SHA512加密+盐渍

时间:2012-11-30 17:34:20

标签: c# hash passwords

我正在开发一个C#visual studio Windows窗体应用程序。但是,在我的开发过程中,我被困在了一半。

我试图在用盐水加密之前询问用户他/她的密码。 我如何使用SHA 512加密我的密码文本,稍后加盐并解密?我有什么建议可以做到吗?与其他加密方法相比,SHA 512是否足够安全?

3 个答案:

答案 0 :(得分:1)

  1. 不,SHA512不够安全,无法进行密码处理。 SHA512速度很快,而密码处理需要很慢,以防止在黑客转储数据库时对密码进行暴力搜索。这种事件经常发生!
  2. 您稍后不会解密。相反,当您从用户获取明文密码时,使用数据库中的salt对其进行哈希处理,并将结果与​​数据库中的编码哈希进行比较。如果匹配,则对用户进行身份验证。
  3. 提供有关SHA512 / SHA256 / SHA1 / MD5 /任何快速错误的信息here,包括.Net代码,显示如何使用更合适的函数(PBKDF2)进行密码处理。
  4. Crackstation.net也提供了关于如何进行密码处理的体面教育,但并不特定于.Net。请务必特别阅读“使密码破解更难:缓慢的哈希函数”以理解为什么SHA512不合适。
  5. 很多地方的密码处理有很多不好的建议。您应该检查那些提供建议的人的安全声誉,这样您就可以将商品与垃圾区分开来。

答案 1 :(得分:0)

SHA512 NOT 是一种加密形式,它是一种散列形式。散列是单向的 - 即它不能被解密。从散列中查找值的唯一方法是使用彩虹表,至少可以说这不是一门精确的科学。

因此,当涉及密码时,SHA512比加密方法更安全,因为您永远不会存储易于解密但仅与之相冲突的内容。

答案 2 :(得分:0)

其他人说“SHA-512不是加密”,但忽略了说你可以,以及如何实际加密它。加密需要公钥(用于加密)和私钥(用于解密),如果您使用的是RSACryptoServiceProvider&非对称加密,如下所示。由于您可以创建基于SHA512的散列密钥,因此可以对它们进行加密/解密。为了做盐,你可能会看get_prop()。我不会在这里谈到这一点。

对于那些可能会抱怨以下答案的人&说“使用PBKDF2”:

  1. 我不知道这是什么。不要指望每个开发人员都知道,以及如何像你一样轻松地实现它。
  2. 在我的工作环境中,我们有一个独立的开发者网络,它没有连接到互联网,所以它使得第三方库和NuGet包很难获得,更新,使用和使用如果我的组织无法看到用于项目的源代码,则获得批准。
  3. 并非每个环境都会有这些限制 - 但对于权威人士:不要认为你有一个适合所有人的解决方案。数据库连接的服务帐户密码驻留在ENCRYPTED中,例如web.config和app.config文件,这是我回答这个问题的角度。它们不能是域帐户,这样您就可以执行Integrated Security=SSPIwebService.Credentials = System.Net.CredentialCache.DefaultNetworkCredentials;之类的操作。不要以为这些只会在DB中 - 大多数数据库实际上都有自己的加密算法来处理。对于某些连接&环境,开发者社区 - 克服自己!您可能实际上必须提供密码并将其存储在某处以便您的应用程序正常工作!并且猜猜 - NIST没有禁止这个,或者它不会有你能遇到的加密标准(鼓励SHA512)来接听这个电话。

    所以我要把我做过的一些研究拼凑起来,展示一些你可以使用SHA-512哈希创建的密钥来实现这一目标的路由,然后加密/解密。您可以通过创建证书或让RSACryptoServiceContainer为您提供证书来生成SHA-512密钥。

