CBVault Class
Properties Methods Events Config Settings Errors
The CBVault class lets applications create a vault and manipulate its contents.
Syntax
class cbfsvault.CBVault
Remarks
The CBVault class allows applications to create a vault and interact with its contents directly. A vault can contain any number of files, directories, alternate streams, and symbolic links; as long as it has sufficient capacity to store them. For more information about using CBFS Vault's many features, please refer to the extensive General Information topics.
The CBVault class is available on all platforms supported by the CBFS Vault product.
Getting Started
Each CBVault class instance can control a single vault at once. Applications can use multiple instances of the CBVault class if their use-case requires multiple vaults.
Use the following steps to get up and running:
- Create or open a vault by calling the open_vault method.
- Interact with the vault and its contents using the CBVault class's API methods.
- When done, call the close_vault method to close the vault.
Property List
The following is the full list of the properties of the class with short descriptions. Click on the links for further details.
| active | This property reflects whether a vault has been opened. |
| auto_compact_at | This property specifies the free space percentage threshold a vault must reach to be eligible for automatic compaction. |
| callback_mode | This property specifies whether the class should operate in callback mode. |
| case_sensitive | This property specifies whether the class should open a vault in case-sensitive mode. |
| default_file_access_password | This property specifies the default encryption password to use when opening files and alternate streams. |
| default_file_compression | This property specifies the default compression mode to use when creating files and alternate streams. |
| default_file_create_password | This property specifies the default encryption password to use when creating new files and alternate streams. |
| default_file_encryption | This property specifies the default encryption mode to use when creating files and alternate streams. |
| is_corrupted | This property specifies whether the vault is corrupted. |
| last_write_time | This property specifies the last modification time of the vault. |
| logo | This property specifies an application-defined text-based logo stored in the second page of a vault. |
| page_size | This property specifies the vault's page size. |
| path_separator | This property specifies the path separator character to use when returning vault paths. |
| possible_free_space | This property specifies the maximum amount of free space the vault could possibly have available. |
| possible_size | This property specifies the maximum size the vault could possibly be. |
| read_only | This property specifies whether the class should open a vault in read-only mode. |
| tag | This property stores application-defined data specific to a particular instance of the class. |
| use_access_time | This property specifies whether the class should keep track of last access times for vault items. |
| use_system_cache | This property specifies whether the operating system's cache is used. |
| vault_encryption | This property specifies the whole-vault encryption mode. |
| vault_file | This property specifies the vault to create or open. |
| vault_free_space | This property reflects the actual amount of free space the vault has available. |
| vault_password | This property specifies the whole-vault encryption password. |
| vault_size | This property specifies the actual size of the vault. |
| vault_size_max | This property specifies the maximum size a vault can be. |
| vault_size_min | This property specifies the minimum size a vault can be. |
| vault_state | This property specifies information about the state of the vault. |
Method List
The following is the full list of the methods of the class with short descriptions. Click on the links for further details.
| cache_file_password | This method caches an encryption password to use the next time a file or alternate stream is accessed or removes the cached password. |
| check_and_repair | This method checks a vault's consistency and repairs it as necessary. |
| check_file_password | This method verifies whether a particular file password is correct. |
| check_vault_password | This method verifies whether a particular vault password is correct. |
| close_vault | This method closes the vault. |
| compact_vault | This method compacts the vault. |
| config | Sets or retrieves a configuration setting. |
| copy_from_vault | This method copies files and directories from the vault to a physical filesystem. |
| copy_to_vault | This method copies files and directories from a physical filesystem to the vault. |
| create_directory | This method creates a new directory in the vault. |
| create_link | This method creates a symbolic link to another file in the vault. |
| delete_file | This method deletes a vault item. |
| delete_file_tag | This method deletes a file tag. |
| file_exists | This method checks whether a vault item exists. |
| file_matches_mask | This method checks whether a particular file or directory name matches the specified mask. |
| file_tag_exists | This method checks whether a file tag exists. |
| file_time_to_nanoseconds | This method returns the subsecond part of the time expressed in nanoseconds. |
| file_time_to_unix_time | This method converts FileTime to Unix time format. |
| find_close | This method closes a search operation and releases any associated resources. |
| find_first | This method searches for the first vault item that matches the specified name and attributes. |
| find_first_by_query | This method searches for the first file or directory whose file tags match the specified query. |
| find_next | This method searches for the next vault item that matches an ongoing search operation. |
| get_file_attributes | This method retrieves the attributes of a vault item. |
| get_file_compression | This method retrieves the compression mode of a file or alternate stream. |
| get_file_creation_time | This method retrieves the creation time of a vault item. |
| get_file_encryption | This method retrieves the encryption mode of a file or alternate stream. |
| get_file_last_access_time | This method retrieves the last access time of a vault item. |
| get_file_metadata_size | This method retrieves the size of the metadata associated with a vault item. |
| get_file_modification_time | This method retrieves the modification time of a vault item. |
| get_file_size | This method retrieves the size of a file or alternate stream. |
| get_file_tag | This method retrieves the binary data held by a raw file tag attached to the specified vault item. |
| get_file_tag_as_ansi_string | This method retrieves the value of an AnsiString-typed file tag attached to the specified vault item. |
| get_file_tag_as_boolean | This method retrieves the value of a Boolean-typed file tag attached to the specified vault item. |
| get_file_tag_as_date_time | This method retrieves the value of a DateTime-typed file tag attached to the specified vault item. |
| get_file_tag_as_number | This method retrieves the value of a Number-typed file tag attached to the specified vault item. |
| get_file_tag_as_string | This method retrieves the value of a String-typed file tag attached to the specified vault item. |
| get_file_tag_data_type | This method retrieves the data type of a typed file tag attached to a specific vault item. |
| get_file_tag_size | This method retrieves the size of a raw file tag attached to the specified vault item. |
| get_search_result_attributes | This method retrieves the attributes of a vault item found during a search operation. |
| get_search_result_creation_time | This method retrieves the creation time of a vault item found during a search operation. |
| get_search_result_full_name | This method retrieves the fully qualified name of a vault item found during a search operation. |
| get_search_result_last_access_time | This method retrieves the last access time of a vault item found during a search operation. |
| get_search_result_link_destination | This method retrieves the destination of a symbolic link found during a search operation. |
| get_search_result_metadata_size | This method retrieves the size of the metadata associated with a vault item found during a search operation. |
| get_search_result_modification_time | This method retrieves the modification time of a vault item found during a search operation. |
| get_search_result_name | This method retrieves the name of a vault item found during a search operation. |
| get_search_results | This method retrieves all information about a vault item found during a search operation. |
| get_search_result_size | This method retrieves the size of a vault item found during a search operation. |
| is_directory_empty | This method checks whether a directory is empty. |
| is_valid_vault | This method checks whether a local file is a CBFS Vault vault. |
| move_file | This method renames or moves a vault item. |
| open_file | This method opens a new or existing file or alternate stream in the vault. |
| open_file_ex | This method opens a new or existing file or alternate stream in the vault. |
| open_root_data | This method opens the vault's root data stream. |
| open_vault | This method opens a new or existing vault. |
| resolve_link | This method retrieves the destination of a symbolic link. |
| set_file_attributes | This method sets the attributes of a vault item. |
| set_file_compression | This method compresses or decompresses a file or alternate stream. |
| set_file_creation_time | This method sets the creation time of a vault item. |
| set_file_encryption | This method encrypts, decrypts, or changes the encryption password of a file or alternate stream. |
| set_file_last_access_time | This method sets the last access time of a vault item. |
| set_file_modification_time | This method sets the modification time of a vault item. |
| set_file_size | This method sets the size of a file or alternate stream. |
| set_file_tag | This method attaches a raw file tag with binary data to the specified vault item. |
| set_file_tag_as_ansi_string | This method attaches an AnsiString-typed file tag to the specified vault item. |
| set_file_tag_as_boolean | This method attaches a Boolean-typed file tag to the specified vault item. |
| set_file_tag_as_date_time | This method attaches a DateTime-typed file tag to the specified vault item. |
| set_file_tag_as_number | This method attaches a Number-typed file tag to the specified vault item. |
| set_file_tag_as_string | This method attaches a String-typed file tag to the specified vault item. |
| unix_time_to_file_time | This method converts the date/time in Unix format to the Windows FileTime format. |
| update_vault_encryption | This method encrypts, decrypts, or changes the encryption password of the vault. |
| warp_hole | [TBD.]. |
Event List
The following is the full list of the events fired by the class with short descriptions. Click on the links for further details.
| on_data_compress | This event fires to compress a block of data using a custom compression algorithm. |
| on_data_decompress | This event fires to decompress a block of data using a custom compression algorithm. |
| on_data_decrypt | This event fires to decrypt a block of data using a custom encryption implementation. |
| on_data_encrypt | This event fires to encrypt a block of data using a custom encryption implementation. |
| on_error | This event fires if an unhandled error occurs during an event. |
| on_file_after_copy | This event fires after the file has been copied during file export/import operations. |
| on_file_before_copy | This event fires before the file is copied during file export/import operations. |
| on_file_password_needed | This event fires if a password is needed to open an encrypted file. |
| on_hash_calculate | This event fires to calculate a password hash using a custom hashing implementation. |
| on_key_derive | This event fires to derive an encryption key using a custom key derivation implementation. |
| on_progress | This event fires to indicate the progress of long-running vault operations. |
| on_vault_close | This event fires to close a callback mode vault. |
| on_vault_delete | This event fires to delete a callback mode vault. |
| on_vault_flush | This event fires to flush a callback mode vault's data out to storage. |
| on_vault_get_parent_size | This event fires to determine how much free space is available for growing a callback mode vault. |
| on_vault_get_size | This event fires to determine the size of a callback mode vault. |
| on_vault_open | This event fires to open a new or existing callback mode vault. |
| on_vault_read | This event fires to read data from a callback mode vault. |
| on_vault_set_size | This event fires to resize a callback mode vault. |
| on_vault_write | This event fires to write data to a callback mode vault. |
Config Settings
The following is a list of config settings for the class with short descriptions. Click on the links for further details.
| AllowMoveStreamsBetweenFiles | Whether alternate streams may be moved from one file to another. |
| AutoCompactDelay | How long a vault must remain idle before starting automatic compaction. |
| DefaultFileCompressionLevel | The default compression level to use when creating files and alternate streams. |
| MaxNonPagedNameLength | The maximum number of name characters to store directly within a vault item. |
| PageCacheSize | The size of the in-memory vault page cache. |
| PartSize | The part size used by a multipart vault. |
active Property
This property reflects whether a vault has been opened.
