...

...

@@ -1,6 +1,6 @@

1

1

<?xml version="1.0" encoding="utf-8"?>

2

2

<!-- $Revision$ -->

3

-

<refentry xmlns="http://docbook.org/ns/docbook" xml:id="function.openssl-pkcs7-sign">

3

+

<refentry xml:id="function.openssl-pkcs7-sign" xmlns="http://docbook.org/ns/docbook">

4

4

<refnamediv>

5

5

<refname>openssl_pkcs7_sign</refname>

6

6

<refpurpose>Sign an S/MIME message</refpurpose>

...

...

@@ -10,19 +10,19 @@

10

10

&reftitle.description;

11

11

<methodsynopsis>

12

12

<type>bool</type><methodname>openssl_pkcs7_sign</methodname>

13

-

<methodparam><type>string</type><parameter>infilename</parameter></methodparam>

14

-

<methodparam><type>string</type><parameter>outfilename</parameter></methodparam>

15

-

<methodparam><type>mixed</type><parameter>signcert</parameter></methodparam>

16

-

<methodparam><type>mixed</type><parameter>privkey</parameter></methodparam>

17

-

<methodparam><type>array</type><parameter>headers</parameter></methodparam>

18

-

<methodparam choice="opt"><type>int</type><parameter>flags</parameter><initializer>PKCS7_DETACHED</initializer></methodparam>

19

-

<methodparam choice="opt"><type>string</type><parameter>extracerts</parameter></methodparam>

13

+

<methodparam><type>string</type><parameter>input_filename</parameter></methodparam>

14

+

<methodparam><type>string</type><parameter>output_filename</parameter></methodparam>

15

+

<methodparam><type class="union"><type>OpenSSLCertificate</type><type>string</type></type><parameter>certificate</parameter></methodparam>

16

+

<methodparam><type class="union"><type>OpenSSLAsymmetricKey</type><type>OpenSSLCertificate</type><type>array</type><type>string</type></type><parameter>private_key</parameter></methodparam>

17

+

<methodparam><type class="union"><type>array</type><type>null</type></type><parameter>headers</parameter></methodparam>

18

+

<methodparam choice="opt"><type>int</type><parameter>flags</parameter><initializer><constant>PKCS7_DETACHED</constant></initializer></methodparam>

19

+

<methodparam choice="opt"><type class="union"><type>string</type><type>null</type></type><parameter>untrusted_certificates_filename</parameter><initializer>&null;</initializer></methodparam>

20

20

</methodsynopsis>

21

21

<para>

22

22

<function>openssl_pkcs7_sign</function> takes the contents of the file

23

-

named <parameter>infilename</parameter> and signs them using the

23

+

named <parameter>input_filename</parameter> and signs them using the

24

24

certificate and its matching private key specified by

25

-

<parameter>signcert</parameter> and <parameter>privkey</parameter>

25

+

<parameter>certificate</parameter> and <parameter>private_key</parameter>

26

26

parameters.

27

27

</para>

28

28

</refsect1>

...

...

@@ -32,30 +32,36 @@

32

32

<para>

33

33

<variablelist>

34

34

<varlistentry>

35

-

<term><parameter>infilename</parameter></term>

35

+

<term><parameter>input_filename</parameter></term>

36

36

<listitem>

37

37

<para>

38

+

The input file you are intending to digitally sign.

38

39

</para>

39

40

</listitem>

40

41

</varlistentry>

41

42

<varlistentry>

42

-

<term><parameter>outfilename</parameter></term>

43

+

<term><parameter>output_filename</parameter></term>

43

44

<listitem>

44

45

<para>

46

+

The file which the digital signature will be written to.

45

47

</para>

46

48

</listitem>

47

49

</varlistentry>

48

50

<varlistentry>

49

-

<term><parameter>signcert</parameter></term>

51

+

<term><parameter>certificate</parameter></term>

50

52

<listitem>

51

53

<para>

54

+

The X.509 certificate used to digitally sign <parameter>input_filename</parameter>.

55

+

See <link linkend="openssl.certparams">Key/Certificate parameters</link> for a list of valid values.