    证书方法

    在命令行上使用以下行创建证书:

    makecert -r -pe -n "CN=MyCertificate" -a sha512 -b 09/01/2016 -sky exchange C:\Temp\MyCertificate.cer -sv C:\Temp\MyCertificate.pvk
    pvk2pfx.exe -pvk C:\Temp\MyCertificate.pvk -pi "MyP@ssw0rd" -spc C:\Temp\MyCertificate.cer -pfx C:\Temp\MyCertificate.pfx -po "MyP@ssw0rd"
    

    然后将证书导入本地根权限存储并使用以下代码:

    string input = "test";
    string output = string.Empty;
    
    X509Store store = new X509Store(StoreName.Root, StoreLocation.LocalMachine);
    store.Open(OpenFlags.ReadOnly);
    
    X509Certificate2Collection collection = store.Certificates.Find(X509FindType.FindBySubjectName, "MyCertificate", false);
    
    X509Certificate2 certificate = collection[0];
    
    using (RSACryptoServiceProvider cps = (RSACryptoServiceProvider)certificate.PublicKey.Key)
    {
        byte[] bytesData = Encoding.UTF8.GetBytes(input);
        byte[] bytesEncrypted = cps.Encrypt(bytesData, false);
        output = Convert.ToBase64String(bytesEncrypted);
    }
    
    store.Close();
    

    参考http://www.obviex.com/samples/EncryptionWithSalt.aspx

    使用RSACryptoServiceProvider生成密钥

    private static string privateKey = String.Empty;
    
    private static void generateKeys()
    {
        int dwLen = 2048;
        RSACryptoServiceProvider csp = new RSACryptoServiceProvider(dwLen);
        privateKey = csp.ToXmlString(true).Replace("><",">\r\n");
    }
    
    public static string Encrypt(string data2Encrypt)
    {
        try
        {
            generateKeys();
            RSAx rsax = new RSAx(privateKey, 2048);
            rsax.RSAxHashAlgorithm = RSAxParameters.RSAxHashAlgorithm.SHA512;
            byte[] CT = rsax.Encrypt(Encoding.UTF8.GetBytes(data2Encrypt), false, true); // first bool is for using private key (false forces to use public), 2nd is for using OAEP
            return Convert.ToBase64String(CT);
        }
        catch (Exception ex) 
        { 
            // handle exception
            MessageBox.Show("Error during encryption: " + ex.Message);
            return String.Empty;
        }
    }
    
    public static string Decrypt(string data2Decrypt)
    {
        try
        {
            RSAx rsax = new RSAx(privateKey, 2048);
            rsax.RSAxHashAlgorithm = RSAxParameters.RSAxHashAlgorithm.SHA512;
            byte[] PT = rsax.Decrypt(Convert.FromBase64String(data2Decrypt), true, true); // first bool is for using private key, 2nd is for using OAEP
            return Encoding.UTF8.GetString(PT);
        }
        catch (Exception ex) 
        { 
            // handle exception
            MessageBox.Show("Error during encryption: " + ex.Message);
            return String.Empty;
        }
    }
    

    这些方法使用名为 RSAx.DLL 的DLL,使用https://social.msdn.microsoft.com/Forums/en-US/69e39ad0-13c2-4b5e-bb1b-972a614813fd/encrypt-with-certificate-sha512?forum=csharpgeneral的源代码构建,这不是我的(作者:Arpan Jati),但我已经使用过了它在https://www.codeproject.com/Articles/421656/RSA-Library-with-Private-Key-Encryption-in-Csharp下可供开发人员社区使用。您也可以从该项目中引入3个类,而不是:RSAx.cs,RSAxParameters.cs,RSAxUtils.cs

    代码将使这篇帖子超过30000字符限制,所以我将发布RSAx,以便您可以看到正在发生的事情,但所有3个类都是必需的。您必须更改命名空间并引用System.Numerics程序集。

