/** * {@inheritdoc} */ public function decryptKey(JWKInterface $key, $encrypted_key, array $header) { $this->checkKey($key); Assertion::true($key->has('d'), 'The key is not a private key'); $priv = new RSAKey($key); if (self::ENCRYPTION_OAEP === $this->getEncryptionMode()) { $decrypted = JoseRSA::decrypt($priv, $encrypted_key, $this->getHashAlgorithm()); Assertion::string($decrypted, 'Unable to decrypt the data.'); return $decrypted; } else { $res = openssl_private_decrypt($encrypted_key, $decrypted, $priv->toPEM(), OPENSSL_PKCS1_PADDING | OPENSSL_RAW_DATA); Assertion::true($res, 'Unable to decrypt the data.'); return $decrypted; } }