PHP openssl_seal函数代码示例

 public function seal($data)
 {
     $key = $this->_getKeyResource();
     if (openssl_seal($data, $sealed, $ekeys, array($key)) === false) {
         throw new Relax_Openssl_Exception("Error sealing: " . openssl_error_string());
     }
     return array($sealed, $ekeys[0]);
 }

 /**
  *
  * @param string $data
  * @param string $publicKey
  * @return string
  */
 public function encryptData($data, $publicKey)
 {
     $cryptedData = null;
     $envelopeKeys = null;
     openssl_seal($data, $cryptedData, $envelopeKeys, array($publicKey));
     $envelopeKey = $envelopeKeys[0];
     $crypted = base64_encode($envelopeKey) . ':' . base64_encode($cryptedData);
     return $crypted;
 }

    public static function seal($myData, $publicKey)
    {
        openssl_seal($myData, $sealed, $ekeys, array($publicKey));

        $sealed = base64_encode($sealed);
        $Xevk = base64_encode($ekeys[0]);

        return $sealed . '@' . $Xevk;
    }

 public function encryptMessage($message)
 {
     $cipher = $e = null;
     // These are passed by reference, so they are changed after the seal
     openssl_seal($message, $cipher, $e, [$this->publicKey]);
     $this->sealedData = base64_encode($cipher);
     $this->envelope = base64_encode($e[0]);
     // These must either be stored in a database or in a file somewhere.
 }

 public function seal($data, array $pubKeys)
 {
     $sealed = null;
     $ekeys = [];
     openssl_seal($data, $sealed, $ekeys, $pubKeys);
     array_walk($ekeys, function (&$key) {
         $key = $this->encode($key);
     });
     return ['sealed' => $this->encode($sealed), 'keys' => $ekeys];
 }

 /**
  * Encrypts data with the supplied public key object and returns an EncryptedData object containing
  * the encrypted data with the key.
  *
  * @param string $data
  * @param Pub $key
  * @return EncryptedData
  */
 public function encrypt($data, Pub $key)
 {
     $encData = '';
     $encKeys = array();
     if (!openssl_seal($data, $encData, $encKeys, array($key->asResource()))) {
         throw new \Exception(sprintf("Error encrypting data with public key: %s", openssl_error_string()));
     }
     $encKey = $encKeys[0];
     require_once 'OpenSslCrypt/EncryptedData.php';
     return new EncryptedData($encKey, $encData);
 }

 /**
  * Encrypt data with the <em>public</em> key of the recipient.
  * Will be encrypted using openssl_seal.
  *
  * @param $data string The data to encrypt
  * @param $key string The public key for encryption (as PEM formatted string)
  * @return string The encrypted data
  */
 public function encrypt($data, $publicKey)
 {
     $publicKey = $this->decodeKey($publicKey);
     if (empty($publicKey)) {
         throw new \Exception('Public key missing', 1423738632);
     }
     openssl_seal($data, $cryptedData, $envelopeKeys, array($publicKey));
     $envelopeKey = $envelopeKeys[0];
     $crypted = base64_encode($envelopeKey) . ':' . base64_encode($cryptedData);
     return $crypted;
 }

/**
 * encrypt text usgin RSA RC4 algorithm
 * @param string $plaintext some plain text
 * @return RSA encrypted text 
 *
 */
function cifrar_RSA_RC4($plaintext) {
    $publicKey = openssl_pkey_get_public('file://' . $_SESSION['APP_PATH'] . 'backend/public.key'); // obtiene la clave publica 
    $encrypted = '';
    $a_envelope = array(); // array para almacenar clave de descifrado
    $a_key = array($publicKey); // obtiene la clave
    if (openssl_seal($plaintext, $encrypted, $a_envelope, $a_key) === FALSE)
        die('Failed to encrypt data'); // trata de descifrar
    openssl_free_key($publicKey);
    // devuelve un array con el dato cifrado y una clave de descifrado en base64
    $data = array('data' => base64_encode($encrypted), 'envelope' => base64_encode($a_envelope[0]));
    return $data;
}

 /**
  * Get environment and request data as encrypted base64 string.
  * 
  * @param array
  * @param string
  * @return string
  */
 public static function encrypt($data, $public)
 {
     self::checkAvailability();
     $message = sprintf("Exception [%s]: %s\n URL: %s\n\n%s", $data['exception'], $data['message'], $data['request'], $data['trace']);
     $public = openssl_pkey_get_public($public);
     if (!$public) {
         throw new \RuntimeException('Public key can not be loaded.');
     }
     $encrypted = '';
     $envelopes = [];
     if (!openssl_seal($message, $encrypted, $envelopes, [$public])) {
         throw new \RuntimeException('Data can not be encrypted.');
     }
     return base64_encode(serialize([$envelopes[0], $encrypted]));
 }