Syntax
def get_active() -> bool: ...
active = property(get_active, None)
Default Value
FALSE
Remarks
This property reflects whether the class has opened a vault; it will be True once the open_vault method has been called successfully.
This property is read-only.
auto_compact_at Property
This property specifies the free space percentage threshold a vault must reach to be eligible for automatic compaction.
Syntax
def get_auto_compact_at() -> int: ... def set_auto_compact_at(value: int) -> None: ...
auto_compact_at = property(get_auto_compact_at, set_auto_compact_at)
Default Value
25
Remarks
This property specifies the percentage of free space a vault must have, at minimum, for it to be eligible for automatic vault compaction. An eligible vault may be compacted automatically in the background at any time. Please refer to the compact_vault method for more information about the compacting process.
To guard against excessive automatic compaction operations, applications can set the AutoCompactDelay configuration setting to a nonzero value. Alternatively, this property can be set to 0 to disable automatic compaction completely.
A vault opened in read_only mode will never be compacted, regardless of this property's value.
Note: This property cannot be changed within events.
callback_mode Property
This property specifies whether the class should operate in callback mode.
Syntax
def get_callback_mode() -> bool: ... def set_callback_mode(value: bool) -> None: ...
callback_mode = property(get_callback_mode, set_callback_mode)
Default Value
FALSE
Remarks
This property specifies whether the class should operate in callback mode, causing all vault access to be performed through the following events. Please refer to the Callback Mode topic for more information.
When this property is enabled, the following events must all be implemented for the class to function correctly:
- on_vault_close
- on_vault_delete
- on_vault_flush
- on_vault_get_parent_size
- on_vault_get_size
- on_vault_open
- on_vault_read
- on_vault_set_size
- on_vault_write
Note: This property cannot be changed when active is True, and it cannot be changed within events.
case_sensitive Property
This property specifies whether the class should open a vault in case-sensitive mode.
Syntax
def get_case_sensitive() -> bool: ... def set_case_sensitive(value: bool) -> None: ...
case_sensitive = property(get_case_sensitive, set_case_sensitive)
Default Value
FALSE
Remarks
This property specifies whether the class should open a vault in case-sensitive mode. Enabling this property causes all file, directory, symbolic link, alternate stream, and file tag names to be treated as case sensitive.
Note: This property cannot be changed when active is True, and it cannot be changed within events.
default_file_access_password Property
This property specifies the default encryption password to use when opening files and alternate streams.
Syntax
def get_default_file_access_password() -> str: ... def set_default_file_access_password(value: str) -> None: ...
default_file_access_password = property(get_default_file_access_password, set_default_file_access_password)
Default Value
""
Remarks
This property specifies the default encryption password that the class should use when opening files and alternate streams.
Please refer to the Encryption topic for more information.
As an alternative to using this property, applications may call the cache_file_password method (before a file is opened) to specify a one-time-use password or may specify file encryption passwords dynamically using the on_file_password_needed event.
default_file_compression Property
This property specifies the default compression mode to use when creating files and alternate streams.
Syntax
def get_default_file_compression() -> int: ... def set_default_file_compression(value: int) -> None: ...
default_file_compression = property(get_default_file_compression, set_default_file_compression)
Default Value
0
Remarks
This property specifies the default compression mode that the class should use when creating files and alternate streams. Valid values are as follows:
| VAULT_CM_NONE | 0 | Do not use compression. |
| VAULT_CM_DEFAULT | 1 | Use default compression (zlib). |
| VAULT_CM_CUSTOM | 2 | Use event-based custom compression.
This compression level is not used. |
| VAULT_CM_ZLIB | 3 | Use zlib compression.
Valid compression levels are 1-9. |
| VAULT_CM_RLE | 4 | Use RLE compression.
This compression level is not used. |
Applications that use custom compression must implement the on_data_compress and on_data_decompress events. Please refer to the Compression topic for more information.
Applications can also specify a default compression level using the DefaultFileCompressionLevel configuration setting, if desired.
default_file_create_password Property
This property specifies the default encryption password to use when creating new files and alternate streams.
Syntax
def get_default_file_create_password() -> str: ... def set_default_file_create_password(value: str) -> None: ...
default_file_create_password = property(get_default_file_create_password, set_default_file_create_password)
Default Value
""
Remarks
This property specifies the default encryption password that the class should use when creating new files and alternate streams.
Please refer to the Encryption topic for more information.
default_file_encryption Property
This property specifies the default encryption mode to use when creating files and alternate streams.
Syntax
def get_default_file_encryption() -> int: ... def set_default_file_encryption(value: int) -> None: ...
default_file_encryption = property(get_default_file_encryption, set_default_file_encryption)
Default Value
0
Remarks
This property specifies the default encryption mode that the class should use when creating files and alternate streams. Valid values are as follows:
| VAULT_EM_NONE | 0x0 | Do not use encryption. |
| VAULT_EM_DEFAULT | 0x1 | Use default encryption (VAULT_EM_XTS_AES256_PBKDF2_HMAC_SHA256). |
| VAULT_EM_XTS_AES256_PBKDF2_HMAC_SHA256 | 0x2 | Use AES256 encryption with PBKDF2 key derivation based on a HMAC_SHA256 key hash. |
| VAULT_EM_CUSTOM256_PBKDF2_HMAC_SHA256 | 0x3 | Use event-based custom 256-bit encryption with PBKDF2 key derivation based on a HMAC_SHA256 key hash.
A 256-bit (32-byte) block size is used with this encryption mode. |
| VAULT_EM_CUSTOM512_PBKDF2_HMAC_SHA256 | 0x4 | Use event-based custom 512-bit encryption with PBKDF2 key derivation based on a HMAC_SHA256 key hash.
A 512-bit (64-byte) block size is used with this encryption mode. |
| VAULT_EM_CUSTOM1024_PBKDF2_HMAC_SHA256 | 0x5 | Use event-based custom 1024-bit encryption with PBKDF2 key derivation based on a HMAC_SHA256 key hash.
A 1024-bit (128-byte) block size is used with this encryption mode. |
| VAULT_EM_CUSTOM256_CUSTOM_KEY_DERIVE | 0x23 | Use event-based custom 256-bit encryption with custom key derivation.
A 256-bit (32-byte) block size is used with this encryption mode. |
| VAULT_EM_CUSTOM512_CUSTOM_KEY_DERIVE | 0x24 | Use event-based custom 512-bit encryption with custom key derivation.
A 512-bit (64-byte) block size is used with this encryption mode. |
| VAULT_EM_CUSTOM1024_CUSTOM_KEY_DERIVE | 0x25 | Use event-based custom 1024-bit encryption with custom key derivation.
A 1024-bit (128-byte) block size is used with this encryption mode. |
| VAULT_EM_CUSTOM256_DIRECT_KEY | 0x43 | Use event-based custom 256-bit encryption with no key derivation.
A 256-bit (32-byte) block size is used with this encryption mode. This mode is useful for cases in which the password is an identifier for an external key and should not be used for key derivation. |
| VAULT_EM_CUSTOM512_DIRECT_KEY | 0x44 | Use event-based custom 512-bit encryption with no key derivation.
A 512-bit (64-byte) block size is used with this encryption mode. This mode is useful for cases in which the password is an identifier for an external key and should not be used for key derivation. |
| VAULT_EM_CUSTOM1024_DIRECT_KEY | 0x45 | Use event-based custom 1024-bit encryption with no key derivation.
A 1024-bit (128-byte) block size is used with this encryption mode. This mode is useful for cases in which the password is an identifier for an external key and should not be used for key derivation. |
| VAULT_EM_UNKNOWN | 0xFF | Unidentified or unknown encryption. |
Applications that use custom encryption must implement at least the on_data_encrypt and on_data_decrypt events. Certain custom encryption modes may require that the on_hash_calculate or on_key_derive event be implemented as well. Please refer to the Encryption topic for more information.
Applications that set this property to a value other than VAULT_EM_NONE (the default) should also specify a default encryption password using the default_file_create_password property.
is_corrupted Property
This property specifies whether the vault is corrupted.
Syntax
def get_is_corrupted() -> bool: ...
is_corrupted = property(get_is_corrupted, None)
Default Value
FALSE
Remarks
This property reflects whether the currently open vault is corrupted, as indicated by the presence of the VAULT_ST_CORRUPTED flag in the vault_state property.
