Php/docs/function.openssl-pkcs7-sign
openssl_pkcs7_sign
(PHP 4 >= 4.0.6, PHP 5, PHP 7)
openssl_pkcs7_sign — Sign an S/MIME message
Description
openssl_pkcs7_sign
( string $infilename
, string $outfilename
, mixed $signcert
, mixed $privkey
, array $headers
[, int $flags
= PKCS7_DETACHED
[, string $extracerts
]] ) : bool
openssl_pkcs7_sign() takes the contents of the file
named infilename
and signs them using the
certificate and its matching private key specified by
signcert
and privkey
parameters.
Parameters
infilename
- The input file you are intending to digitally sign.
outfilename
- The file which the digital signature will be written to.
signcert
- The X.509 certificate used to digitally sign infilename. See Key/Certificate parameters for a list of valid values.
privkey
privkey
is the private key corresponding to signcert. See Public/Private Key parameters for a list of valid values.headers
headers
is an array of headers that will be prepended to the data after it has been signed (see openssl_pkcs7_encrypt() for more information about the format of this parameter).flags
flags
can be used to alter the output - see PKCS7 constants.extracerts
extracerts
specifies the name of a file containing a bunch of extra certificates to include in the signature which can for example be used to help the recipient to verify the certificate that you used.
Return Values
Returns TRUE
on success or FALSE
on failure.
Examples
Example #1 openssl_pkcs7_sign() example
<?php// the message you want to sign so that recipient can be sure it was you that// sent it$data = <<<EODYou have my authorization to spend $10,000 on dinner expenses.The CEOEOD;// save message to file$fp = fopen("msg.txt", "w");fwrite($fp, $data);fclose($fp);// encrypt itif (openssl_pkcs7_sign("msg.txt", "signed.txt", "file://mycert.pem", array("file://mycert.pem", "mypassphrase"), array("To" => "[email protected]", // keyed syntax "From: HQ <[email protected]>", // indexed syntax "Subject" => "Eyes only") )) { // message signed - send it! exec(ini_get("sendmail_path") . " < signed.txt");}?>