private function decryptRecipientKey(Object\JWEInterface &$jwe, Object\JWKSetInterface $jwk_set, $i)
{
$recipient = $jwe->getRecipient($i);
$complete_headers = array_merge($jwe->getSharedProtectedHeaders(), $jwe->getSharedHeaders(), $recipient->getHeaders());
$this->checkCompleteHeader($complete_headers);
$key_encryption_algorithm = $this->getKeyEncryptionAlgorithm($complete_headers);
$content_encryption_algorithm = $this->getContentEncryptionAlgorithm($complete_headers);
foreach ($jwk_set as $jwk) {
try {
$this->checkKeyUsage($jwk, 'decryption');
if ('dir' !== $key_encryption_algorithm->getAlgorithmName()) {
$this->checkKeyAlgorithm($jwk, $key_encryption_algorithm->getAlgorithmName());
} else {
$this->checkKeyAlgorithm($jwk, $content_encryption_algorithm->getAlgorithmName());
}
$cek = $this->decryptCEK($key_encryption_algorithm, $content_encryption_algorithm, $jwk, $recipient, $complete_headers);
if (null !== $cek) {
if (true === $this->decryptPayload($jwe, $cek, $content_encryption_algorithm, $complete_headers)) {
return $i;
}
}
} catch (\Exception $e) {
//We do nothing, we continue with other keys
continue;
}
}
}
