PHP Extension
PHP Extension
Encrypt a file to a PKCS7 encrypted message using multiple certificates from different users
See more Encryption Examples
Demonstrates how to encrypt a file to a PKCS7 encrypted message using multiple certificates from different users. Any one of the users can decrypt using his/her own certificate + private key.Note: When doing public key encryption, it is the public key that is used to encrypt. The private key is required for decryption.
Chilkat PHP Extension Downloads
<?php
include("chilkat.php");
$success = false;
// This example requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.
$crypt = new CkCrypt2();
// Tell the crypt object to use 3 certificates.
// Do this by calling AddEncryptCert for each certificate.
// Load a digital certificate.
// We don't need the private key for encryption.
// Only the public key is needed (which is included in a certificate).
$cert1 = new CkCert();
$success = $cert1->LoadFromFile('qa_data/user1/cert_user1.pem');
// Assume success for the example, but make sure your application checks for success/failure...
$crypt->AddEncryptCert($cert1);
$cert2 = new CkCert();
$success = $cert2->LoadFromFile('qa_data/user2/cert_user2.pem');
$crypt->AddEncryptCert($cert2);
$cert3 = new CkCert();
$success = $cert3->LoadFromFile('qa_data/user3/cert_user3.pem');
$crypt->AddEncryptCert($cert3);
// Indicate that we want PKI encryption (i.e. public-key infrastructure)
// to produce a CMS message (Cryptographic Message Syntax/PKCS7),
// that is be created with RSAES-OAEP padding, SHA256, and AES-128 for the
// bulk encryption.
$crypt->put_CryptAlgorithm('pki');
$crypt->put_Pkcs7CryptAlg('aes');
$crypt->put_KeyLength(128);
$crypt->put_OaepHash('sha256');
$crypt->put_OaepPadding(true);
// Load the file to be encrypted...
$fileData = new CkBinData();
$success = $fileData->LoadFile('qa_data/jpg/penguins.jpg');
// Your app should check for success/failure..
// Encrypt the data. The contents of the fileData object are replaced with the PKCS7 encrypted message.
$success = $crypt->EncryptBd($fileData);
if ($success != true) {
print $crypt->lastErrorText() . "\n";
exit;
}
// Save the PKCS7 encrypted message to a file..
$success = $fileData->WriteFile('qa_output/pkcs7_encrypted.p7');
// Now indicate that the PKCS7 output is to be returned in the base64 encoding.
$crypt->put_EncodingMode('base64');
print 'OK.' . "\n";
?>