    <强> RSAx.cs

    // @Date : 15th July 2012
    // @Author : Arpan Jati (arpan4017@yahoo.com; arpan4017@gmail.com)
    // @Library : ArpanTECH.RSAx
    // @CodeProject: http://www.codeproject.com/Articles/421656/RSA-Library-with-Private-Key-Encryption-in-Csharp  
    
    using System;
    using System.Collections.Generic;
    using System.Security.Cryptography;
    using System.Numerics;
    using System.Linq;
    using System.Text;
    using System.IO;
    
    namespace ArpanTECH
    {
        /// <summary>
        /// The main RSAx Class
        /// </summary>
        public class RSAx : IDisposable
        {
            private RSAxParameters rsaParams;
            private RNGCryptoServiceProvider rng = new RNGCryptoServiceProvider();
    
            /// <summary>
            /// Initialize the RSA class.
            /// </summary>
            /// <param name="rsaParams">Preallocated RSAxParameters containing the required keys.</param>
            public RSAx(RSAxParameters rsaParams)
            {
                this.rsaParams = rsaParams;
                UseCRTForPublicDecryption = true;
            }
    
            /// <summary>
            /// Initialize the RSA class from a XML KeyInfo string.
            /// </summary>
            /// <param name="keyInfo">XML Containing Key Information</param>
           /// <param name="ModulusSize">Length of RSA Modulus in bits.</param>
           public RSAx(String keyInfo, int ModulusSize)
           {
                this.rsaParams = RSAxUtils.GetRSAxParameters(keyInfo, ModulusSize);
                UseCRTForPublicDecryption = true;
            }
    
            /// <summary>
            /// Hash Algorithm to be used for OAEP encoding.
            /// </summary>
            public RSAxParameters.RSAxHashAlgorithm RSAxHashAlgorithm
            {
                set
                {
                    rsaParams.HashAlgorithm = value;
                }
            }
    
            /// <summary>
            /// If True, and if the parameters are available, uses CRT for private key decryption. (Much Faster)
            /// </summary>
            public bool UseCRTForPublicDecryption
            {
                get;  set;
            }
    
            /// <summary>
            /// Releases all the resources.
            /// </summary>
            public void Dispose()
            {
                rsaParams.Dispose();
            }
    
            #region PRIVATE FUNCTIONS
    
            /// <summary>
            /// Low level RSA Process function for use with private key.
            /// Should never be used; Because without padding RSA is vulnerable to attacks.  Use with caution.
            /// </summary>
            /// <param name="PlainText">Data to encrypt. Length must be less than Modulus size in octets.</param>
            /// <param name="usePrivate">True to use Private key, else Public.</param>
            /// <returns>Encrypted Data</returns>
            public byte[] RSAProcess(byte[] PlainText, bool usePrivate)
            {
    
                if (usePrivate && (!rsaParams.Has_PRIVATE_Info))
                {
                    throw new CryptographicException("RSA Process: Incomplete Private Key Info");
                }
    
                if ((usePrivate == false) && (!rsaParams.Has_PUBLIC_Info))
                {
                    throw new CryptographicException("RSA Process: Incomplete Public Key Info");
                }            
    
                BigInteger _E;
                if (usePrivate)
                    _E = rsaParams.D; 
                else
                    _E = rsaParams.E;
    
                BigInteger PT = RSAxUtils.OS2IP(PlainText, false);
                BigInteger M = BigInteger.ModPow(PT, _E, rsaParams.N);
    
                if (M.Sign == -1)
                    return RSAxUtils.I2OSP(M + rsaParams.N, rsaParams.OctetsInModulus, false);            
                else
                    return RSAxUtils.I2OSP(M, rsaParams.OctetsInModulus, false);                   
            }
    