The VAULT_ST_CORRUPTED flag is set automatically anytime the class detects that a vault's integrity has been compromised. Calling the check_and_repair method for a corrupted vault will clear the flag.
This property is read-only.
last_write_time Property
This property specifies the last modification time of the vault.
Syntax
def get_last_write_time() -> datetime.datetime: ...
last_write_time = property(get_last_write_time, None)
Default Value
0
Remarks
This property reflects the vault's last modification time, specified in UTC.
This property is read-only.
logo Property
This property specifies an application-defined text-based logo stored in the second page of a vault.
Syntax
def get_logo() -> str: ... def set_logo(value: str) -> None: ...
logo = property(get_logo, set_logo)
Default Value
"CBFS Vault"
Remarks
This property is used to control a vault's logo, which is a UTF-16LE string stored in the second page of a vault. A vault's logo is visible to anyone who inspects its raw data and thus can be used to provide information about the vault itself.
Vault logos can be up to 127 characters long (not including the null terminator).
Note: This property cannot be changed within events.
page_size Property
This property specifies the vault's page size.
Syntax
def get_page_size() -> int: ... def set_page_size(value: int) -> None: ...
page_size = property(get_page_size, set_page_size)
Default Value
4096
Remarks
This property controls the page size used when creating new vaults and reflects the page size of the currently open vault. Valid values are 256 through 65536 bytes (inclusive).
A vault's page size is permanent, it cannot be changed after the vault is created. Please refer to the Vaults topic for more information.
Note: This property cannot be changed when active is True, and it cannot be changed within events.
path_separator Property
This property specifies the path separator character to use when returning vault paths.
Syntax
def get_path_separator() -> int: ... def set_path_separator(value: int) -> None: ...
path_separator = property(get_path_separator, set_path_separator)
Default Value
92
Remarks
This property specifies the path separator character that the class APIs should use when returning a vault path. Valid values are as follows:
| VAULT_PSC_BACKSLASH | 92 | Backslash ('\').
This character is the Windows path separator. |
| VAULT_PSC_SLASH | 47 | Forward slash ('/').
This character is the Unix-style path separator. |
Note: This property is just a convenience; applications are free to use either of the above characters as path separators when passing path strings to the class's APIs.
Note: This property cannot be changed when active is True, and it cannot be changed within events.
possible_free_space Property
This property specifies the maximum amount of free space the vault could possibly have available.
Syntax
def get_possible_free_space() -> int: ...
possible_free_space = property(get_possible_free_space, None)
Default Value
0
Remarks
This property reflects the maximum amount of free space, in bytes, that the vault could possibly have available. That is, it is the amount of free space that would be available if the vault automatically grew to its maximum possible_size right now, without any additional data being written to it. Therefore:
- If vault_size_max is 0 (unlimited): this property is equivalent to vault_free_space + parent_free_space.
- If vault_size_max is not 0: this property is equivalent to vault_free_space + min(parent_free_space, (vault_size_max - vault_size)).
In both cases, parent_free_space is the amount of free space available for the vault to use for automatic growth. For a file-based vault, this is the total amount of free space on the disk where the vault's storage file (i.e., vault_file) resides, as reported by the OS. For a Callback Mode vault, this is whatever value the application provides through the on_vault_get_parent_size event.
Please refer to the Vault Size topic for more information.
This property is read-only.
possible_size Property
This property specifies the maximum size the vault could possibly be.
Syntax
def get_possible_size() -> int: ...
possible_size = property(get_possible_size, None)
Default Value
0
Remarks
This property reflects the maximum size, in bytes, that the vault could possibly be. That is, it is the size that the vault would be if it automatically grew as much as possible right now, without any additional data being written to it. Therefore:
- If vault_size_max is 0 (unlimited): this property is equivalent to vault_free_space + parent_free_space.
- If vault_size_max is not 0: this property matches vault_size_max.
In the former case, parent_free_space is the amount of free space available for the vault to use for automatic growth. For a file-based vault, this is the total amount of free space on the disk where the vault's storage file (i.e., vault_file) resides, as reported by the OS. For a Callback Mode vault, this is whatever value the application provides through the on_vault_get_parent_size event.
Please refer to the vault_size topic for more information.
This property is read-only.
read_only Property
This property specifies whether the class should open a vault in read-only mode.
Syntax
def get_read_only() -> bool: ... def set_read_only(value: bool) -> None: ...
read_only = property(get_read_only, set_read_only)
Default Value
FALSE
Remarks
This property specifies whether the class should open a vault in read-only mode. When a vault is opened in read-only mode, the following restrictions apply:
- No new vault items (e.g., files, directories, symbolic links, and alternate streams) may be created.
- No existing vault items may be modified, renamed, moved, or deleted. This includes updating access times.
- The vault cannot be resized or compacted (automatically or explicitly).
- Vault corruption cannot be repaired using check_and_repair.
Note: This list may not necessarily be exhaustive.
Note: This property cannot be changed when active is True, and it cannot be changed within events.
tag Property
This property stores application-defined data specific to a particular instance of the class.
Syntax
def get_tag() -> int: ... def set_tag(value: int) -> None: ...
tag = property(get_tag, set_tag)
Default Value
0
Remarks
This property can be used to store data specific to a particular instance of the class.
use_access_time Property
This property specifies whether the class should keep track of last access times for vault items.
Syntax
def get_use_access_time() -> bool: ... def set_use_access_time(value: bool) -> None: ...
use_access_time = property(get_use_access_time, set_use_access_time)
Default Value
FALSE
Remarks
This property specifies whether the class should update the last access time for vault items (e.g., files, directories, symbolic links, and alternate streams) every time they are accessed.
Note: Keeping track of access times will slow down operations.
Note: This property cannot be changed when active is True, and it cannot be changed within events.
use_system_cache Property
This property specifies whether the operating system's cache is used.
Syntax
def get_use_system_cache() -> bool: ... def set_use_system_cache(value: bool) -> None: ...
use_system_cache = property(get_use_system_cache, set_use_system_cache)
Default Value
TRUE
Remarks
This property specifies whether the operating system's cache should be used. Use of the OS cache affects the speed of various vault operations; however, the exact effects depend on the type of operation as well as the data sizes involved.
Disabling this property will cause a vault's storage file (specified by the vault_file property) to be opened with FILE_FLAG_NO_BUFFERING (on Windows) or F_NOCACHE (on Linux/macOS).
Note: This property cannot be changed when active is True, and it cannot be changed within events.
vault_encryption Property
This property specifies the whole-vault encryption mode.
Syntax
def get_vault_encryption() -> int: ... def set_vault_encryption(value: int) -> None: ...
vault_encryption = property(get_vault_encryption, set_vault_encryption)
Default Value
0
Remarks
This property controls the whole-vault encryption mode used when creating new vaults and reflects the whole-vault encryption mode of the currently open vault. Valid values are as follows:
| VAULT_EM_NONE | 0x0 | Do not use encryption. |
| VAULT_EM_DEFAULT | 0x1 | Use default encryption (VAULT_EM_XTS_AES256_PBKDF2_HMAC_SHA256). |
| VAULT_EM_XTS_AES256_PBKDF2_HMAC_SHA256 | 0x2 | Use AES256 encryption with PBKDF2 key derivation based on a HMAC_SHA256 key hash. |
| VAULT_EM_CUSTOM256_PBKDF2_HMAC_SHA256 | 0x3 | Use event-based custom 256-bit encryption with PBKDF2 key derivation based on a HMAC_SHA256 key hash.
A 256-bit (32-byte) block size is used with this encryption mode. |
| VAULT_EM_CUSTOM512_PBKDF2_HMAC_SHA256 | 0x4 | Use event-based custom 512-bit encryption with PBKDF2 key derivation based on a HMAC_SHA256 key hash.
A 512-bit (64-byte) block size is used with this encryption mode. |
| VAULT_EM_CUSTOM1024_PBKDF2_HMAC_SHA256 | 0x5 | Use event-based custom 1024-bit encryption with PBKDF2 key derivation based on a HMAC_SHA256 key hash.
A 1024-bit (128-byte) block size is used with this encryption mode. |
| VAULT_EM_CUSTOM256_CUSTOM_KEY_DERIVE | 0x23 | Use event-based custom 256-bit encryption with custom key derivation.
A 256-bit (32-byte) block size is used with this encryption mode. |
| VAULT_EM_CUSTOM512_CUSTOM_KEY_DERIVE | 0x24 | Use event-based custom 512-bit encryption with custom key derivation.
A 512-bit (64-byte) block size is used with this encryption mode. |
| VAULT_EM_CUSTOM1024_CUSTOM_KEY_DERIVE | 0x25 | Use event-based custom 1024-bit encryption with custom key derivation.
A 1024-bit (128-byte) block size is used with this encryption mode. |
| VAULT_EM_CUSTOM256_DIRECT_KEY | 0x43 | Use event-based custom 256-bit encryption with no key derivation.
A 256-bit (32-byte) block size is used with this encryption mode. This mode is useful for cases in which the password is an identifier for an external key and should not be used for key derivation. |
| VAULT_EM_CUSTOM512_DIRECT_KEY | 0x44 | Use event-based custom 512-bit encryption with no key derivation.
A 512-bit (64-byte) block size is used with this encryption mode. This mode is useful for cases in which the password is an identifier for an external key and should not be used for key derivation. |
| VAULT_EM_CUSTOM1024_DIRECT_KEY | 0x45 | Use event-based custom 1024-bit encryption with no key derivation.
