reference/openssl/functions/openssl-seal.xml
d1e3ea622e5d4f542cd36eca59a9f22aa0142633
d1e3ea622e5d4f542cd36eca59a9f22aa0142633
...
...
@@ -1,6 +1,6 @@
1
1
<?xml version="1.0" encoding="utf-8"?>
2
2
<!-- $Revision$ -->
3
-
<refentry xmlns="http://docbook.org/ns/docbook" xml:id="function.openssl-seal">
3
+
<refentry xml:id="function.openssl-seal" xmlns="http://docbook.org/ns/docbook">
4
4
<refnamediv>
5
5
<refname>openssl_seal</refname>
6
6
<refpurpose>Seal (encrypt) data</refpurpose>
...
...
@@ -9,20 +9,21 @@
9
9
<refsect1 role="description">
10
10
&reftitle.description;
11
11
<methodsynopsis>
12
-
<type>int</type><methodname>openssl_seal</methodname>
12
+
<type class="union"><type>int</type><type>false</type></type><methodname>openssl_seal</methodname>
13
13
<methodparam><type>string</type><parameter>data</parameter></methodparam>
14
14
<methodparam><type>string</type><parameter role="reference">sealed_data</parameter></methodparam>
15
-
<methodparam><type>array</type><parameter role="reference">env_keys</parameter></methodparam>
16
-
<methodparam><type>array</type><parameter>pub_key_ids</parameter></methodparam>
17
-
<methodparam choice="opt"><type>string</type><parameter>method</parameter><initializer>"RC4"</initializer></methodparam>
15
+
<methodparam><type>array</type><parameter role="reference">encrypted_keys</parameter></methodparam>
16
+
<methodparam><type>array</type><parameter>public_key</parameter></methodparam>
17
+
<methodparam><type>string</type><parameter>cipher_algo</parameter></methodparam>
18
+
<methodparam choice="opt"><type>string</type><parameter role="reference">iv</parameter><initializer>&null;</initializer></methodparam>
18
19
</methodsynopsis>
19
20
<para>
20
21
<function>openssl_seal</function> seals (encrypts)
21
-
<parameter>data</parameter> by using the given <parameter>method</parameter> with a randomly generated
22
+
<parameter>data</parameter> by using the given <parameter>cipher_algo</parameter> with a randomly generated
22
23
secret key. The key is encrypted with each of the public keys
23
-
associated with the identifiers in <parameter>pub_key_ids</parameter>
24
+
associated with the identifiers in <parameter>public_key</parameter>
24
25
and each encrypted key is returned
25
-
in <parameter>env_keys</parameter>. This means that one can send
26
+
in <parameter>encrypted_keys</parameter>. This means that one can send
26
27
sealed data to multiple recipients (provided one has obtained their
27
28
public keys). Each recipient must receive both the sealed data and
28
29
the envelope key that was encrypted with the recipient's public key.
...
...
@@ -50,7 +51,7 @@
50
51
</listitem>
51
52
</varlistentry>
52
53
<varlistentry>
53
-
<term><parameter>env_keys</parameter></term>
54
+
<term><parameter>encrypted_keys</parameter></term>
54
55
<listitem>
55
56
<para>
56
57
Array of encrypted keys.
...
...
@@ -58,18 +59,32 @@
58
59
</listitem>
59
60
</varlistentry>
60
61
<varlistentry>
61
-
<term><parameter>pub_key_ids</parameter></term>
62
+
<term><parameter>public_key</parameter></term>
62
63
<listitem>
63
64
<para>
64
-
Array of public key resource identifiers.
65
+
Array of <classname>OpenSSLAsymmetricKey</classname> instances containing public keys.
65
66
</para>
66
67
</listitem>
67
68
</varlistentry>
68
69
<varlistentry>
69
-
<term><parameter>method</parameter></term>
70
+
<term><parameter>cipher_algo</parameter></term>
70
71
<listitem>
71
72
<para>
72
73
The cipher method.
74
+
<caution>
75
+
<simpara>
76
+
The default value (<literal>'RC4'</literal>) is considered insecure.
77
+
It is strongly recommended to explicitly specify a secure cipher method.
78
+
</simpara>
79
+
</caution>
80
+
</para>
81
+
</listitem>
82
+
</varlistentry>
83
+
<varlistentry>
84
+
<term><parameter>iv</parameter></term>
85
+
<listitem>
86
+
<para>
87
+
The initialization vector.
73
88
</para>
74
89
</listitem>
75
90
</varlistentry>
...
...
@@ -83,10 +98,47 @@
83
98
Returns the length of the sealed data on success, or &false; on error.
84
99
If successful the sealed data is returned in
85
100
<parameter>sealed_data</parameter>, and the envelope keys in
86
-
<parameter>env_keys</parameter>.
101
+
<parameter>encrypted_keys</parameter>.
87
102
</para>
88
103
</refsect1>
89
104
105
+
<refsect1 role="changelog">
106
+
&reftitle.changelog;
107
+
<informaltable>
108
+
<tgroup cols="2">
109
+
<thead>
110
+
<row>
111
+
<entry>&Version;</entry>
112
+
<entry>&Description;</entry>
113
+
</row>
114
+
</thead>
115
+
<tbody>
116
+
<row>
117
+
<entry>8.0.0</entry>
118
+
<entry>
119
+
<parameter>public_key</parameter> accepts an &array; of
120
+
<classname>OpenSSLAsymmetricKey</classname> instances now;
121
+
previously, an &array; of &resource;s of type <literal>OpenSSL key</literal>
122
+
was accepted.
123
+
</entry>
124
+
</row>
125
+
<row>
126
+
<entry>8.0.0</entry>
127
+
<entry>
128
+
<parameter>cipher_algo</parameter> is no longer an optional parameter.
129
+
</entry>
130
+
</row>
131
+
<row>
132
+
<entry>8.0.0</entry>
133
+
<entry>
134
+
<parameter>iv</parameter> is nullable now.
135
+
</entry>
136
+
</row>
137
+
</tbody>
138
+
</tgroup>
139
+
</informaltable>
140
+
</refsect1>
141
+
90
142
<refsect1 role="examples">
91
143
&reftitle.examples;
92
144
<para>
...
...
@@ -122,28 +174,6 @@ openssl_free_key($pk2);
122
174
</para>
123
175
</refsect1>
124
176
125
-
<refsect1 role="changelog">
126
-
&reftitle.changelog;
127
-
<informaltable>
128
-
<tgroup cols="2">
129
-
<thead>
130
-
<row>
131
-
<entry>&Version;</entry>
132
-
<entry>&Description;</entry>
133
-
</row>
134
-
</thead>
135
-
<tbody>
136
-
<row>
137
-
<entry>5.3.0</entry>
138
-
<entry>
139
-
The <parameter>method</parameter> parameter was added.
140
-
</entry>
141
-
</row>
142
-
</tbody>
143
-
</tgroup>
144
-
</informaltable>
145
-
</refsect1>
146
-
147
177
<refsect1 role="seealso">
148
178
&reftitle.seealso;
149
179
<para>
...
...
@@ -154,7 +184,6 @@ openssl_free_key($pk2);
154
184
</refsect1>
155
185
156
186
</refentry>
157
-
158
187
<!-- Keep this comment at the end of the file
159
188
Local variables:
160
189
mode: sgml
161
190