            /// <summary>
            /// Low level RSA Decryption function for use with private key. Uses CRT and is Much faster.
            /// Should never be used; Because without padding RSA is vulnerable to attacks. Use with caution.
            /// </summary>
            /// <param name="Data">Data to encrypt. Length must be less than Modulus size in octets.</param>
            /// <returns>Encrypted Data</returns>
            public byte[] RSADecryptPrivateCRT(byte[] Data)
            {
                if (rsaParams.Has_PRIVATE_Info && rsaParams.HasCRTInfo)
                {
                    BigInteger C = RSAxUtils.OS2IP(Data, false);
    
                    BigInteger M1 = BigInteger.ModPow(C, rsaParams.DP, rsaParams.P);
                    BigInteger M2 = BigInteger.ModPow(C, rsaParams.DQ, rsaParams.Q);
                    BigInteger H = ((M1 - M2) * rsaParams.InverseQ) % rsaParams.P;
                    BigInteger M = (M2 + (rsaParams.Q * H));
    
                    if (M.Sign == -1)
                        return RSAxUtils.I2OSP(M + rsaParams.N, rsaParams.OctetsInModulus, false);
                    else
                        return RSAxUtils.I2OSP(M, rsaParams.OctetsInModulus, false); 
                }
                else
                {
                    throw new CryptographicException("RSA Decrypt CRT: Incomplete Key Info");
                }                             
            }        
    
            private byte[] RSAProcessEncodePKCS(byte[] Message, bool usePrivate)
            {
                if (Message.Length > rsaParams.OctetsInModulus - 11)
                {
                    throw new ArgumentException("Message too long.");
                }
                else
                {
                    // RFC3447 : Page 24. [RSAES-PKCS1-V1_5-ENCRYPT ((n, e), M)]
                    // EM = 0x00 || 0x02 || PS || 0x00 || Msg 
    
                    List<byte> PCKSv15_Msg = new List<byte>();
    
                    PCKSv15_Msg.Add(0x00);
                    PCKSv15_Msg.Add(0x02);
    
                    int PaddingLength = rsaParams.OctetsInModulus - Message.Length - 3;
    
                    byte[] PS = new byte[PaddingLength];
                    rng.GetNonZeroBytes(PS);
    
                    PCKSv15_Msg.AddRange(PS);
                    PCKSv15_Msg.Add(0x00);
    
                    PCKSv15_Msg.AddRange(Message);
    
                    return RSAProcess(PCKSv15_Msg.ToArray() ,  usePrivate);
                }
            }
    
            /// <summary>
            /// Mask Generation Function
            /// </summary>
            /// <param name="Z">Initial pseudorandom Seed.</param>
            /// <param name="l">Length of output required.</param>
            /// <returns></returns>
            private byte[] MGF(byte[] Z, int l)
            {
                if (l > (Math.Pow(2, 32)))
                {
                    throw new ArgumentException("Mask too long.");
                }
                else
                {
                    List<byte> result = new List<byte>();
                    for (int i = 0; i <= l / rsaParams.hLen; i++)
                    {
                        List<byte> data = new List<byte>();
                        data.AddRange(Z);
                        data.AddRange(RSAxUtils.I2OSP(i, 4, false));
                        result.AddRange(rsaParams.ComputeHash(data.ToArray()));
                    }
    
                    if (l <= result.Count)
                    {
                        return result.GetRange(0, l).ToArray();
                    }
                    else
                    {
                        throw new ArgumentException("Invalid Mask Length.");
                    }
                }
            }
    
    
            private byte[] RSAProcessEncodeOAEP(byte[] M, byte[] P, bool usePrivate)
            {
                //                           +----------+---------+-------+
                //                      DB = |  lHash   |    PS   |   M   |
                //                           +----------+---------+-------+
                //                                          |
                //                +----------+              V
                //                |   seed   |--> MGF ---> XOR
                //                +----------+              |
                //                      |                   |
                //             +--+     V                   |
                //             |00|    XOR <----- MGF <-----|
                //             +--+     |                   |
                //               |      |                   |
                //               V      V                   V
                //             +--+----------+----------------------------+
                //       EM =  |00|maskedSeed|          maskedDB          |
                //             +--+----------+----------------------------+
    
                int mLen = M.Length;
                if (mLen > rsaParams.OctetsInModulus - 2 * rsaParams.hLen - 2)
                {
                    throw new ArgumentException("Message too long.");
                }
                else
                {
                    byte[] PS = new byte[rsaParams.OctetsInModulus - mLen - 2 * rsaParams.hLen - 2];
                    //4. pHash = Hash(P),
                    byte[] pHash = rsaParams.ComputeHash(P);
    
