PHP Manual: Decrypts an S/MIME encrypted message

Description

bool openssl_pkcs7_decrypt(
    string $input_filename,
    string $output_filename,
    #[\SensitiveParameter]OpenSSLCertificatestring $certificate,
    #[\SensitiveParameter]OpenSSLAsymmetricKeyOpenSSLCertificatearraystringnull $private_key = null
)

Decrypts the S/MIME encrypted message contained in the file specified by input_filename using the certificate and its associated private key specified by certificate and private_key.

Parameters

input_filename
output_filename: The decrypted message is written to the file specified by output_filename.
certificate
private_key

Return Values

Returns true on success or false on failure.

Changelog

Version	Description
8.0.0	`private_key` accepts an OpenSSLAsymmetricKey or OpenSSLCertificate instance now; previously, a resource of type `OpenSSL key` or `OpenSSL X.509 CSR` was accepted.

Examples

Example #1 openssl_pkcs7_decrypt example

<?php
// $cert and $key are assumed to contain your personal certificate and private
// key pair, and that you are the recipient of an S/MIME message
$infilename = "encrypted.msg";  // this file holds your encrypted message
$outfilename = "decrypted.msg"; // make sure you can write to this file

if (openssl_pkcs7_decrypt($infilename, $outfilename, $cert, $key)) {
    echo "decrypted!";
} else {
    echo "failed to decrypt!";
}
?>