KeyDerive Event

Fires to derive an encryption key using a custom key derivation implementation.

Syntax

// CBVaultKeyDeriveEventArgs carries the CBVault KeyDerive event's parameters.
type CBVaultKeyDeriveEventArgs struct {...}

func (args *CBVaultKeyDeriveEventArgs) Password() []byte
func (args *CBVaultKeyDeriveEventArgs) PasswordSize() int32
func (args *CBVaultKeyDeriveEventArgs) Salt() []byte
func (args *CBVaultKeyDeriveEventArgs) SaltSize() int32
func (args *CBVaultKeyDeriveEventArgs) Key() []byte
func (args *CBVaultKeyDeriveEventArgs) SetKey(value []byte)
func (args *CBVaultKeyDeriveEventArgs) KeySize() int32
func (args *CBVaultKeyDeriveEventArgs) ResultCode() int32
func (args *CBVaultKeyDeriveEventArgs) SetResultCode(value int32)

// CBVaultKeyDeriveEvent defines the signature of the CBVault KeyDerive event's handler function.
type CBVaultKeyDeriveEvent func(sender *CBVault, args *CBVaultKeyDeriveEventArgs)

func (obj *CBVault) GetOnKeyDeriveHandler() CBVaultKeyDeriveEvent
func (obj *CBVault) SetOnKeyDeriveHandler(handlerFunc CBVaultKeyDeriveEvent)

Remarks

This event fires when the component needs to derive an encryption key using an application-defined key derivation implementation. Please refer to the Encryption topic for more information.

This event only needs to be handled by applications that use one of the CBFSSTORAGE_EM_CUSTOM*_CUSTOM_KEY_DERIVE encryption modes. To handle this event properly, applications must derive an encryption key from the data in the Password buffer (whose length, in bytes, is specified by PasswordSize). The derived encryption key must be written to the Key buffer. The size of the derived encryption key must not exceed KeySize.

Applications should not use the same process for key derivation and hash calculation (or should, at the very least, ensure that salt is used in both operations).

The Salt buffer contains a salt value that can be used (if desired) to strengthen security by increasing the uniqueness of the derived key. The SaltSize parameter specifies the length, in bytes, of Salt.

Please refer to the Buffer Parameters topic for more information on how to work with memory buffer event parameters.

The ResultCode parameter will always be 0 when the event is fired. If the event cannot be handled in a "successful" manner for some reason (e.g., a resource isn't available, security checks failed, etc.), set it to a non-zero value to report an appropriate error. Please refer to the Error Reporting and Handling topic for more information.

Note: An application should not attempt to call component's methods from handlers of this event. Doing this is guaranteed to cause a deadlock.

Note: when a storage is opened concurrently in read-only mode by several applications using CBDrive or CBMemDrive component, the event will fire only in the first application. To prevent such a situation, always open a vault in read-write mode.

Copyright (c) 2021 Callback Technologies, Inc. - All rights reserved.
CBFS Vault 2020 Go Edition - Version 20.0 [Build 7982]