A 1024-bit (128-byte) block size is used with this encryption mode. This mode is useful for cases in which the password is an identifier for an external key and should not be used for key derivation. |
| VAULT_EM_UNKNOWN | 0xFF | Unidentified or unknown encryption. |
Applications that use custom encryption must implement at least the on_data_encrypt and on_data_decrypt events. Certain custom encryption modes may require that the on_hash_calculate or on_key_derive event be implemented as well. Please refer to the Encryption topic for more information.
To create a new vault with whole-vault encryption enabled, the vault_password property must be set as well.
When an existing vault is opened, the class updates vault_encryption automatically based on the detected whole-vault encryption mode. If the vault is encrypted, the class will attempt to access it using the password specified by vault_password. If vault_password is incorrect, the attempt will fail and the vault will not be opened.
The vault_encryption and vault_password properties cannot be used to change an open vault's whole-vault encryption mode or password; use the update_vault_encryption method.
Please refer to the Encryption topic for more information.
Note: This property cannot be changed when active is True, and it cannot be changed within events.
vault_file Property
This property specifies the vault to create or open.
Syntax
def get_vault_file() -> str: ... def set_vault_file(value: str) -> None: ...
vault_file = property(get_vault_file, set_vault_file)
Default Value
""
Remarks
This property specifies the vault to create or open when the open_vault method is called.
When the callback_mode property is disabled (default), this property specifies the vault storage file to create or open. It must be set to a fully qualified file path formatted according to OS conventions.
When the callback_mode property is enabled, this property is only used to populate the Vault parameter of the on_vault_open, on_vault_get_parent_size, and on_vault_delete events; and can be set to any application-defined value. Please refer to the Callback Mode topic for more information.
Note: This property cannot be changed when active is True, and it cannot be changed within events.
vault_free_space Property
This property reflects the actual amount of free space the vault has available.
Syntax
def get_vault_free_space() -> int: ...
vault_free_space = property(get_vault_free_space, None)
Default Value
0
Remarks
This property reflects the actual amount of free space, in bytes, that the vault currently has available. A vault's actual free space is based on its actual size, which is reflected by the vault_size property.
Applications can also determine the maximum amount of free space the vault could possibly have by querying the possible_free_space property; please refer to its documentation, as well as the Vault Size topic, for more information.
This property is read-only.
vault_password Property
This property specifies the whole-vault encryption password.
Syntax
def get_vault_password() -> str: ... def set_vault_password(value: str) -> None: ...
vault_password = property(get_vault_password, set_vault_password)
Default Value
""
Remarks
This property specifies the whole-vault encryption password to use when creating new vaults and opening existing vaults.
To create a new vault with whole-vault encryption enabled, the vault_encryption property must be set as well.
When an existing vault is opened, the class updates vault_encryption automatically based on the detected whole-vault encryption mode. If the vault is encrypted, the class will attempt to access it using the password specified by vault_password. If vault_password is incorrect, the attempt will fail and the vault will not be opened.
The vault_encryption and vault_password properties cannot be used to change an open vault's whole-vault encryption mode or password; use the update_vault_encryption method.
Please refer to the Encryption topic for more information.
Note: This property cannot be changed when active is True, and it cannot be changed within events.
vault_size Property
This property specifies the actual size of the vault.
Syntax
def get_vault_size() -> int: ... def set_vault_size(value: int) -> None: ...
vault_size = property(get_vault_size, set_vault_size)
Default Value
0
Remarks
This property specifies the actual size of the vault, in bytes.
Applications may use this property to explicitly resize a vault, keeping in mind the following:
- A vault cannot shrink more than its available free space allows (i.e., not by more than vault_free_space bytes).
- A vault cannot shrink beyond vault_size_min bytes.
- If vault_size_max is not 0 (unlimited), a vault cannot grow beyond vault_size_max bytes.
- If a vault grows enough to reach or exceed its auto_compact_at threshold, it will automatically shrink again when the next automatic compaction occurs.
Applications can determine the maximum size a vault could possibly be by querying the possible_size property. Please refer to the Vault Size topic for more information.
Note: This property can be changed only when active is True, and it cannot be changed within events.
vault_size_max Property
This property specifies the maximum size a vault can be.
Syntax
def get_vault_size_max() -> int: ... def set_vault_size_max(value: int) -> None: ...
vault_size_max = property(get_vault_size_max, set_vault_size_max)
Default Value
0
Remarks
This property specifies the maximum size, in bytes, that a vault can be. This property must be set to 0 (unlimited), or a number greater than or equal to 8 * page_size or vault_size_min (whichever is greater).
The limit imposed by this property, if any, applies to both explicit growth of a vault via the vault_size property, and implicit growth of a vault due to storage load. Please refer to the Vault Size topic for more information.
Note: This property cannot be changed within events.
vault_size_min Property
This property specifies the minimum size a vault can be.
Syntax
def get_vault_size_min() -> int: ... def set_vault_size_min(value: int) -> None: ...
vault_size_min = property(get_vault_size_min, set_vault_size_min)
Default Value
0
Remarks
This property specifies the minimum size, in bytes, that a vault can be. This property's value must be less than or equal to vault_size_max, unless vault_size_max is set to 0 (unlimited).
The limit imposed by this property applies to both explicit shrinking of a vault via the vault_size property or the compact_vault method, and implicit shrinking of a vault via automatic compaction. Please refer to the Vault Size topic for more information.
Note: This property cannot be changed within events.
vault_state Property
This property specifies information about the state of the vault.
Syntax
def get_vault_state() -> int: ...
vault_state = property(get_vault_state, None)
Default Value
0
Remarks
This property reflects the current state of the vault; its value consists of one or more of the following flags, ORed together:
| VAULT_ST_FIXED_SIZE | 0x00000001 | The vault is a fixed size. |
| VAULT_ST_READ_ONLY | 0x00000002 | The vault was opened in read-only mode.
Please refer to the read_only property for more information. |
| VAULT_ST_CORRUPTED | 0x00000004 | The vault is corrupted.
Applications can use the check_and_repair method to try to repair vault corruption. Please refer to the Vault Corruption topic for more information. |
| VAULT_ST_TRANSACTIONS_USED | 0x00000008 | The vault was opened in journaling mode.
Please refer to the use_journaling property for more information. |
| VAULT_ST_ACCESS_TIME_USED | 0x00000010 | Last access times are being tracked.
Please refer to the use_access_time property for more information. |
| VAULT_ST_ENCRYPTED | 0x00000020 | The vault is encrypted with whole-vault encryption.
Please refer to the Encryption topic for more information. |
| VAULT_ST_VALID_PASSWORD_SET | 0x00000040 | The correct whole-vault encryption password has been provided.
Please refer to the Encryption topic for more information. |
| VAULT_ST_PHYSICAL_VOLUME | 0x00000080 | The vault is backed by a storage volume or partition formatted with the CBFS Vault filesystem.
This flag is not used. |
| VAULT_ST_PARTED | 0x00000100 | The vault's contents are split across multiple files on disk.
Please refer to the Multipart Vaults topic for more information. |
This property is read-only.
cache_file_password Method
This method caches an encryption password to use the next time a file or alternate stream is accessed or removes the cached password.
Syntax
def cache_file_password(file_name: str, password: str, ttl_in_cache: int, remove_from_cache: bool) -> None: ...
Remarks
This method temporarily caches an encryption password so that it can be used the next time the file or alternate stream specified by FileName is accessed.
The value passed for FileName must be a vault-local absolute path.
The Password parameter specifies the password to cache. It must match the one last used to encrypt the specified file or the alternate stream; otherwise, this method raises an exception.
The specified password is automatically removed from the cache as soon as one of the following things occur:
- The password is used to access the file or alternate stream and the value of the TTLInCache parameter is 0.
- The password for the file or alternate stream is changed.
- The vault is closed.
- The timeout expires.
To remove the previously cached password from the cache, set the RemoveFromCache parameter to True. When it is set so, the value of the Password parameter is ignored.
The TTLInCache parameter specifies time to seconds that the class keeps the password in the internal cache to reduce the number of requests for a password. The value of 0 tells the class to discard the password after the first use.
As an alternative to using this method, applications can provide a default file encryption password using the default_file_access_password property or provide such passwords dynamically using the on_file_password_needed event.
Note: This method can be called only when active is True.
check_and_repair Method
This method checks a vault's consistency and repairs it as necessary.
Syntax
def check_and_repair(flags: int) -> None: ...
Remarks
This method checks the consistency of a vault and attempts to repair it as necessary.
Applications should call this method if a vault has become corrupted (i.e., if the is_corrupted property is True, or if a vault operation fails with a "Vault Corrupted" error). Be sure to make a vault backup before calling this method, because its repair efforts may cause data loss in cases of severe corruption. Please refer to the Vault Corruption topic for more information.
The Flags parameter is used to specify additional options, and it should be set by ORing together zero or more of the following flags:
| VAULT_CR_CHECK_ONLY | 0x00000001 | Check only, do not attempt any repairs. |
| VAULT_CR_CHECK_ALL_PAGES | 0x00000002 | Check all vault pages, including empty ones.
When this flag is not present, only the vault pages that are marked as occupied are checked. |
Note: This method cannot be called when active is True, and it cannot be called within events.
check_file_password Method
This method verifies whether a particular file password is correct.
Syntax
def check_file_password(file_name: str, password: str) -> bool: ...
Remarks
This method verifies whether the specified Password matches the one used to encrypt the file or alternate stream specified by FileName. If the password is correct, this method returns True; otherwise, it returns False.
