PHP 8.4.6 Released!

    openssl_private_decrypt

    (PHP 4 >= 4.0.6, PHP 5, PHP 7, PHP 8)

    openssl_private_decryptDecrypts data with private key

    Description

    openssl_private_decrypt(
        string $data,
        #[\SensitiveParameter] string &$decrypted_data,
        #[\SensitiveParameter] OpenSSLAsymmetricKey|OpenSSLCertificate|array|string $private_key,
        int $padding = OPENSSL_PKCS1_PADDING
    ): bool

    openssl_private_decrypt() decrypts data that was previously encrypted via openssl_public_encrypt() and stores the result into decrypted_data.

    You can use this function e.g. to decrypt data which is supposed to only be available to you.

    Parameters

    data

    decrypted_data

    private_key

    private_key must be the private key that corresponds to the public key that was used to encrypt the data.

    padding

    padding can be one of OPENSSL_PKCS1_PADDING, OPENSSL_SSLV23_PADDING, OPENSSL_PKCS1_OAEP_PADDING, OPENSSL_NO_PADDING.

    Return Values

    Returns true on success or false on failure.

    Changelog

    Version Description
    8.0.0 private_key accepts an OpenSSLAsymmetricKey or OpenSSLCertificate instance now; previously, a resource of type OpenSSL key or OpenSSL X.509 was accepted.

    See Also

    Found A Problem?

    Learn How To Improve This PageSubmit a Pull RequestReport a Bug

    User Contributed Notes

    wfredkNOSPAM at L5DevelopmentNOSPAM dot com
    23 years ago
    Encrypt using public key, decrypt using private key.

    Use this to store stuff in your database: Unless someone
    has your private key, the database contents are useless.

    Also, use this for sending to a specific individual: Get
    their public key, encrypt the message, only they can use
    their private key to decode it.

    <?php
    echo "Source: $source";
    $fp=fopen("/path/to/certificate.crt","r");
    $pub_key=fread($fp,8192);
    fclose($fp);
    openssl_get_publickey($pub_key);
    /*
    * NOTE: Here you use the $pub_key value (converted, I guess)
    */
    openssl_public_encrypt($source,$crypttext,$pub_key);
    echo     "String crypted: $crypttext";

    $fp=fopen("/path/to/private.key","r");
    $priv_key=fread($fp,8192);
    fclose($fp);
    // $passphrase is required if your key is encoded (suggested)
    $res = openssl_get_privatekey($priv_key,$passphrase);
    /*
    * NOTE: Here you use the returned resource value
    */
    openssl_private_decrypt($crypttext,$newsource,$res);
    echo     "String decrypt : $newsource";
    ?>
    To Top