public void ChangePassword(SecureString newPassword)
{
if (null == newPassword || newPassword.Length <= 0)
{
throw new ArgumentException("Password must be provided.");
}
if (null == EncryptionInfo.ProtectedKey)
{
throw new ArgumentNullException("ProtectedKey");
}
try
{
using (var cu = new CryptoUtilities(EncryptionInfo.SelectedAlgorithm))
{
// Re-encrypt encryption key with new password
EncryptionInfo.EncryptionKey = cu.ProtectEncryptionKey(newPassword,
cu.UnprotectEncryptionKey(EncryptionInfo.ProtectedKey,
EncryptionInfo.EncryptionKey, EncryptionInfo.IV),
EncryptionInfo.Salt, EncryptionInfo.IV);
// Update protected key
SetupProtectedKey(newPassword);
// Update validation key
EncryptionInfo.ValidationKey = CryptoUtilities.GetValidationKey(newPassword, EncryptionInfo.Salt);
}
}
catch (Exception)
{
throw;
}
}
// TODO: Exception handling
/// <summary>
/// Fills <c>EncryptionInfo</c> structure and prepares vault
/// for encryption.
/// </summary>
public void SetupEncryption(SecureString password)
{
if (null == password)
{
throw new ArgumentNullException("password");
}
EncryptionInfo.Salt = CryptoUtilities.RandomBytes(16);
EncryptionInfo.IV = CryptoUtilities.RandomBytes(16);
EncryptionInfo.ValidationKey = CryptoUtilities.GetValidationKey(password, EncryptionInfo.Salt);
EncryptionInfo.ProtectedKey = CryptoUtilities.GetEncryptionProtectionKey(password, EncryptionInfo.Salt);
// Protecting encryption key using chosen encryption algorythm
using (var cu = new CryptoUtilities(EncryptionInfo.SelectedAlgorithm))
{
EncryptionInfo.EncryptionKey = cu.ProtectEncryptionKey(password,
CryptoUtilities.RandomBytes(16), EncryptionInfo.Salt, EncryptionInfo.IV);
}
}