The value passed for FileName must be a vault-local absolute path.
Please refer to the Encryption topic for more information.
Note: This method can be called only when active is True.
check_vault_password Method
This method verifies whether a particular vault password is correct.
Syntax
def check_vault_password(password: str) -> bool: ...
Remarks
This method verifies whether the specified Password matches the one used to encrypt the vault. If the password is correct, this method returns True; otherwise, it returns False.
Please refer to the Encryption topic for more information.
Note: This method can be called only when active is True.
close_vault Method
This method closes the vault.
Syntax
def close_vault() -> None: ...
Remarks
This method closes the currently open vault.
Note: This method can be called only when active is True.
compact_vault Method
This method compacts the vault.
Syntax
def compact_vault() -> bool: ...
Remarks
This method triggers vault compaction, which is a process that shrinks a vault's overall size by truncating its free space. If the compacting operation completes successfully, this method returns True; otherwise, it returns False.
Compaction involves physically moving a vault's occupied pages to the beginning of the vault, and then truncating the unoccupied pages from the end of the vault. The runtime of a compacting operation depends on a number of factors, and it is possible for it to be interrupted by other vault operations.
Compaction occurs automatically when the vault's free space percentage exceeds the threshold specified by the auto_compact_at property. Applications can also use the AutoCompactDelay configuration setting to add a delay to the automatic compaction trigger.
Note: A vault opened in read_only mode cannot be compacted, either automatically or explicitly.
Note: This method can be called only when active is True, and it cannot be called within events.
config Method
Sets or retrieves a configuration setting.
Syntax
def config(configuration_string: str) -> str: ...
Remarks
config is a generic method available in every class. It is used to set and retrieve configuration settings for the class.
These settings are similar in functionality to properties, but they are rarely used. In order to avoid "polluting" the property namespace of the class, access to these internal properties is provided through the config method.
To set a configuration setting named PROPERTY, you must call Config("PROPERTY=VALUE"), where VALUE is the value of the setting expressed as a string. For boolean values, use the strings "True", "False", "0", "1", "Yes", or "No" (case does not matter).
To read (query) the value of a configuration setting, you must call Config("PROPERTY"). The value will be returned as a string.
copy_from_vault Method
This method copies files and directories from the vault to a physical filesystem.
Syntax
def copy_from_vault(vault_path: str, system_path: str, mask: str, flags: int, password: str) -> None: ...
Remarks
This method copies the files and directories at the specified VaultPath to a physical filesystem location, specified by SystemPath. Only the files and directories whose names match the specified Mask are copied.
The values passed for VaultPath and SystemPath must be vault-local and system-local absolute paths, respectively. The value passed for Mask may contain wildcard characters.
The Flags parameter is used to control recursion and overwrite behavior. It should be set by ORing together zero or more of the following flags:
| VAULT_CFF_OVERWRITE_NONE | 0x00000000 | Never overwrite destination files. |
| VAULT_CFF_OVERWRITE_IF_NEWER | 0x00000001 | Overwrite a destination file only if the source file is newer. |
| VAULT_CFF_OVERWRITE_ALL | 0x00000002 | Always overwrite destination files. |
| VAULT_CFF_INCLUDE_SUBDIRS_WITH_CONTENTS | 0x00010000 | Include all subdirectories in source directory, and their contents, recursively. |
| VAULT_CFF_INCLUDE_SUBDIRS_NO_CONTENTS | 0x00020000 | Include all subdirectories in the source directory, without their contents. |
| VAULT_CFF_FIRE_COPY_EVENTS | 0x40000000 | Fire events related to file copying.
When the flag is set, the class fires the on_file_before_copy and on_file_after_copy events. |
The Password parameter specifies the password to use to access files' data, if they are encrypted.
Note: This method can be called only when active is True, and it cannot be called within events.
copy_to_vault Method
This method copies files and directories from a physical filesystem to the vault.
Syntax
def copy_to_vault(system_path: str, vault_path: str, mask: str, flags: int, encryption: int, password: str, compression: int, compression_level: int, pages_per_block: int) -> None: ...
Remarks
This method copies the files and directories from a physical filesystem location, specified by SystemPath, to the specified VaultPath. Only the files and directories whose names match the specified Mask are copied.
The values passed for SystemPath and VaultPath must be system-local and vault-local absolute paths, respectively. The value passed for Mask may contain wildcard characters.
The Flags parameter is used to control recursion and overwrite behavior. It should be set by ORing together zero or more of the following flags:
| VAULT_CFF_OVERWRITE_NONE | 0x00000000 | Never overwrite destination files. |
| VAULT_CFF_OVERWRITE_IF_NEWER | 0x00000001 | Overwrite a destination file only if the source file is newer. |
| VAULT_CFF_OVERWRITE_ALL | 0x00000002 | Always overwrite destination files. |
| VAULT_CFF_INCLUDE_SUBDIRS_WITH_CONTENTS | 0x00010000 | Include all subdirectories in source directory, and their contents, recursively. |
| VAULT_CFF_INCLUDE_SUBDIRS_NO_CONTENTS | 0x00020000 | Include all subdirectories in the source directory, without their contents. |
| VAULT_CFF_FIRE_COPY_EVENTS | 0x40000000 | Fire events related to file copying.
When the flag is set, the class fires the on_file_before_copy and on_file_after_copy events. |
The Encryption parameter specifies Encryption behavior for files created (or overwritten) during the copy operation. Valid values are as follows:
| VAULT_EM_NONE | 0x0 | Do not use encryption. |
| VAULT_EM_DEFAULT | 0x1 | Use default encryption (VAULT_EM_XTS_AES256_PBKDF2_HMAC_SHA256). |
| VAULT_EM_XTS_AES256_PBKDF2_HMAC_SHA256 | 0x2 | Use AES256 encryption with PBKDF2 key derivation based on a HMAC_SHA256 key hash. |
| VAULT_EM_CUSTOM256_PBKDF2_HMAC_SHA256 | 0x3 | Use event-based custom 256-bit encryption with PBKDF2 key derivation based on a HMAC_SHA256 key hash.
A 256-bit (32-byte) block size is used with this encryption mode. |
| VAULT_EM_CUSTOM512_PBKDF2_HMAC_SHA256 | 0x4 | Use event-based custom 512-bit encryption with PBKDF2 key derivation based on a HMAC_SHA256 key hash.
A 512-bit (64-byte) block size is used with this encryption mode. |
| VAULT_EM_CUSTOM1024_PBKDF2_HMAC_SHA256 | 0x5 | Use event-based custom 1024-bit encryption with PBKDF2 key derivation based on a HMAC_SHA256 key hash.
A 1024-bit (128-byte) block size is used with this encryption mode. |
| VAULT_EM_CUSTOM256_CUSTOM_KEY_DERIVE | 0x23 | Use event-based custom 256-bit encryption with custom key derivation.
A 256-bit (32-byte) block size is used with this encryption mode. |
| VAULT_EM_CUSTOM512_CUSTOM_KEY_DERIVE | 0x24 | Use event-based custom 512-bit encryption with custom key derivation.
A 512-bit (64-byte) block size is used with this encryption mode. |
| VAULT_EM_CUSTOM1024_CUSTOM_KEY_DERIVE | 0x25 | Use event-based custom 1024-bit encryption with custom key derivation.
A 1024-bit (128-byte) block size is used with this encryption mode. |
| VAULT_EM_CUSTOM256_DIRECT_KEY | 0x43 | Use event-based custom 256-bit encryption with no key derivation.
A 256-bit (32-byte) block size is used with this encryption mode. This mode is useful for cases in which the password is an identifier for an external key and should not be used for key derivation. |
| VAULT_EM_CUSTOM512_DIRECT_KEY | 0x44 | Use event-based custom 512-bit encryption with no key derivation.
A 512-bit (64-byte) block size is used with this encryption mode. This mode is useful for cases in which the password is an identifier for an external key and should not be used for key derivation. |
| VAULT_EM_CUSTOM1024_DIRECT_KEY | 0x45 | Use event-based custom 1024-bit encryption with no key derivation.
A 1024-bit (128-byte) block size is used with this encryption mode. This mode is useful for cases in which the password is an identifier for an external key and should not be used for key derivation. |
| VAULT_EM_UNKNOWN | 0xFF | Unidentified or unknown encryption. |
Applications that use custom encryption must implement at least the on_data_encrypt and on_data_decrypt events. Certain custom encryption modes may require that the on_hash_calculate or on_key_derive event be implemented as well. Please refer to the Encryption topic for more information.
The Password parameter specifies the password to use for encryption, if applicable.
The Compression parameter specifies the Compression behavior for files created (or overwritten) during the copy operation. Valid values are:
| VAULT_CM_NONE | 0 | Do not use compression. |
| VAULT_CM_DEFAULT | 1 | Use default compression (zlib). |
| VAULT_CM_CUSTOM | 2 | Use event-based custom compression.
This compression level is not used. |
| VAULT_CM_ZLIB | 3 | Use zlib compression.
Valid compression levels are 1-9. |
| VAULT_CM_RLE | 4 | Use RLE compression.
This compression level is not used. |
Applications that use custom compression must implement the on_data_compress and on_data_decompress events. Please refer to the Compression topic for more information.
The CompressionLevel parameter specifies the compression level to use, if applicable.