52

56

</para>

53

57

</listitem>

54

58

</varlistentry>

55

59

<varlistentry>

56

-

<term><parameter>privkey</parameter></term>

60

+

<term><parameter>private_key</parameter></term>

57

61

<listitem>

58

62

<para>

63

+

<parameter>private_key</parameter> is the private key corresponding to <parameter>certificate</parameter>.

64

+

See <link linkend="openssl.certparams">Public/Private Key parameters</link> for a list of valid values.

59

65

</para>

60

66

</listitem>

61

67

</varlistentry>

...

...

@@ -74,16 +80,15 @@

74

80

<term><parameter>flags</parameter></term>

75

81

<listitem>

76

82

<para>

77

-

<parameter>flags</parameter> can be used to alter the output - see <link

78

-

linkend="openssl.pkcs7.flags">PKCS7 constants</link>.

83

+

<parameter>flags</parameter> can be used to alter the output - see <link linkend="openssl.pkcs7.flags">PKCS7 constants</link>.

79

84

</para>

80

85

</listitem>

81

86

</varlistentry>

82

87

<varlistentry>

83

-

<term><parameter>extracerts</parameter></term>

88

+

<term><parameter>untrusted_certificates_filename</parameter></term>

84

89

<listitem>

85

90

<para>

86

-

<parameter>extracerts</parameter> specifies the name of a file containing

91

+

<parameter>untrusted_certificates_filename</parameter> specifies the name of a file containing

87

92

a bunch of extra certificates to include in the signature which can for

88

93

example be used to help the recipient to verify the certificate that you used.

89

94

</para>

...

...

@@ -100,6 +105,38 @@

100

105

</para>

101

106

</refsect1>

102

107

108

+

<refsect1 role="changelog">

109

+

&reftitle.changelog;

110

+

<informaltable>

111

+

<tgroup cols="2">

112

+

<thead>

113

+

<row>

114

+

<entry>&Version;</entry>

115

+

<entry>&Description;</entry>

116

+

</row>

117

+

</thead>

118

+

<tbody>

119

+

<row>

120

+

<entry>8.0.0</entry>

121

+

<entry>

122

+

<parameter>certificate</parameter> accepts an <classname>OpenSSLCertificate</classname> instance now;

123

+

previously, a &resource; of type <literal>OpenSSL X.509 CSR</literal> was accepted.

124

+

</entry>

125

+

</row>

126

+

<row>

127

+

<entry>8.0.0</entry>

128

+

<entry>

129

+

<parameter>private_key</parameter> accepts an <classname>OpenSSLAsymmetricKey</classname>

130

+

or <classname>OpenSSLCertificate</classname> instance now;

131

+

previously, a &resource; of type <literal>OpenSSL key</literal> or <literal>OpenSSL X.509 CSR</literal>

132

+

was accepted.

133

+

</entry>

134

+

</row>

135

+

</tbody>

136

+

</tgroup>

137

+

</informaltable>

138

+

</refsect1>

139

+

103

140

<refsect1 role="examples">

104

141

&reftitle.examples;

105

142

<para>

...

...

@@ -121,7 +158,7 @@ $fp = fopen("msg.txt", "w");

121

158

fwrite($fp, $data);

122

159

fclose($fp);

123

160

// encrypt it

124

-

if (openssl_pkcs7_sign("msg.txt", "signed.txt", "mycert.pem",

161

+

if (openssl_pkcs7_sign("msg.txt", "signed.txt", "file://mycert.pem",

125

162

array("file://mycert.pem", "mypassphrase"),

126

163

array("To" => "joes@example.com", // keyed syntax

127

164

"From: HQ <ceo@example.com>", // indexed syntax

...

...

@@ -138,7 +175,6 @@ if (openssl_pkcs7_sign("msg.txt", "signed.txt", "mycert.pem",

138

175

</refsect1>

139

176

140

177

</refentry>

141

-

142

178

<!-- Keep this comment at the end of the file

143

179

Local variables:

144

180

mode: sgml

145

181