public void ChangePassword(SecureString newPassword) { if (null == newPassword || newPassword.Length <= 0) { throw new ArgumentException("Password must be provided."); } if (null == EncryptionInfo.ProtectedKey) { throw new ArgumentNullException("ProtectedKey"); } try { using (var cu = new CryptoUtilities(EncryptionInfo.SelectedAlgorithm)) { // Re-encrypt encryption key with new password EncryptionInfo.EncryptionKey = cu.ProtectEncryptionKey(newPassword, cu.UnprotectEncryptionKey(EncryptionInfo.ProtectedKey, EncryptionInfo.EncryptionKey, EncryptionInfo.IV), EncryptionInfo.Salt, EncryptionInfo.IV); // Update protected key SetupProtectedKey(newPassword); // Update validation key EncryptionInfo.ValidationKey = CryptoUtilities.GetValidationKey(newPassword, EncryptionInfo.Salt); } } catch (Exception) { throw; } }
// TODO: Exception handling /// <summary> /// Fills <c>EncryptionInfo</c> structure and prepares vault /// for encryption. /// </summary> public void SetupEncryption(SecureString password) { if (null == password) { throw new ArgumentNullException("password"); } EncryptionInfo.Salt = CryptoUtilities.RandomBytes(16); EncryptionInfo.IV = CryptoUtilities.RandomBytes(16); EncryptionInfo.ValidationKey = CryptoUtilities.GetValidationKey(password, EncryptionInfo.Salt); EncryptionInfo.ProtectedKey = CryptoUtilities.GetEncryptionProtectionKey(password, EncryptionInfo.Salt); // Protecting encryption key using chosen encryption algorythm using (var cu = new CryptoUtilities(EncryptionInfo.SelectedAlgorithm)) { EncryptionInfo.EncryptionKey = cu.ProtectEncryptionKey(password, CryptoUtilities.RandomBytes(16), EncryptionInfo.Salt, EncryptionInfo.IV); } }