The PagesPerBlock parameter specifies how many pages should be compressed as a single block, if applicable. Valid values are powers of 2 up to and including 128 (i.e., 2, 4, 8, 16, 32, 64, or 128), or 0, which is interpreted as "default" (currently 16 for both zlib and run-length encoding [RLE]). Larger values allow for more efficient compression; however, because a block must be decompressed (and, for writes, recompressed) anytime its data are accessed, larger values can also cause excessive slowdown, especially for random access.
Note: This method can be called only when active is True, and it cannot be called within events.
create_directory Method
This method creates a new directory in the vault.
Syntax
def create_directory(directory: str, create_parents: bool) -> None: ...
Remarks
This method creates a new directory in the vault at the path specified by Directory.
The value passed for Directory must be a vault-local absolute path.
The CreateParents parameter specifies whether nonexistent parent directories in the specified path should be created as well. If this parameter is False, and one or more parent directories are missing, this method raises an exception.
Note: This method can be called only when active is True, and it cannot be called within events.
create_link Method
This method creates a symbolic link to another file in the vault.
Syntax
def create_link(link_name: str, destination_name: str) -> None: ...
Remarks
This method creates a new symbolic link named LinkName that points to the file specified by DestinationName.
The value passed for LinkName must be a vault-local absolute path. The value passed for DestinationName must also be a vault-local path, but it may be absolute or relative to LinkName.
Note: This method can be called only when active is True, and it cannot be called within events.
delete_file Method
This method deletes a vault item.
Syntax
def delete_file(file_name: str) -> None: ...
Remarks
This method deletes the vault item (file, directory, symbolic link, or alternate stream) specified by FileName from the vault.
The value passed for FileName must be a vault-local absolute path.
Please note the following:
- When a file is deleted, any alternate streams it contains are deleted as well.
- Directories must be empty to be deleted; otherwise, this method raises an exception. Use the is_directory_empty method to check whether a directory is empty.
- Deleting a symbolic link only deletes the link itself, not the file it points to.
Note: This method can be called only when active is True, and it cannot be called within events.
delete_file_tag Method
This method deletes a file tag.
Syntax
def delete_file_tag(file_name: str, tag_id: int, tag_name: str) -> None: ...
Remarks
This method deletes the file tag identified by TagId or TagName from the file, directory, or alternate stream specified by FileName.
The value passed for FileName must be a vault-local absolute path.
To delete a raw file tag, pass its Id for TagId and pass an empty string for TagName. To delete a typed file tag, pass its name for TagName and pass 0 for TagId. If values are provided for both TagId and TagName, this method raises an exception.
Please refer to the File Tags topic for more information.
Note: This method can be called only when active is True, and it cannot be called within events.
file_exists Method
This method checks whether a vault item exists.
Syntax
def file_exists(file_name: str) -> bool: ...
Remarks
This method checks whether a vault item (file, directory, symbolic link, or alternate stream) with the specified FileName exists in the vault. If the specified vault item exists, this method returns True; otherwise, it returns False.
The value passed for FileName must be a vault-local absolute path.
Note: This method can be called only when active is True.
file_matches_mask Method
This method checks whether a particular file or directory name matches the specified mask.
Syntax
def file_matches_mask(mask: str, file_name: str, case_sensitive: bool) -> bool: ...
Remarks
This method checks whether the file or directory name specified by FileName matches Mask; if it does, this method returns True. The CaseSensitive parameter controls whether a case-sensitive match should be performed.
Note: This method does not handle so-called DOS_* wildcards (DOS_STAR, DOS_QM, DOS_DOT). The explanation about the characters can be found in the MSDN article. If you have a mask that includes one of those characters on Windows, you can use the RtlIsNameInExpression function of Windows API.
Note: As the explanation states, "When you do a case-insensitive search and do not provide a translation table, the name is converted to uppercase."
file_tag_exists Method
This method checks whether a file tag exists.
Syntax
def file_tag_exists(file_name: str, tag_id: int, tag_name: str) -> bool: ...
Remarks
This method checks whether a file tag with the specified TagId or TagName is attached to the file, directory, or alternate stream specified by FileName. If the specified file tag exists, this method returns True; otherwise, it returns False.
The value passed for FileName must be a vault-local absolute path.
To check for a raw file tag, pass its Id for TagId and pass an empty string for TagName. To check for a typed file tag, pass its name for TagName and pass 0 for TagId. If values are provided for both TagId and TagName, this method raises an exception.
Please refer to the File Tags topic for more information.
Note: This method can be called only when active is True.
file_time_to_nanoseconds Method
This method returns the subsecond part of the time expressed in nanoseconds.
Syntax
def file_time_to_nanoseconds(file_time: datetime.datetime) -> int: ...
Remarks
Use this method to obtain the subsecond part of the FileTime value, expressed in nanoseconds.
file_time_to_unix_time Method
This method converts FileTime to Unix time format.
Syntax
def file_time_to_unix_time(file_time: datetime.datetime) -> int: ...
Remarks
Use this method to convert the FileTime value to Unix time format. The subsecond part of the value is not preserved; to obtain it, use the file_time_to_nanoseconds method.
find_close Method
This method closes a search operation and releases any associated resources.
Syntax
def find_close(search_id: int) -> None: ...
Remarks
This method closes the search operation identified by SearchId, releasing any previously allocated resources associated with it.
The value passed for SearchId must be a search operation Id returned by find_first or find_first_by_query.
Note: This method can be called only when active is True.
find_first Method
This method searches for the first vault item that matches the specified name and attributes.
Syntax
def find_first(file_mask: str, attributes: int, flags: int) -> int: ...
Remarks
This method initiates a search operation based on the specified FileMask, Attributes, and Flags. If there are any matching vault items (files, directories, symbolic links, or alternate streams), then a search operation Id is returned. If there are no matching vault items, then -1 is returned.
To obtain information about a search result, pass the returned search handle to the following methods:
- get_search_result_attributes
- get_search_result_creation_time
- get_search_result_full_name
- get_search_result_last_access_time
- get_search_result_link_destination
- get_search_result_metadata_size
- get_search_result_modification_time
- get_search_result_name
- get_search_result_size
To retrieve the next search result, pass the returned search handle to the find_next method. When an application is finished with (or wants to abandon) a search operation, it must pass the associated search handle to the find_close method to release the resources associated with it.
Because each search operation is identified by the search handle associated with it, applications may initiate additional search operations at any time and may process each operation's search results in any manner it desires (e.g., sequentially, round robin).
The FileMask parameter specifies both the directory path to search within and the filename mask to match against (e.g., \directory\to\search\*.txt). Or, when searching a file's alternate streams, it specifies the file path and stream name mask (e.g., \path\to\file:*). Only the mask may contain wildcards. The path must be specified in vault-local absolute format. Also note that files without an extension will match *, but not *.*.
The Attributes parameter specifies the attributes to match against; items will match only if they have one or more of the specified attributes. The value passed for this parameter should be constructed by ORing together zero or more of the following values. Passing 0 will allow any file in a directory (or, any alternate stream in a file) to match; it is equivalent to VAULT_FATTR_FILE | VAULT_FATTR_DATA_STREAM.
| VAULT_FATTR_FILE | 0x00000001 | The entry is a file. |
| VAULT_FATTR_DIRECTORY | 0x00000002 | The entry is a directory. |
| VAULT_FATTR_DATA_STREAM | 0x00000004 | The entry is an alternate data stream. |
| VAULT_FATTR_COMPRESSED | 0x00000008 | The file or stream is compressed. |
| VAULT_FATTR_ENCRYPTED | 0x00000010 | The file or stream is encrypted. |
| VAULT_FATTR_SYMLINK | 0x00000020 | The entry is a symbolic link. |
| VAULT_FATTR_READONLY | 0x00000040 | The file is read-only.
This attribute is not used by CBFS Vault, but it can be set and retrieved. |
| VAULT_FATTR_ARCHIVE | 0x00000080 | The file requires archiving.
This attribute is not used by CBFS Vault, but it can be set and retrieved. |
| VAULT_FATTR_HIDDEN | 0x00000100 | The file is hidden.
This attribute is not used by CBFS Vault, but it can be set and retrieved. |
| VAULT_FATTR_SYSTEM | 0x00000200 | The file is a system file.
This attribute is not used by CBFS Vault, but it can be set and retrieved. |
| VAULT_FATTR_TEMPORARY | 0x00000400 | The file is temporary.
This attribute is not used by CBFS Vault, but it can be set and retrieved. |
| VAULT_FATTR_DELETE_ON_CLOSE | 0x00000800 | The file should be deleted when the last handle to the file is closed.
This attribute is currently not supported by CBFS Vault. |
| VAULT_FATTR_RESERVED_0 | 0x00001000 | Reserved. |
| VAULT_FATTR_RESERVED_1 | 0x00002000 | Reserved. |
| VAULT_FATTR_RESERVED_2 | 0x00004000 | Reserved. |
| VAULT_FATTR_RESERVED_3 | 0x00008000 | Reserved. |
| VAULT_FATTR_NO_USER_CHANGE | 0x0000F03F | A mask that includes all attributes that cannot be changed.
Applications cannot use the set_file_attributes method to directly change any of the following attributes: FILE, DIRECTORY, DATA_STREAM, COMPRESSED, ENCRYPTED, SYMLINK, RESERVED_0, RESERVED_1, RESERVED_2, or RESERVED_3. |
| VAULT_FATTR_USER_DEFINED | 0x7FF00000 | A mask for application-defined attributes.
