/**
* Decrypt with RSAES-OAEP + MGF1+SHA256
*
* @param string $ciphertext
* @param PrivateKey $rsaPrivateKey
* @return string
* @throws InvalidCiphertextException
*/
protected static function rsaDecrypt($ciphertext, PrivateKey $rsaPrivateKey)
{
static $rsa = null;
if (!$rsa) {
$rsa = new RSA();
$rsa->setEncryptionMode(RSA::ENCRYPTION_OAEP);
$rsa->setMGFHash('sha256');
}
$rsa->loadKey($rsaPrivateKey->getKey());
$return = @$rsa->decrypt($ciphertext);
if ($return === false) {
throw new InvalidCiphertextException('Decryption failed');
}
return $return;
}