                    //5. DB = pHash||PS||01||M.
                    List<byte> _DB = new List<byte>();
                    _DB.AddRange(pHash);
                    _DB.AddRange(PS);
                    _DB.Add(0x01);
                    _DB.AddRange(M);
                    byte[] DB = _DB.ToArray();
    
                    //6. Generate a random octet string seed of length hLen.                
                    byte[] seed = new byte[rsaParams.hLen];
                    rng.GetBytes(seed);
    
                    //7. dbMask = MGF(seed, k - hLen -1).
                    byte[] dbMask = MGF(seed, rsaParams.OctetsInModulus - rsaParams.hLen - 1);
    
                    //8. maskedDB = DB XOR dbMask
                    byte[] maskedDB = RSAxUtils.XOR(DB, dbMask);
    
                    //9. seedMask = MGF(maskedDB, hLen)
                    byte[] seedMask = MGF(maskedDB, rsaParams.hLen);
    
                    //10. maskedSeed = seed XOR seedMask.
                    byte[] maskedSeed = RSAxUtils.XOR(seed, seedMask);
    
                    //11. EM = 0x00 || maskedSeed || maskedDB.
                    List<byte> result = new List<byte>();
                    result.Add(0x00);
                    result.AddRange(maskedSeed);
                    result.AddRange(maskedDB);
    
                    return RSAProcess(result.ToArray(), usePrivate);
                }
            }
    
    
            private byte[] Decrypt(byte[] Message, byte [] Parameters, bool usePrivate, bool fOAEP)
            {
                byte[] EM = new byte[0];
                try
                {
                    if ((usePrivate == true) && (UseCRTForPublicDecryption) && (rsaParams.HasCRTInfo))
                    {
                        EM = RSADecryptPrivateCRT(Message);
                    }
                    else
                    {
                        EM = RSAProcess(Message, usePrivate);
                    }
                }
                catch (CryptographicException ex)
                {
                    throw new CryptographicException("Exception while Decryption: " + ex.Message);
                }
                catch
                {
                    throw new Exception("Exception while Decryption: ");
                }
    
                try
                {
                    if (fOAEP) //DECODE OAEP
                    {
                        if ((EM.Length == rsaParams.OctetsInModulus) && (EM.Length > (2 * rsaParams.hLen + 1)))
                        {
                            byte[] maskedSeed;
                            byte[] maskedDB;
                            byte[] pHash = rsaParams.ComputeHash(Parameters);
                            if (EM[0] == 0) // RFC3447 Format : http://tools.ietf.org/html/rfc3447
                            {
                                maskedSeed = EM.ToList().GetRange(1, rsaParams.hLen).ToArray();
                                maskedDB = EM.ToList().GetRange(1 + rsaParams.hLen, EM.Length - rsaParams.hLen - 1).ToArray();
                                byte[] seedMask = MGF(maskedDB, rsaParams.hLen);
                                byte[] seed = RSAxUtils.XOR(maskedSeed, seedMask);
                                byte[] dbMask = MGF(seed, rsaParams.OctetsInModulus - rsaParams.hLen - 1);
                                byte[] DB = RSAxUtils.XOR(maskedDB, dbMask);
    