Applications can use the set_file_attributes method to set custom attributes, as long as their values are covered by this mask. |
| VAULT_FATTR_ANY_FILE | 0x7FFFFFFF | A mask that includes any and all attributes. |
The Flags parameter controls search behavior. Among other things, it can be used to request that only specific pieces of information be returned, which can greatly improve performance. The value passed for this parameter should be constructed by ORing together zero or more of the following values:
| VAULT_FF_NEED_NAME | 0x00000001 | Include entry names (without paths) when returning search results. |
| VAULT_FF_NEED_FULL_NAME | 0x00000002 | Include fully qualified entry names when returning search results. |
| VAULT_FF_NEED_ATTRIBUTES | 0x00000004 | Include entry attributes when returning search results. |
| VAULT_FF_NEED_SIZE | 0x00000008 | Include entry sizes when returning search results. |
| VAULT_FF_NEED_METADATA_SIZE | 0x00000010 | Include entry metadata sizes when returning search results. |
| VAULT_FF_NEED_TIMES | 0x00000020 | Include entry times when returning search results. |
| VAULT_FF_NEED_LINK_DEST | 0x00000040 | Include symbolic link destinations when returning search results. |
| VAULT_FF_EMULATE_FAT | 0x00001000 | Inserts . and .. pseudo-entries into search results for all directories except the root one. |
| VAULT_FF_RECURSIVE | 0x00002000 | Search recursively in all subdirectories. |
| VAULT_FF_CASE_INSENSITIVE | 0x00004000 | Forces case-insensitive search, even if the vault is case-sensitive. |
Note: This method can be called only when active is True, and it cannot be called within events.
find_first_by_query Method
This method searches for the first file or directory whose file tags match the specified query.
Syntax
def find_first_by_query(directory: str, query: str, flags: int) -> int: ...
Remarks
This method initiates a search operation within the specified Directory for files and subdirectories whose typed file tags match the specified Query. If there are any matching files or directories, then a search operation Id is returned. If there are no matching files or directories, then -1 is returned.
To obtain information about a search result, pass the returned search handle to the following methods:
- get_search_result_attributes
- get_search_result_creation_time
- get_search_result_full_name
- get_search_result_last_access_time
- get_search_result_link_destination
- get_search_result_metadata_size
- get_search_result_modification_time
- get_search_result_name
- get_search_result_size
To retrieve the next search result, pass the returned search handle to the find_next method. When an application is finished with (or wants to abandon) a search operation, it must pass the associated search handle to the find_close method to release the resources associated with it.
Because each search operation is identified by the search handle associated with it, applications may initiate additional search operations at any time and may process each operation's search results in any manner it desires (e.g., sequentially, round robin).
The value passed for Directory must be a vault-local absolute path.
The value passed for Query must be a search query constructed using the CBFS Vault Query Language; please refer to that topic for more information.
The Flags parameter controls search behavior. Among other things, it can be used to request that only specific pieces of information be returned, which can greatly improve performance. The value passed for this parameter should be constructed by ORing together zero or more of the following values:
| VAULT_FF_NEED_NAME | 0x00000001 | Include entry names (without paths) when returning search results. |
| VAULT_FF_NEED_FULL_NAME | 0x00000002 | Include fully qualified entry names when returning search results. |
| VAULT_FF_NEED_ATTRIBUTES | 0x00000004 | Include entry attributes when returning search results. |
| VAULT_FF_NEED_SIZE | 0x00000008 | Include entry sizes when returning search results. |
| VAULT_FF_NEED_METADATA_SIZE | 0x00000010 | Include entry metadata sizes when returning search results. |
| VAULT_FF_NEED_TIMES | 0x00000020 | Include entry times when returning search results. |
| VAULT_FF_NEED_LINK_DEST | 0x00000040 | Include symbolic link destinations when returning search results. |
| VAULT_FF_EMULATE_FAT | 0x00001000 | Inserts . and .. pseudo-entries into search results for all directories except the root one. |
| VAULT_FF_RECURSIVE | 0x00002000 | Search recursively in all subdirectories. |
| VAULT_FF_CASE_INSENSITIVE | 0x00004000 | Forces case-insensitive search, even if the vault is case-sensitive. |
Note: This method can be called only when active is True, and it cannot be called within events.
find_next Method
This method searches for the next vault item that matches an ongoing search operation.
Syntax
def find_next(search_id: int) -> bool: ...
Remarks
This method searches for the next vault item (file, directory, symbolic link, or alternate stream) that matches the ongoing search operation identified by SearchId. If a matching vault item is found, this method returns True; otherwise, it returns False.
The value passed for SearchId must be a search operation Id returned by find_first or find_first_by_query. Please refer to the methods' documentation for more information about search operations.
Note: This method can be called only when active is True, and it cannot be called within events.
get_file_attributes Method
This method retrieves the attributes of a vault item.
Syntax
def get_file_attributes(file_name: str) -> int: ...
Remarks
This method retrieves the attributes of the vault item (e.g., file, directory, symbolic link, or alternate stream) specified by FileName.
The value passed for FileName must be a vault-local absolute path.
The specified vault item's attributes are returned as a 32-bit integer composed of one or more of the following values:
| VAULT_FATTR_FILE | 0x00000001 | The entry is a file. |
| VAULT_FATTR_DIRECTORY | 0x00000002 | The entry is a directory. |
| VAULT_FATTR_DATA_STREAM | 0x00000004 | The entry is an alternate data stream. |
| VAULT_FATTR_COMPRESSED | 0x00000008 | The file or stream is compressed. |
| VAULT_FATTR_ENCRYPTED | 0x00000010 | The file or stream is encrypted. |
| VAULT_FATTR_SYMLINK | 0x00000020 | The entry is a symbolic link. |
| VAULT_FATTR_READONLY | 0x00000040 | The file is read-only.
This attribute is not used by CBFS Vault, but it can be set and retrieved. |
| VAULT_FATTR_ARCHIVE | 0x00000080 | The file requires archiving.
This attribute is not used by CBFS Vault, but it can be set and retrieved. |
| VAULT_FATTR_HIDDEN | 0x00000100 | The file is hidden.
This attribute is not used by CBFS Vault, but it can be set and retrieved. |
| VAULT_FATTR_SYSTEM | 0x00000200 | The file is a system file.
This attribute is not used by CBFS Vault, but it can be set and retrieved. |
| VAULT_FATTR_TEMPORARY | 0x00000400 | The file is temporary.
This attribute is not used by CBFS Vault, but it can be set and retrieved. |
| VAULT_FATTR_DELETE_ON_CLOSE | 0x00000800 | The file should be deleted when the last handle to the file is closed.
This attribute is currently not supported by CBFS Vault. |
| VAULT_FATTR_RESERVED_0 | 0x00001000 | Reserved. |
| VAULT_FATTR_RESERVED_1 | 0x00002000 | Reserved. |
| VAULT_FATTR_RESERVED_2 | 0x00004000 | Reserved. |
| VAULT_FATTR_RESERVED_3 | 0x00008000 | Reserved. |
| VAULT_FATTR_NO_USER_CHANGE | 0x0000F03F | A mask that includes all attributes that cannot be changed.
Applications cannot use the set_file_attributes method to directly change any of the following attributes: FILE, DIRECTORY, DATA_STREAM, COMPRESSED, ENCRYPTED, SYMLINK, RESERVED_0, RESERVED_1, RESERVED_2, or RESERVED_3. |
| VAULT_FATTR_USER_DEFINED | 0x7FF00000 | A mask for application-defined attributes.
Applications can use the set_file_attributes method to set custom attributes, as long as their values are covered by this mask. |
| VAULT_FATTR_ANY_FILE | 0x7FFFFFFF | A mask that includes any and all attributes. |
Note: This method can be called only when active is True.
get_file_compression Method
This method retrieves the compression mode of a file or alternate stream.
Syntax
def get_file_compression(file_name: str) -> int: ...
Remarks
This method retrieves the compression mode of the file or alternate stream specified by FileName.
The value passed for FileName must be a vault-local absolute path.
The returned compression mode will be one of the following values:
| VAULT_CM_NONE | 0 | Do not use compression. |
| VAULT_CM_DEFAULT | 1 | Use default compression (zlib). |
| VAULT_CM_CUSTOM | 2 | Use event-based custom compression.
This compression level is not used. |
| VAULT_CM_ZLIB | 3 | Use zlib compression.
Valid compression levels are 1-9. |
| VAULT_CM_RLE | 4 | Use RLE compression.
This compression level is not used. |
Applications that use custom compression must implement the on_data_compress and on_data_decompress events. Please refer to the Compression topic for more information.
Note: This method can be called only when active is True.
get_file_creation_time Method
This method retrieves the creation time of a vault item.
Syntax
def get_file_creation_time(file_name: str) -> datetime.datetime: ...
Remarks
This method retrieves the creation time of the vault item (e.g., file, directory, symbolic link, or alternate stream) specified by FileName. The timestamps returned by this method are specified in UTC.
The value passed for FileName must be a vault-local absolute path.
Note: This method can be called only when active is True.
get_file_encryption Method
This method retrieves the encryption mode of a file or alternate stream.
Syntax
def get_file_encryption(file_name: str) -> int: ...
Remarks
This method retrieves the encryption mode of the file or alternate stream specified by FileName.
The value passed for FileName must be a vault-local absolute path.
The returned encryption mode will be one of the following values:
| VAULT_EM_NONE | 0x0 | Do not use encryption. |
| VAULT_EM_DEFAULT | 0x1 | Use default encryption (VAULT_EM_XTS_AES256_PBKDF2_HMAC_SHA256). |
| VAULT_EM_XTS_AES256_PBKDF2_HMAC_SHA256 | 0x2 | Use AES256 encryption with PBKDF2 key derivation based on a HMAC_SHA256 key hash. |
| VAULT_EM_CUSTOM256_PBKDF2_HMAC_SHA256 | 0x3 | Use event-based custom 256-bit encryption with PBKDF2 key derivation based on a HMAC_SHA256 key hash.
