openssl_pkey_new

(PHP 4 >= 4.2.0, PHP 5)

openssl_pkey_newGenerates a new private key

Description

resource openssl_pkey_new ([ array $configargs ] )

openssl_pkey_new() generates a new private and public key pair. The public component of the key can be obtained using openssl_pkey_get_public().

Note: You need to have a valid openssl.cnf installed for this function to operate correctly. See the notes under the installation section for more information.

Parameters

configargs

You can finetune the key generation (such as specifying the number of bits) using configargs. See openssl_csr_new() for more information about configargs.

Return Values

Returns a resource identifier for the pkey on success, or FALSE on error.

Коментарии

Автор:
It's easier than all that, if you just want the keys:

<?php
// Create the keypair
$res=openssl_pkey_new();

// Get private key
openssl_pkey_export($res$privkey);

// Get public key
$pubkey=openssl_pkey_get_details($res);
$pubkey=$pubkey["key"];
?>
2008-04-02 15:17:50
http://php5.kiev.ua/manual/ru/function.openssl-pkey-new.html
Working example:

$config = array(
    "digest_alg" => "sha512",
    "private_key_bits" => 4096,
    "private_key_type" => OPENSSL_KEYTYPE_RSA,
);
   
// Create the private and public key
$res = openssl_pkey_new($config);

// Extract the private key from $res to $privKey
openssl_pkey_export($res, $privKey);

// Extract the public key from $res to $pubKey
$pubKey = openssl_pkey_get_details($res);
$pubKey = $pubKey["key"];

$data = 'plaintext data goes here';

// Encrypt the data to $encrypted using the public key
openssl_public_encrypt($data, $encrypted, $pubKey);

// Decrypt the data using the private key and store the results in $decrypted
openssl_private_decrypt($encrypted, $decrypted, $privKey);

echo $decrypted;
2013-03-26 22:52:09
http://php5.kiev.ua/manual/ru/function.openssl-pkey-new.html
If you try and generate a new key using openssl_pkey_new(), and need to specify the size of the key, the key MUST be type-bound to integer

// works
$keysize = 1024;
$ssl = openssl_pkey_new (array('private_key_bits' => $keysize));

// fails
$keysize = "1024";
$ssl = openssl_pkey_new (array('private_key_bits' => $keysize));

// works (force to int)
$keysize = "1024";
$ssl = openssl_pkey_new (array('private_key_bits' => (int)$keysize));
2015-02-24 23:36:42
http://php5.kiev.ua/manual/ru/function.openssl-pkey-new.html
If you're using openssl_pkey_new() in conjunction with openssl_csr_new() and want to change the CSR digest algorithm as well as specify a custom key size, the configuration override should be defined once and sent to both functions:

<?php
$config 
= array(
   
'digest_alg' => 'sha1',
   
'private_key_bits' => 2048,
   
'private_key_type' => OPENSSL_KEYTYPE_RSA,
);

$privkey openssl_pkey_new($config);

$csr openssl_csr_new($dn$privkey$config);
?>

Although openssl_pkey_new() will accept the 'digest_alg' argument it won't use it, and setting the value has no effect unless you also set this value for openssl_csr_new(). The reason for this is that the $config array is acting as a drop-in replacement for the values found in the openssl.cnf file, so it must contain all of the override values that you need even if the function they're being sent to won't use them.

Also, if you change the 'digest_alg' to something like 'sha256' and still get an MD5 signed CSR check your openssl.cnf file to see whether the digest algorithm you want to use is actually supported.
2017-03-15 13:39:51
http://php5.kiev.ua/manual/ru/function.openssl-pkey-new.html
Not forget the $configArgs for windows users :D, or the method throws a error with the primary key

//write your configurations :D
$configargs = array(
  "config" => "C:/xampp/php/extras/openssl/openssl.cnf",
  'private_key_bits'=> 2048,
  'default_md' => "sha256",
);

// Create the keypair
$res=openssl_pkey_new($configargs);
// Get private key
openssl_pkey_export($res, $privKey,NULL,$configargs);

and it's for all methods ._ .

a full implementation example here.

https://gist.github.com/DuckHunter213/269a0efd17e709f7f1f177ae7da46ad1

this error take me 3 full days you'r welcome :)
2018-12-08 15:43:52
http://php5.kiev.ua/manual/ru/function.openssl-pkey-new.html
Автор:
In case this function returns false, then check your openssl.cnf and make sure that in the [req] section of this file the entry default_bits is not commented out.
2019-01-03 23:02:20
http://php5.kiev.ua/manual/ru/function.openssl-pkey-new.html
Автор:
It's not documented here but you can also create ECC keys from existing key parameters (e.g. from JWK):

<?php
$key 
openssl_pkey_new([
   
'ec' => [
       
'curve_name' => 'prime256v1',
       
'x' => $someXValue,
       
'y' => $someYValue,
       
'd' => $someDValue
   
]
]);
?>

You can just provide x/y if it's a public key, or you can just provide d if it's a private key.
2021-11-24 21:17:44
http://php5.kiev.ua/manual/ru/function.openssl-pkey-new.html

    Поддержать сайт на родительском проекте КГБ