                                if (DB.Length >= (rsaParams.hLen + 1))
                                {
                                    byte[] _pHash = DB.ToList().GetRange(0, rsaParams.hLen).ToArray();
                                    List<byte> PS_M = DB.ToList().GetRange(rsaParams.hLen, DB.Length - rsaParams.hLen);
                                    int pos = PS_M.IndexOf(0x01);
                                    if (pos >= 0 && (pos < PS_M.Count))
                                    {
                                        List<byte> _01_M = PS_M.GetRange(pos, PS_M.Count - pos);
                                        byte[] M;
                                        if (_01_M.Count > 1)
                                        {
                                            M = _01_M.GetRange(1, _01_M.Count - 1).ToArray();
                                        }
                                        else
                                        {
                                            M = new byte[0];
                                        }
                                        bool success = true;
                                        for (int i = 0; i < rsaParams.hLen; i++)
                                        {
                                             if (_pHash[i] != pHash[i])
                                            {
                                                success = false;
                                                break;
                                            }
                                        }
    
                                        if (success)
                                        {
                                            return M;
                                        }
                                        else
                                        {
                                            M = new byte[rsaParams.OctetsInModulus]; //Hash Match Failure.
                                            throw new CryptographicException("OAEP Decode Error");
                                        }
                                    }
                                    else
                                    {// #3: Invalid Encoded Message Length.
                                        throw new CryptographicException("OAEP Decode Error");
                                    }
                                }
                                else
                                {// #2: Invalid Encoded Message Length.
                                    throw new CryptographicException("OAEP Decode Error");
                                }
                            }
                            else // Standard : ftp://ftp.rsasecurity.com/pub/rsalabs/rsa_algorithm/rsa-oaep_spec.pdf
                            {//OAEP : THIS STADNARD IS NOT IMPLEMENTED
                                throw new CryptographicException("OAEP Decode Error");
                            }
                        }
                        else
                        {// #1: Invalid Encoded Message Length.
                            throw new CryptographicException("OAEP Decode Error");
                        }
                    }
                    else // DECODE PKCS v1.5
                    {
                        if (EM.Length >= 11)
                        {
                            if ((EM[0] == 0x00) && (EM[1] == 0x02))
                            {
                                int startIndex = 2;
                                List<byte> PS = new List<byte>();
                                for (int i = startIndex; i < EM.Length; i++)
                                {
                                    if (EM[i] != 0)
                                    {
                                        PS.Add(EM[i]);
                                    }
                                    else
                                    {
                                        break;
                                    }
                                }
    
                                if (PS.Count >= 8)
                                {
                                    int DecodedDataIndex = startIndex + PS.Count + 1;
                                    if (DecodedDataIndex < (EM.Length - 1))
                                    {
                                        List<byte> DATA = new List<byte>();
                                        for (int i = DecodedDataIndex; i < EM.Length; i++)
                                        {
                                            DATA.Add(EM[i]);
                                        }
                                        return DATA.ToArray();
                                    }
                                    else
                                    {
                                        return new byte[0];
                                        //throw new CryptographicException("PKCS v1.5 Decode Error #4: No Data");
                                    }
                                }
                                else
                                {// #3: Invalid Key / Invalid Random Data Length
                                    throw new CryptographicException("PKCS v1.5 Decode Error");
                                }
                            }
                            else
                            {// #2: Invalid Key / Invalid Identifiers
                                throw new CryptographicException("PKCS v1.5 Decode Error");
                            }
                        }
                        else
                        {// #1: Invalid Key / PKCS Encoding
                            throw new CryptographicException("PKCS v1.5 Decode Error");
                        }
    
                    }
                }
                catch (CryptographicException ex)
                {
                    throw new CryptographicException("Exception while decoding: " + ex.Message);
                }
                catch
                {
                    throw new CryptographicException("Exception while decoding");
                }
    
