Index: phpdoc/ja/Translators diff -u phpdoc/ja/Translators:1.16 phpdoc/ja/Translators:1.17 --- phpdoc/ja/Translators:1.16 Thu Dec 7 15:12:13 2000 +++ phpdoc/ja/Translators Tue Dec 26 14:23:12 2000 @@ -73,6 +73,7 @@ functions/network.xml Chihiro Higuchi functions/nis.xml Rui Hirokawa functions/oci8.xml Rui Hirokawa +functions/openssl.xml Rui Hirokawa functions/oracle.xml Rui Hirokawa functions/ovrimos.xml Rui Hirokawa functions/outcontrol.xml Rui Hirokawa Index: phpdoc/ja/functions/openssl.xml +++ phpdoc/ja/functions/openssl.xml OpenSSL Functions OpenSSL This module uses the functions of OpenSSL for generation and verification of signatures and for sealing (encrypting) and opening (decrypting) data. You need to use OpenSSL >= 0.9.6 with this module. OpenSSL offers many features that this module currently doesn't support. Some of these may be added in the future. openssl_free_key Free key resource Description void openssl_free_key int key_identifier openssl_free_key frees the key associated with the specified key_identifier from memory. openssl_get_privatekey Prepare a PEM formatted private key for use Description int openssl_get_privatekey string key string passphrase Returns a positive key identifier on success, or false on error. openssl_get_privatekey parses the PEM formatted private key specified by key and prepares it for use by other functions. The optional parameter passphrase must be used if the specified key is encrypted (protected by a passphrase). openssl_get_publickey Extract public key from certificate and prepare it for use Description int openssl_get_publickey string certificate Returns a positive key identifier on success, or false on error. openssl_get_publickey extracts the public key from a X.509 certificate specified by certificate and prepares it for use by other functions. openssl_open Open sealed data Description bool openssl_open string sealed_data string open_data string env_key int priv_key_id Returns true on success, or false on error. If successful the opened data is returned in open_data. openssl_open opens (decrypts) sealed_data using the private key associtated with the key identifier priv_key_id and the envelope key env_key. The envelope key is generated when the data are sealed and can only be used by one specific private key. See openssl_seal for more information. <function>openssl_open</function> example // $sealed and $env_key are assumed to contain the sealed data // and our envelope key, both given to us by the sealer. // fetch private key from file and ready it $fp = fopen("/src/openssl-0.9.6/demos/sign/key.pem", "r"); $priv_key = fread($fp, 8192); fclose($fp); $pkeyid = openssl_get_privatekey($priv_key); // decrypt the data and store it in $open if (openssl_open($sealed, $open, $env_key, $pkeyid)) echo "here is the opened data: ", $open; else echo "failed to open data"; // free the private key from memory openssl_free_key($pkeyid); See also openssl_seal. openssl_seal Seal data Description int openssl_seal string data string sealed_data array env_keys array pub_key_ids Returns the length of the sealed data on success, or false on error. If successful the sealed data is returned in sealed_data, and the envelope keys in env_keys. openssl_seal seals (encrypts) data by using RC4 with a randomly generated secret key. The key is encrypted with each of the public keys associated with the identifiers in pub_key_ids and each encrypted key is returned in env_keys. This means that one can send sealed data to multiple recipients (provided one has obtained their public keys). Each recipient must receive both the sealed data and the envelope key that was encrypted with the recipient's public key. <function>openssl_seal</function> example // $data is assumed to contain the data to be sealed // fetch public keys for our recipients, and ready them $fp = fopen("/src/openssl-0.9.6/demos/maurice/cert.pem", "r"); $cert = fread($fp, 8192); fclose($fp); $pk1 = openssl_get_publickey($cert); // Repeat for second recipient $fp = fopen("/src/openssl-0.9.6/demos/sign/cert.pem", "r"); $cert = fread($fp, 8192); fclose($fp); $pk2 = openssl_get_publickey($cert); // seal message, only owners of $pk1 and $pk2 can decrypt $sealed with keys // $ekeys[0] and $ekeys[1] respectively. openssl_seal($data, $sealed, $ekeys, array($pk1,$pk2)); // free the keys from memory openssl_free_key($pk1); openssl_free_key($pk2); See also openssl_open. openssl_sign Sign data Description bool openssl_sign string data string signature int priv_key_id Returns true on success, or false on failure. If successful the signature is returned in signature. openssl_sign computes a signature for the specified data by using SHA1 for hashing followed by encryption using the private key associated with priv_key_id. Note that the data itself is not encrypted. <function>openssl_sign</function> example // $data is assumed to contain the data to be signed // fetch private key from file and ready it $fp = fopen("/src/openssl-0.9.6/demos/sign/key.pem", "r"); $priv_key = fread($fp, 8192); fclose($fp); $pkeyid = openssl_get_privatekey($priv_key); // compute signature openssl_sign($data, $signature, $pkeyid); // free the key from memory openssl_free_key($pkeyid); See also openssl_verify. openssl_verify Verify signature Description int openssl_verify string data string signature int pub_key_id Returns 1 if the signature is correct, 0 if it is incorrect, and -1 on error. openssl_verify verifies that the signature is correct for the specified data using the public key associated with pub_key_id. This must be the public key corresponding to the private key used for signing. <function>openssl_verify</function> example // $data and $signature are assumed to contain the data and the signature // fetch public key from certificate and ready it $fp = fopen("/src/openssl-0.9.6/demos/sign/cert.pem", "r"); $cert = fread($fp, 8192); fclose($fp); $pubkeyid = openssl_get_publickey($cert); // state whether signature is okay or not $ok = openssl_verify($data, $signature, $pubkeyid); if ($ok == 1) echo "good"; elseif ($ok == 0) echo "bad"; else echo "ugly, error checking signature"; // free the key from memory openssl_free_key($pubkeyid); See also openssl_sign.