PHP Extension
PHP Extension
Encrypt/Decrypt using PFX to produce -----BEGIN PKCS7----- ... -----END PKCS7-----
See more Encryption Examples
First we encrypt using a certificate + public key to produce output such as:-----BEGIN PKCS7----- MIIHPwYJKoZIhvcNAQcEoIIHMDCCBywC ... ... ... -----END PKCS7-----Then we decrypt using the cert + private key.
Chilkat PHP Extension Downloads
<?php
include("chilkat.php");
$success = false;
// This example requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.
$crypt = new CkCrypt2();
// Specify the encryption to be used.
// "pki" indicates "Public Key Infrastructure" and will create a PKCS7 encrypted (enveloped) message.
$crypt->put_CryptAlgorithm('pki');
$crypt->put_Pkcs7CryptAlg('aes');
$crypt->put_KeyLength(128);
$crypt->put_OaepHash('sha256');
$crypt->put_OaepPadding(true);
// A certificate is needed as the encryption key.
// Althought the PFX contains the associated private key, we don't need it for encryption.
// (A certificate usually contains the public key by default.)
$cert = new CkCert();
$success = $cert->LoadPfxFile('qa_data/pfx/cert_test123.pfx','test123');
if ($success != true) {
print $cert->lastErrorText() . "\n";
exit;
}
// Tell the crypt object to use the certificate.
$crypt->SetEncryptCert($cert);
$toBeEncrypted = 'This string is to be encrypted.';
// Get the result in multi-line BASE64 MIME format.
$crypt->put_EncodingMode('base64_mime');
$encryptedStr = $crypt->encryptStringENC($toBeEncrypted);
if ($success != true) {
print $crypt->lastErrorText() . "\n";
exit;
}
// Make a "-----BEGIN PKCS7-----" ... "-----END PKCS7-----" sandwich...
$sb = new CkStringBuilder();
$sb->AppendLine('-----BEGIN PKCS7-----',true);
$sb->Append($encryptedStr);
$sb->AppendLine('-----END PKCS7-----',true);
$outStr = $sb->getAsString();
print $outStr . "\n";
// Sample output:
// -----BEGIN PKCS7-----
// MIICXAYJKoZIhvcNAQcDoIICTTCCAkkCAQAxggH0MIIB8AIBADCBrDCBlzELMAkGA1UEBhMCR0Ix
// GzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UEBxMHU2FsZm9yZDEaMBgGA1UEChMR
// Q09NT0RPIENBIExpbWl0ZWQxPTA7BgNVBAMTNENPTU9ETyBSU0EgQ2xpZW50IEF1dGhlbnRpY2F0
// aW9uIGFuZCBTZWN1cmUgRW1haWwgQ0ECEB6M1ZwZdZU7LrAIdurulmUwOAYJKoZIhvcNAQEHMCug
// DzANBglghkgBZQMEAgEFAKEYMBYGCSqGSIb3DQEBCDAJBgUrDgMCGgUABIIBAK/BZG/iXJ8az7zL
// 8EQ77mc+oDPQ4w1hyytK2ip4djkPVvTfYhcoDQ+G/DBU+urJfrVBi5H9gmpXwYyfKlyUxBVRVEJl
// V/V5QQi4JmNTFbmgWh5tp9zDS98l6A2Va4Zs0Wy/owGLfvwitlxd1dsfVAV2hmBYS24BMpNcty5/
// 0atcKYmSou13G78ztTKdMy1tECgZy8kerMsPdDQbSxEZkT3KpQ8C5uEQqYF3bIVaeZzha/Ywieh/
// tvO0T4aAmeJufwkNdVECmU7kuhnNaVPXknFl7jeibTl6zA/VcJKBKcIYT9FRC7KjdooI8q+jtQ/V
// k6RP4POaowkFg1QWRPEWeqIwTAYJKoZIhvcNAQcBMB0GCWCGSAFlAwQBAgQQEEFQduqeJqXQXzy4
// JpkoDoAgdldJDB9zEkpMpgr5/fR2iLvh5kC6BPfhOYjsawBY4Ok=
// -----END PKCS7-----
// ----------------------------------------------------------------------------------------
// Let's Decrypt the above string.
// Start with what was produced above..
$sb->Clear();
$bCrlf = true;
$sb->AppendLine('-----BEGIN PKCS7-----',$bCrlf);
$sb->AppendLine('MIICXAYJKoZIhvcNAQcDoIICTTCCAkkCAQAxggH0MIIB8AIBADCBrDCBlzELMAkGA1UEBhMCR0Ix',$bCrlf);
$sb->AppendLine('GzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UEBxMHU2FsZm9yZDEaMBgGA1UEChMR',$bCrlf);
$sb->AppendLine('Q09NT0RPIENBIExpbWl0ZWQxPTA7BgNVBAMTNENPTU9ETyBSU0EgQ2xpZW50IEF1dGhlbnRpY2F0',$bCrlf);
$sb->AppendLine('aW9uIGFuZCBTZWN1cmUgRW1haWwgQ0ECEB6M1ZwZdZU7LrAIdurulmUwOAYJKoZIhvcNAQEHMCug',$bCrlf);
$sb->AppendLine('DzANBglghkgBZQMEAgEFAKEYMBYGCSqGSIb3DQEBCDAJBgUrDgMCGgUABIIBAK/BZG/iXJ8az7zL',$bCrlf);
$sb->AppendLine('8EQ77mc+oDPQ4w1hyytK2ip4djkPVvTfYhcoDQ+G/DBU+urJfrVBi5H9gmpXwYyfKlyUxBVRVEJl',$bCrlf);
$sb->AppendLine('V/V5QQi4JmNTFbmgWh5tp9zDS98l6A2Va4Zs0Wy/owGLfvwitlxd1dsfVAV2hmBYS24BMpNcty5/',$bCrlf);
$sb->AppendLine('0atcKYmSou13G78ztTKdMy1tECgZy8kerMsPdDQbSxEZkT3KpQ8C5uEQqYF3bIVaeZzha/Ywieh/',$bCrlf);
$sb->AppendLine('tvO0T4aAmeJufwkNdVECmU7kuhnNaVPXknFl7jeibTl6zA/VcJKBKcIYT9FRC7KjdooI8q+jtQ/V',$bCrlf);
$sb->AppendLine('k6RP4POaowkFg1QWRPEWeqIwTAYJKoZIhvcNAQcBMB0GCWCGSAFlAwQBAgQQEEFQduqeJqXQXzy4',$bCrlf);
$sb->AppendLine('JpkoDoAgdldJDB9zEkpMpgr5/fR2iLvh5kC6BPfhOYjsawBY4Ok=',$bCrlf);
$sb->AppendLine('-----END PKCS7-----',$bCrlf);
$decrypt = new CkCrypt2();
$decrypt->put_CryptAlgorithm('pki');
// Use the same cert + private key from the PFX above.
// For decryption, we need the private key. Given that the certificate was loaded from a PFX,
// we should already have it.
$success = $decrypt->SetDecryptCert($cert);
$decrypt->put_EncodingMode('base64');
$decryptedText = $decrypt->decryptStringENC($sb->getBetween('-----BEGIN PKCS7-----','-----END PKCS7-----'));
print $decryptedText . "\n";
?>