    
            }
    
            #endregion
    
            #region PUBLIC FUNCTIONS
    
            /// <summary>
            /// Encrypts the given message with RSA, performs OAEP Encoding.
            /// </summary>
            /// <param name="Message">Message to Encrypt. Maximum message length is (ModulusLengthInOctets - 2 * HashLengthInOctets - 2)</param>
            /// <param name="OAEP_Params">Optional OAEP parameters. Normally Empty. But, must match the parameters while decryption.</param>
            /// <param name="usePrivate">True to use Private key for encryption. False to use Public key.</param>
            /// <returns>Encrypted message.</returns>
            public byte[] Encrypt(byte[] Message, byte[] OAEP_Params, bool usePrivate)
            {
                return RSAProcessEncodeOAEP(Message, OAEP_Params, usePrivate);
            }
    
            /// <summary>
            /// Encrypts the given message with RSA.
            /// </summary>
            /// <param name="Message">Message to Encrypt. Maximum message length is For OAEP [ModulusLengthInOctets - (2 * HashLengthInOctets) - 2] and for PKCS [ModulusLengthInOctets - 11]</param>
            /// <param name="usePrivate">True to use Private key for encryption. False to use Public key.</param>
            /// <param name="fOAEP">True to use OAEP encoding (Recommended), False to use PKCS v1.5 Padding.</param>
            /// <returns>Encrypted message.</returns>
            public byte[] Encrypt(byte[] Message, bool usePrivate, bool fOAEP)
            {
                if (fOAEP)
                {
                    return RSAProcessEncodeOAEP(Message, new byte[0], usePrivate);
                }
                else
                {
                    return RSAProcessEncodePKCS(Message, usePrivate);
                }
            }
    
            /// <summary>
            /// Encrypts the given message using RSA Public Key.
            /// </summary>
            /// <param name="Message">Message to Encrypt. Maximum message length is For OAEP [ModulusLengthInOctets - (2 * HashLengthInOctets) - 2] and for PKCS [ModulusLengthInOctets - 11]</param>
            /// <param name="fOAEP">True to use OAEP encoding (Recommended), False to use PKCS v1.5 Padding.</param>
            /// <returns>Encrypted message.</returns>
            public byte[] Encrypt(byte[] Message,  bool fOAEP)
            {
                if (fOAEP)
                {
                    return RSAProcessEncodeOAEP(Message, new byte[0], false);
                }
                else
                {
                    return RSAProcessEncodePKCS(Message, false);
                }
            }
    
            /// <summary>
            /// Decrypts the given RSA encrypted message.
            /// </summary>
            /// <param name="Message">The encrypted message.</param>
            /// <param name="usePrivate">True to use Private key for decryption. False to use Public key.</param>
            /// <param name="fOAEP">True to use OAEP.</param>
            /// <returns>Encrypted byte array.</returns>
            public byte[] Decrypt(byte[] Message, bool usePrivate, bool fOAEP)
            {
                return Decrypt(Message, new byte[0], usePrivate, fOAEP);
            }
    
            /// <summary>
            /// Decrypts the given RSA encrypted message.
            /// </summary>
            /// <param name="Message">The encrypted message.</param>
            /// <param name="OAEP_Params">Parameters to the OAEP algorithm (Must match the parameter while Encryption).</param>
            /// <param name="usePrivate">True to use Private key for decryption. False to use Public key.</param>
            /// <returns>Decrypted byte array.</returns>
            public byte[] Decrypt(byte[] Message, byte[] OAEP_Params, bool usePrivate)
            {
                return Decrypt(Message, OAEP_Params, usePrivate, true);
            }
    
            /// <summary>
            /// Decrypts the given RSA encrypted message using Private key.
            /// </summary>
            /// <param name="Message">The encrypted message.</param>
            /// <param name="fOAEP">True to use OAEP.</param>
            /// <returns>Decrypted byte array.</returns>
            public byte[] Decrypt(byte[] Message,  bool fOAEP)
            {
                return Decrypt(Message, new byte[0], true, fOAEP);
            }
            #endregion
        }
    }