PHP - Function openssl_pkey_new()
Definition and Usage
The openssl_pkey_new() function will return resource identifier that has new private and public key pair.
Description
The function openssl_pkey_new() returns a resource identifier. You can make use of openssl_pkey_get_details() function to get all the details of the key generated. The key (public/private pair) is used later with other openssl function like openssl_sign(), openssl_csr_new() - to get CSR certificate, that helps to create cryptographic digital signature.
Syntax
openssl_pkey_new ([ array $configargs ] ) : resource
Parameters
| Sr.No | Parameter | Description |
|---|---|---|
| 1 |
configargs |
The parameter configargs is the configuration details that need to be given to the function to generate the private/public key pair. The details are described below. |
configargs
By default openssl_pkey_new() makes use of configuration details present in openssl.cnf. But using configargs you can overwrite them.The config details are as follows:
| key in configargs | type | key used in openssl.conf | description |
|---|---|---|---|
| digest_alg | string | default_md | Digest methods that you get from openssl_get_md_methods(). |
| x509_extensions | string | x509_extensions | Extensions used when creating an x509 certificate. |
| req_extensions | string | req_extensions | Extensions used when creating a CSR. |
| private_key_bits | integer | default_bits | Specifies how many bits to be used while generating a private key. |
| private_key_type | integer | none | The type of private key to create. It can be one of OPENSSL_KEYTYPE_DSA, OPENSSL_KEYTYPE_DH, OPENSSL_KEYTYPE_RSA or OPENSSL_KEYTYPE_EC. The default value is OPENSSL_KEYTYPE_RSA. |
| encrypt_key | boolean | encrypt_key | Whether the exported key be encrypted? |
| encrypt_key_cipher | integer | none | Cipher constants like OPENSSL_CIPHER_RC2_40 (integer),OPENSSL_CIPHER_RC2_128 (integer),OPENSSL_CIPHER_RC2_64 (integer),OPENSSL_CIPHER_DES (integer), OPENSSL_CIPHER_3DES (integer) etc. |
| curve_name | string | none | One of the curve name returned by this function openssl_get_curve_names(). |
| config | string | N/A | You can change the configuration in openssl.conf as per your requirement and give the path of it here. |
Return Values
PHP openssl_pkey_new() function returns a resource identifier if there is no error. It will return false if the key generation fails.
PHP Version
This function will work from PHP Version greater than 5.0.0.
Example 1
Working of openssl_pkey_new():
<?php
// Generate a new private (and public) key pair
$privkey = openssl_pkey_new(array(
"digest_alg"=>'md5',
"private_key_bits" => 2048,
"private_key_type" => OPENSSL_KEYTYPE_RSA,
));
var_dump($privkey);
?>
This will produce the following result:
resource(2) of type (OpenSSL key)
Example 2
Working of openssl_pkey_new() and openssl_pkey_get_details:
<?php
// Generate a new private (and public) key pair
$privkey = openssl_pkey_new(array(
"digest_alg"=>'md5',
"private_key_bits" => 2048,
"private_key_type" => OPENSSL_KEYTYPE_RSA,
));
$key_details = openssl_pkey_get_details($privkey);
print_r($key_details);
?>
This will produce the following result:
Array (
[bits] => 2048
[key] => -----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1IGWxnWzICSkjrOVrYkw
9EKpIhcAYbhaymiwQY/ii9d7hnuGhpjjitDxzFftGafL6XOFKOhgbO2yrcpFxRKu
AY3t5wyUcqUJV6CNwV2Hipk90psUcTmK3+pcCzcqCKr7sLWlHI48lse92xane8Sf
CATNNbr9vmqUaTZ9FQqWihm3o/rNGuZTwMSKvcKsVguFpwrEDJaSLP1nt7RSHGc+
PixQSXp3PtQCH+S0CM9jt1jD9NkYXuuAlNbrsPm1fl2zAGR5Vh15evz5765lZ2mH
LIZScfsO/qgai3R6foaBlJM5tiSeiVZgnnQDKFBi5XK2GhzDnKggJe4tdY7awTFm
CQIDAQAB
-----END PUBLIC KEY-----
[rsa] => Array (
[n] => u $0B"aZhA{{Ws(`lEr W]=q9\7*>,PIzw>cX^~]dyVyzegi,Rqtz~9$V`t(Pbr %-u1f
[e] =>
[d] => F"34!KyFRlY9]A@f~ >u)1bKrpHEkLBEy'3-/PdjeFV1?.O:bl2zU{{*A z\96=V]"k2w>r6/-Z_8!YIL_3Ym.p^>I:oZ"=81:
[dmp1] => z"TW*m$HQ$0saj #
P*PQG\42a26(5K7zjxj7@e$.6bDq]]I}Lmd54)@:#
[dmq1] => +4}\dcRKBw\E6%_m$39FhDuz$8HPK^Kk]eg>X" !=z=7V6q~3VtP$Okgv3=W\m J5^Kat~U.!lv#z* r
)
[type] => 0
)
Example 3
To read public key from openssl_pkey_new():
<?php
echo "The hash of Welcome to Tutorialspoint is - ". hash('crc32b', 'Welcome to Tutorialspoint');
?>
This will produce following result:
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArAWYwKIaf3uN1bwww4R8 51ifDPGsreqr9cV3J1gSKC8kaAEsAQaZ/6gQlDBsUGs4nE8zKgOlcdOV/JApgAdz +CwoLJUgmEUkLDxOcWaCIUVuHAiyBGJaRKZ+MASy7wRG8hb+INd0/zoQRGXk3+jf Fj6rvSinVg49C4RAkRtkEdNnH0G5s6cedV6ec30DouRTuEQ/Fgizf0qaVtQbAURP n+/LT9V8c4LMaCyID7caTQOXAEjQqD4ooXGkOzmcsp03j2/F+T2mSIQRtI1gGJkZ oCMGX/xRxh5uemCcC4jcshn45Ikmb/S7WFqTCOC0e8l8CiTZ5Rr8EKFgtwliMds8 pQIDAQAB -----END PUBLIC KEY-----
Example 4
To store public key from openssl_pkey_new() in a file:
<?php
// Generate a new private (and public) key pair
$privkey = openssl_pkey_new(array(
"digest_alg"=>'md5',
"private_key_bits" => 2048,
"private_key_type" => OPENSSL_KEYTYPE_RSA,
));
$keydetails = openssl_pkey_get_details($privkey);
// To save the public key to a file
file_put_contents('mypublic.key', $keydetails['key']);
?>
The contents of file mypublic.key is:
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3QxA7vWIz+F5t12/fl0H vyavVy/ZNZFWGK6BID/koYeVA2wKdXx9De3gn0hs4sSrN3aV58ctuxDVx36rKvYd AjKHfnfh7NmXnCEeUE4SgUUe0UUleoEMtsPP2Q8BC1HUjcC6SyJQKZG0bQqQlnAb HL7ou2TNsjA/SiJbPD+0OpsLAcW1c/DeoM+TAkZo0JIlgxjcJ5ZlEbJ0Mxv6m9XK k3bbMYHtKmZl+fzfPNcxCuK8Djnm5mYVR9KX1L86m1jz2kUQT/+wW84QRnZ7G+z8 4rQ77sZvWiIwwO2JmUvIsYeUxEP6/keZbDRuyO/2tWk/VxqQry4+Ktix/M2/iKWo QQIDAQAB -----END PUBLIC KEY-----