 /**
  * Encode data in json and send with APP CYD pubkey
  * @param type $data : data array
  * @return string : encoded string
  */
 public static function encodeData($data)
 {
     $retour = false;
     // Get APP public key
     $dir = dirname(__FILE__);
     $pubkey = openssl_pkey_get_public('file://' . $dir . '/ssl/publickey.cer');
     // encoding
     if ($pubkey !== false) {
         $ekeys = array();
         $crypted = '';
         if (openssl_seal(Tools::jsonEncode($data), $crypted, $ekeys, array($pubkey))) {
             $retour = array('key' => urlencode($ekeys[0]), 'data' => urlencode($crypted));
         }
         openssl_free_key($pubkey);
     }
     return $retour;
 }

 /**
  * @param string $plainContent
  * @param array $keyFiles
  * @return array
  * @throws MultiKeyEncryptException
  */
 public function multiKeyEncrypt($plainContent, array $keyFiles)
 {
     // openssl_seal returns false without errors if plaincontent is empty
     // so trigger our own error
     if (empty($plainContent)) {
         throw new MultiKeyEncryptException('Cannot multikeyencrypt empty plain content');
     }
     // Set empty vars to be set by openssl by reference
     $sealed = '';
     $shareKeys = [];
     $mappedShareKeys = [];
     if (openssl_seal($plainContent, $sealed, $shareKeys, $keyFiles)) {
         $i = 0;
         // Ensure each shareKey is labelled with its corresponding key id
         foreach ($keyFiles as $userId => $publicKey) {
             $mappedShareKeys[$userId] = $shareKeys[$i];
             $i++;
         }
         return ['keys' => $mappedShareKeys, 'data' => $sealed];
     } else {
         throw new MultiKeyEncryptException('multikeyencryption failed ' . openssl_error_string());
     }
 }

 /**
  * Encrypts the passed data using public key encryption via OpenSSL
  * 
  * A public key (X.509 certificate) is required for encryption and a
  * private key (PEM) is required for decryption.
  * 
  * @param  string $plaintext        The content to be encrypted
  * @param  string $public_key_file  The path to an X.509 public key certificate
  * @return string  A base-64 encoded result containing a Flourish fingerprint and suitable for decryption using ::publicKeyDecrypt()
  */
 public static function publicKeyEncrypt($plaintext, $public_key_file)
 {
     self::verifyPublicKeyEnvironment();
     $public_key_resource = self::createPublicKeyResource($public_key_file);
     $ciphertext = '';
     $encrypted_keys = array();
     $result = openssl_seal($plaintext, $ciphertext, $encrypted_keys, array($public_key_resource));
     openssl_free_key($public_key_resource);
     if ($result === FALSE) {
         throw new fEnvironmentException('There was an unknown error encrypting the plaintext provided');
     }
     $hmac = hash_hmac('sha1', $encrypted_keys[0] . $ciphertext, $plaintext);
     return 'fCryptography::public#' . base64_encode($encrypted_keys[0]) . '#' . base64_encode($ciphertext) . '#' . $hmac;
 }

<?php

$pubkey = openssl_pkey_get_public(file_get_contents('selfcert.pem'));
$privkey = openssl_pkey_get_private(file_get_contents('privkey.pem'));
$message = 'hello,world';
$cipher_text = NULL;
$plain_text = NULL;
$keys = NULL;
openssl_seal($message, $cipher_text, $keys, array($pubkey));
$file = fopen('wrapped.bin', 'wb');
fwrite($file, $keys[0]);
fclose($file);
$file = fopen('data.bin', 'wb');
fwrite($file, $cipher_text);
fclose($file);

 /**
  * Seal data using this public key. This method returns two strings,
  * the first one being the encoded data, the second a key that has to
  * be passed to the recipient, too.
  *
  * @param   string data
  * @return  string[] first element is data, second is the key
  * @throws  security.crypto.CryptoException if the operation fails
  */
 public function seal($data)
 {
     if (FALSE === openssl_seal($data, $sealed, $keys, array($this->_hdl))) {
         throw new CryptoException('Could not seal data', OpenSslUtil::getErrors());
     }
     return array($sealed, $keys[0]);
 }

<?php

$data = "openssl_seal() test";
$cipher = 'AES-128-CBC';
$pub_key = "file://" . dirname(__FILE__) . "/public.key";
$priv_key = "file://" . dirname(__FILE__) . "/private.key";
openssl_seal($data, $sealed, $ekeys, array($pub_key, $pub_key), $cipher);
openssl_seal($data, $sealed, $ekeys, array($pub_key, $pub_key), 'sparkles', $iv);
openssl_seal($data, $sealed, $ekeys, array($pub_key, $pub_key), $cipher, $iv);
openssl_open($sealed, $decrypted, $ekeys[0], $priv_key, $cipher, $iv);
echo $decrypted;