openssl_get_publickey($pub_key);
/*
 * NOTE:  Here you use the $pub_key value (converted, I guess)
 */
openssl_public_encrypt($source,$crypttext,$pub_key);
echo "String crypted: $crypttext";

$fp=fopen("/path/to/private.key","r");
$priv_key=fread($fp,8192);
fclose($fp);
// $passphrase is required if your key is encoded (suggested)
$res = openssl_get_privatekey($priv_key,$passphrase);
/*
 * NOTE:  Here you use the returned resource value
 */
openssl_private_decrypt($crypttext,$newsource,$res);
echo "String decrypt : $newsource";
?>
    add a note
    To Top