# script to create a secure password and save it encrypted
# This will accept a password input from the user, generate a random key,
# and save both the key and the encrypted password to files.
# This was createed to be used with the updateUser.ps1 script
# with the help of Copilot.


# Ensure the script is run with administrative privileges
# Requires -Version 5.1
# Requires -RunAsAdministrator

# Prompt for password
$password = Read-Host "Enter password" -AsSecureString

# Generate a random key and save it
# Note: a new random key is generated each time this script runs.
# we save teh contents of the key to a file named aes.key
# This key should be kept secure and not shared publicly.
$key = New-Object Byte[] 32
[Security.Cryptography.RNGCryptoServiceProvider]::Create().GetBytes($key)
Set-Content -Path "aes.key" -Value ($key | ForEach-Object { $_.ToString() })

# Export the secure string using the key
# The password will be encrypted using AES-256 with the generated key
# Note: The encrypted password will be saved in a file named encrypted_password.txt
$password | ConvertFrom-SecureString -Key $key | Set-Content "encrypted_password.txt"