/**
  * Export this keypair
  *
  * @param   string passphrase default NULL
  * @return  string key
  */
 public function export($passphrase = NULL)
 {
     if (FALSE === openssl_pkey_export($this->_res, $out, $passphrase)) {
         trigger_error(implode("\n  @", OpenSslUtil::getErrors()), E_USER_NOTICE);
         throw new XPException('Could not export key');
     }
     return $out;
 }
 /**
  * Sign this CSR
  *
  * @param   security.KeyPair keypair
  * @param   int days default 365
  * @param   var cacert default NULL
  * @return  security.cert.X509Certificate
  */
 public function sign($keypair, $days = 365, $cacert = NULL)
 {
     if (FALSE === ($x509 = openssl_csr_sign($this->_res, $cacert, $keypair->_res, $days))) {
         trigger_error(implode("\n  @", OpenSslUtil::getErrors()), E_USER_NOTICE);
         throw new CertificateException('Cannot sign certificate');
     }
     if (FALSE === openssl_x509_export($x509, $str)) {
         trigger_error(implode("\n  @", OpenSslUtil::getErrors()), E_USER_NOTICE);
         throw new CertificateException('Cannot export certificate');
     }
     return X509Certificate::fromString($str);
 }
 /**
  * Seal data using this public key. This method returns two strings,
  * the first one being the encoded data, the second a key that has to
  * be passed to the recipient, too.
  *
  * @param   string data
  * @return  string[] first element is data, second is the key
  * @throws  security.crypto.CryptoException if the operation fails
  */
 public function seal($data)
 {
     if (FALSE === openssl_seal($data, $sealed, $keys, array($this->_hdl))) {
         throw new CryptoException('Could not seal data', OpenSslUtil::getErrors());
     }
     return array($sealed, $keys[0]);
 }
 /**
  * Create a X.509 Certificate from a string
  *
  * @param   string str
  * @return  security.cert.X509Certificate
  * @throws  security.cert.CertificateException
  */
 public static function fromString($str)
 {
     if (!is_resource($_res = openssl_x509_read($str))) {
         throw new CertificateException('Could not read certificate', OpenSslUtil::getErrors());
     }
     return new X509Certificate(NULL, $_res);
 }
 /**
  * Unseal data sealed with the public key matching this key. This method
  * also needs the hash-key created by the seal() method.
  *
  * @param   string data
  * @param   string key
  * @return  string
  * @throws  security.crypto.CryptoException if the operation fails
  */
 public function unseal($data, $key)
 {
     if (FALSE === openssl_open($data, $unsealed, $key, $this->_hdl)) {
         throw new CryptoException('Could not export private key', OpenSslUtil::getErrors());
     }
     return $unsealed;
 }