Sample code for 30+ languages & platforms
PHP Extension

Encrypt File using X.509 Certificate using AES in CBC Mode

See more Encryption Examples

Demonstrates how to encrypt a file using an X.509 Certificate's public key, where the underlying bulk encryption algorithm is 128-bit AES in CBC mode. (The underlying bulk encryption algorithm can be specified to be other algorithms/strengths.)

Chilkat PHP Extension Downloads

PHP Extension
<?php

include("chilkat.php");

$success = false;

// This example requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.

$crypt = new CkCrypt2();

// Use public-key cryptography for encryption.
$crypt->put_CryptAlgorithm('pki');

// Get an X.509 certificate to use for encrypting.
// Note: Chilkat provides many different ways of loading a certificate, from many different formats,
// or if on Windows, from the installed certificates on the system.
// This example simply loads a certificate from a file.
// Also, for encryption, only the public key is needed.  Digital certificates embed the public key
// within the X.509 format itself.  Therefore, if you have a certificate, you also have the public key.
$cert = new CkCert();
$success = $cert->LoadFromFile('qa_data/certs/testCert.cer');
if ($success != true) {
    print $cert->lastErrorText() . "\n";
    exit;
}

$success = $crypt->SetEncryptCert($cert);
if ($success != true) {
    print $crypt->lastErrorText() . "\n";
    exit;
}

// Indicate the underlying bulk encryption algorithm to be used:
$crypt->put_Pkcs7CryptAlg('aes');
$crypt->put_KeyLength(128);

// Note: When doing public-key encryption the underlying bulk symmetric cipher mode will always be CBC. (at least with Chilkat...)

// There's one last option that could be set.  If is the RSA encryption encryption/padding scheme. 
// By default, RSAES_PKCS1-V1_5 is used.  If desired, the OaepPadding property could be set to true to
// use RSAES_OAEP.  (We'll leave it set at the default value of false)
$crypt->put_OaepPadding(false);

// Everything is specified.  Now just encrypt...
// The output is PKCS7 in binary DER format.
$success = $crypt->CkEncryptFile('qa_data/hamlet.xml','qa_output/hamlet.p7');
if ($success != true) {
    print $crypt->lastErrorText() . "\n";
    exit;
}

print 'Finished.' . "\n";

?>