openssl_pkcs7_sign

openssl_pkcs7_sign

Sign an S/MIME message

bool **openssl_pkcs7_sign** string $input_filename string $output_filename  $certificate  $private_key  $headers int $flags  $untrusted_certificates_filename

takes the contents of the file

named and signs them using the certificate and its matching private key specified by and parameters. openssl_pkcs7_sign``input_filename``certificate``private_key

input_filenameThe input file you are intending to digitally sign.

output_filenameThe file which the digital signature will be written to.

certificate The X.509 certificate used to digitally sign . See for a list of valid values. input_filenameKey/Certificate parameters

private_key is the private key corresponding to . See for a list of valid values. private_key``certificatePublic/Private Key parameters

headers is an array of headers that will be prepended to the data after it has been signed (see for more information about the format of this parameter). headers``openssl_pkcs7_encrypt

flags can be used to alter the output - see . flagsPKCS7 constants

untrusted_certificates_filename specifies the name of a file containing a bunch of extra certificates to include in the signature which can for example be used to help the recipient to verify the certificate that you used. untrusted_certificates_filename

return.success

Voorbeeld: example

<?php
// the message you want to sign so that recipient can be sure it was you that
// sent it
$data = <<<EOD

You have my authorization to spend $10,000 on dinner expenses.

The CEO
EOD;
// save message to file
$fp = fopen("msg.txt", "w");
fwrite($fp, $data);
fclose($fp);
// encrypt it
if (openssl_pkcs7_sign("msg.txt", "signed.txt", "file://mycert.pem",
    array("file://mycert.pem", "mypassphrase"),
    array("To" => "joes@example.com", // keyed syntax
          "From: HQ <ceo@example.com>", // indexed syntax
          "Subject" => "Eyes only")
    )) {
    // message signed - send it!
    exec(ini_get("sendmail_path") . " < signed.txt");
}
?>