Sample code for 30+ languages & platforms
PHP Extension

Encrypt/Decrypt using PFX to produce -----BEGIN PKCS7----- ... -----END PKCS7-----

See more Encryption Examples

First we encrypt using a certificate + public key to produce output such as:
-----BEGIN PKCS7-----
MIIHPwYJKoZIhvcNAQcEoIIHMDCCBywC ...
...
...
-----END PKCS7-----
Then we decrypt using the cert + private key.

Chilkat PHP Extension Downloads

PHP Extension
<?php

include("chilkat.php");

$success = false;

// This example requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.

$crypt = new CkCrypt2();

// Specify the encryption to be used.
// "pki" indicates "Public Key Infrastructure" and will create a PKCS7 encrypted (enveloped) message.
$crypt->put_CryptAlgorithm('pki');
$crypt->put_Pkcs7CryptAlg('aes');
$crypt->put_KeyLength(128);
$crypt->put_OaepHash('sha256');
$crypt->put_OaepPadding(true);

// A certificate is needed as the encryption key.
// Althought the PFX contains the associated private key, we don't need it for encryption.
// (A certificate usually contains the public key by default.)
$cert = new CkCert();
$success = $cert->LoadPfxFile('qa_data/pfx/cert_test123.pfx','test123');
if ($success != true) {
    print $cert->lastErrorText() . "\n";
    exit;
}

// Tell the crypt object to use the certificate.
$crypt->SetEncryptCert($cert);

$toBeEncrypted = 'This string is to be encrypted.';

// Get the result in multi-line BASE64 MIME format.
$crypt->put_EncodingMode('base64_mime');

$encryptedStr = $crypt->encryptStringENC($toBeEncrypted);
if ($success != true) {
    print $crypt->lastErrorText() . "\n";
    exit;
}

// Make a "-----BEGIN PKCS7-----" ... "-----END PKCS7-----" sandwich...
$sb = new CkStringBuilder();
$sb->AppendLine('-----BEGIN PKCS7-----',true);
$sb->Append($encryptedStr);
$sb->AppendLine('-----END PKCS7-----',true);

$outStr = $sb->getAsString();

print $outStr . "\n";

// Sample output:

// -----BEGIN PKCS7-----
// MIICXAYJKoZIhvcNAQcDoIICTTCCAkkCAQAxggH0MIIB8AIBADCBrDCBlzELMAkGA1UEBhMCR0Ix
// GzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UEBxMHU2FsZm9yZDEaMBgGA1UEChMR
// Q09NT0RPIENBIExpbWl0ZWQxPTA7BgNVBAMTNENPTU9ETyBSU0EgQ2xpZW50IEF1dGhlbnRpY2F0
// aW9uIGFuZCBTZWN1cmUgRW1haWwgQ0ECEB6M1ZwZdZU7LrAIdurulmUwOAYJKoZIhvcNAQEHMCug
// DzANBglghkgBZQMEAgEFAKEYMBYGCSqGSIb3DQEBCDAJBgUrDgMCGgUABIIBAK/BZG/iXJ8az7zL
// 8EQ77mc+oDPQ4w1hyytK2ip4djkPVvTfYhcoDQ+G/DBU+urJfrVBi5H9gmpXwYyfKlyUxBVRVEJl
// V/V5QQi4JmNTFbmgWh5tp9zDS98l6A2Va4Zs0Wy/owGLfvwitlxd1dsfVAV2hmBYS24BMpNcty5/
// 0atcKYmSou13G78ztTKdMy1tECgZy8kerMsPdDQbSxEZkT3KpQ8C5uEQqYF3bIVaeZzha/Ywieh/
// tvO0T4aAmeJufwkNdVECmU7kuhnNaVPXknFl7jeibTl6zA/VcJKBKcIYT9FRC7KjdooI8q+jtQ/V
// k6RP4POaowkFg1QWRPEWeqIwTAYJKoZIhvcNAQcBMB0GCWCGSAFlAwQBAgQQEEFQduqeJqXQXzy4
// JpkoDoAgdldJDB9zEkpMpgr5/fR2iLvh5kC6BPfhOYjsawBY4Ok=
// -----END PKCS7-----

// ----------------------------------------------------------------------------------------
// Let's Decrypt the above string.

// Start with what was produced above..
$sb->Clear();
$bCrlf = true;
$sb->AppendLine('-----BEGIN PKCS7-----',$bCrlf);
$sb->AppendLine('MIICXAYJKoZIhvcNAQcDoIICTTCCAkkCAQAxggH0MIIB8AIBADCBrDCBlzELMAkGA1UEBhMCR0Ix',$bCrlf);
$sb->AppendLine('GzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UEBxMHU2FsZm9yZDEaMBgGA1UEChMR',$bCrlf);
$sb->AppendLine('Q09NT0RPIENBIExpbWl0ZWQxPTA7BgNVBAMTNENPTU9ETyBSU0EgQ2xpZW50IEF1dGhlbnRpY2F0',$bCrlf);
$sb->AppendLine('aW9uIGFuZCBTZWN1cmUgRW1haWwgQ0ECEB6M1ZwZdZU7LrAIdurulmUwOAYJKoZIhvcNAQEHMCug',$bCrlf);
$sb->AppendLine('DzANBglghkgBZQMEAgEFAKEYMBYGCSqGSIb3DQEBCDAJBgUrDgMCGgUABIIBAK/BZG/iXJ8az7zL',$bCrlf);
$sb->AppendLine('8EQ77mc+oDPQ4w1hyytK2ip4djkPVvTfYhcoDQ+G/DBU+urJfrVBi5H9gmpXwYyfKlyUxBVRVEJl',$bCrlf);
$sb->AppendLine('V/V5QQi4JmNTFbmgWh5tp9zDS98l6A2Va4Zs0Wy/owGLfvwitlxd1dsfVAV2hmBYS24BMpNcty5/',$bCrlf);
$sb->AppendLine('0atcKYmSou13G78ztTKdMy1tECgZy8kerMsPdDQbSxEZkT3KpQ8C5uEQqYF3bIVaeZzha/Ywieh/',$bCrlf);
$sb->AppendLine('tvO0T4aAmeJufwkNdVECmU7kuhnNaVPXknFl7jeibTl6zA/VcJKBKcIYT9FRC7KjdooI8q+jtQ/V',$bCrlf);
$sb->AppendLine('k6RP4POaowkFg1QWRPEWeqIwTAYJKoZIhvcNAQcBMB0GCWCGSAFlAwQBAgQQEEFQduqeJqXQXzy4',$bCrlf);
$sb->AppendLine('JpkoDoAgdldJDB9zEkpMpgr5/fR2iLvh5kC6BPfhOYjsawBY4Ok=',$bCrlf);
$sb->AppendLine('-----END PKCS7-----',$bCrlf);

$decrypt = new CkCrypt2();
$decrypt->put_CryptAlgorithm('pki');

// Use the same cert + private key from the PFX above.
// For decryption, we need the private key.  Given that the certificate was loaded from a PFX,
// we should already have it.
$success = $decrypt->SetDecryptCert($cert);

$decrypt->put_EncodingMode('base64');
$decryptedText = $decrypt->decryptStringENC($sb->getBetween('-----BEGIN PKCS7-----','-----END PKCS7-----'));

print $decryptedText . "\n";

?>