A 256-bit (32-byte) block size is used with this encryption mode. |
| VAULT_EM_CUSTOM512_PBKDF2_HMAC_SHA256 | 0x4 | Use event-based custom 512-bit encryption with PBKDF2 key derivation based on a HMAC_SHA256 key hash.
A 512-bit (64-byte) block size is used with this encryption mode. |
| VAULT_EM_CUSTOM1024_PBKDF2_HMAC_SHA256 | 0x5 | Use event-based custom 1024-bit encryption with PBKDF2 key derivation based on a HMAC_SHA256 key hash.
A 1024-bit (128-byte) block size is used with this encryption mode. |
| VAULT_EM_CUSTOM256_CUSTOM_KEY_DERIVE | 0x23 | Use event-based custom 256-bit encryption with custom key derivation.
A 256-bit (32-byte) block size is used with this encryption mode. |
| VAULT_EM_CUSTOM512_CUSTOM_KEY_DERIVE | 0x24 | Use event-based custom 512-bit encryption with custom key derivation.
A 512-bit (64-byte) block size is used with this encryption mode. |
| VAULT_EM_CUSTOM1024_CUSTOM_KEY_DERIVE | 0x25 | Use event-based custom 1024-bit encryption with custom key derivation.
A 1024-bit (128-byte) block size is used with this encryption mode. |
| VAULT_EM_CUSTOM256_DIRECT_KEY | 0x43 | Use event-based custom 256-bit encryption with no key derivation.
A 256-bit (32-byte) block size is used with this encryption mode. This mode is useful for cases in which the password is an identifier for an external key and should not be used for key derivation. |
| VAULT_EM_CUSTOM512_DIRECT_KEY | 0x44 | Use event-based custom 512-bit encryption with no key derivation.
A 512-bit (64-byte) block size is used with this encryption mode. This mode is useful for cases in which the password is an identifier for an external key and should not be used for key derivation. |
| VAULT_EM_CUSTOM1024_DIRECT_KEY | 0x45 | Use event-based custom 1024-bit encryption with no key derivation.
A 1024-bit (128-byte) block size is used with this encryption mode. This mode is useful for cases in which the password is an identifier for an external key and should not be used for key derivation. |
| VAULT_EM_UNKNOWN | 0xFF | Unidentified or unknown encryption. |
Applications that use custom encryption must implement at least the on_data_encrypt and on_data_decrypt events. Certain custom encryption modes may require that the on_hash_calculate or on_key_derive event be implemented as well. Please refer to the Encryption topic for more information.
Note: This method can be called only when active is True.
get_file_last_access_time Method
This method retrieves the last access time of a vault item.
Syntax
def get_file_last_access_time(file_name: str) -> datetime.datetime: ...
Remarks
This method retrieves the creation time of the vault item (e.g., file, directory, symbolic link, or alternate stream) specified by FileName. The timestamps returned by this method are specified in UTC.
Note: Vault items' last access times are updated only if the use_access_time property is enabled.
The value passed for FileName must be a vault-local absolute path.
Note: This method can be called only when active is True.
get_file_metadata_size Method
This method retrieves the size of the metadata associated with a vault item.
Syntax
def get_file_metadata_size(file_name: str) -> int: ...
Remarks
This method retrieves the size of the metadata associated with the vault item (e.g., file, directory, symbolic link, or alternate stream) specified by FileName.
A vault item's metadata size reflects the total size of all vault pages associated with it that do not contain actual file/stream data; this includes file tags (both internal and application-defined), index pages, B-trees, and all other "filesystem information".
The value passed for FileName must be a vault-local absolute path.
Note: This method can be called only when active is True.
get_file_modification_time Method
This method retrieves the modification time of a vault item.
Syntax
def get_file_modification_time(file_name: str) -> datetime.datetime: ...
Remarks
This method retrieves the modification time of the vault item (e.g., file, directory, symbolic link, or alternate stream) specified by FileName. The timestamps returned by this method are specified in UTC.
The value passed for FileName must be a vault-local absolute path.
Note: This method can be called only when active is True.
get_file_size Method
This method retrieves the size of a file or alternate stream.
Syntax
def get_file_size(file_name: str) -> int: ...
Remarks
This method retrieves the size, in bytes, of the file or alternate stream specified by FileName.
Note: For files, the returned value reflects only the size of the file's immediate contents, it does not account for any alternate streams the file may or may not contain.
The value passed for FileName must be a vault-local absolute path.
Note: This method can be called only when active is True.
get_file_tag Method
This method retrieves the binary data held by a raw file tag attached to the specified vault item.
Syntax
def get_file_tag(file_name: str, tag_id: int) -> bytes: ...
Remarks
This method retrieves the binary data held by a raw file tag, identified by TagId, attached to the vault item (e.g., file, directory, or alternate stream) specified by FileName. If a raw file tag with the specified TagId is not attached to the specified vault item, this method raises an exception.
The value passed for FileName must be a vault-local absolute path. The value passed for TagId must be in the range 0x0001 to 0xCFFF (inclusive).
Please refer to the File Tags topic for more information.
Note: This method can be called only when active is True.
get_file_tag_as_ansi_string Method
This method retrieves the value of an AnsiString-typed file tag attached to the specified vault item.
Syntax
def get_file_tag_as_ansi_string(file_name: str, tag_name: str) -> str: ...
Remarks
This method retrieves the value of an AnsiString-typed file tag, identified by TagName, attached to the vault item (e.g., file, directory, or alternate stream) specified by FileName. If an AnsiString-typed file tag with the specified TagName is not attached to the specified vault item, this method raises an exception.
The value passed for FileName must be a vault-local absolute path. The value passed for TagName may be up to 4095 characters in length (not including the null terminator).
Please refer to the File Tags topic for more information.
This method can only retrieve typed file tags created with the set_file_tag_as_ansi_string method. Typed file tags created with the set_file_tag_as_string method must be retrieved using the get_file_tag_as_string method.
Note: This method can be called only when active is True.
get_file_tag_as_boolean Method
This method retrieves the value of a Boolean-typed file tag attached to the specified vault item.
Syntax
def get_file_tag_as_boolean(file_name: str, tag_name: str) -> bool: ...
Remarks
This method retrieves the value of a Boolean-typed file tag, identified by TagName, attached to the vault item (e.g., file, directory, or alternate stream) specified by FileName. If a Boolean-typed file tag with the specified TagName is not attached to the specified vault item, this method raises an exception.
The value passed for FileName must be a vault-local absolute path. The value passed for TagName may be up to 4095 characters in length (not including the null terminator).
Please refer to the File Tags topic for more information.
Note: This method can be called only when active is True.
get_file_tag_as_date_time Method
This method retrieves the value of a DateTime-typed file tag attached to the specified vault item.
Syntax
def get_file_tag_as_date_time(file_name: str, tag_name: str) -> datetime.datetime: ...
Remarks
This method retrieves the value of a DateTime-typed file tag, identified by TagName, attached to the vault item (e.g., file, directory, or alternate stream) specified by FileName. If a DateTime-typed file tag with the specified TagName is not attached to the specified vault item, this method raises an exception.
The timestamps returned by this method are specified in UTC.
The value passed for FileName must be a vault-local absolute path. The value passed for TagName may be up to 4095 characters in length (not including the null terminator).
Please refer to the File Tags topic for more information.
Note: This method can be called only when active is True.
get_file_tag_as_number Method
This method retrieves the value of a Number-typed file tag attached to the specified vault item.
Syntax
def get_file_tag_as_number(file_name: str, tag_name: str) -> int: ...
Remarks
This method retrieves the value of a Number-typed file tag, identified by TagName, attached to the vault item (e.g., file, directory, or alternate stream) specified by FileName. If a Number-typed file tag with the specified TagName is not attached to the specified vault item, this method raises an exception.
The value passed for FileName must be a vault-local absolute path. The value passed for TagName may be up to 4095 characters in length (not including the null terminator).
Please refer to the File Tags topic for more information.
Note: This method can be called only when active is True.
get_file_tag_as_string Method
This method retrieves the value of a String-typed file tag attached to the specified vault item.
Syntax
def get_file_tag_as_string(file_name: str, tag_name: str) -> str: ...
Remarks
This method retrieves the value of a String-typed file tag, identified by TagName, attached to the vault item (e.g., file, directory, or alternate stream) specified by FileName. If a String-typed file tag with the specified TagName is not attached to the specified vault item, this method raises an exception.
The value passed for FileName must be a vault-local absolute path. The value passed for TagName may be up to 4095 characters in length (not including the null terminator).
Please refer to the File Tags topic for more information.
This method can only retrieve typed file tags created with the set_file_tag_as_string method. Typed file tags created with the set_file_tag_as_ansi_string method must be retrieved using the get_file_tag_as_ansi_string method.
Note: This method can be called only when active is True.
get_file_tag_data_type Method
This method retrieves the data type of a typed file tag attached to a specific vault item.
Syntax
def get_file_tag_data_type(file_name: str, tag_name: str) -> int: ...
Remarks
This method retrieves the data type of a typed file tag, identified by TagName, attached to the vault item (e.g., file, directory, or alternate stream) specified by FileName. If a typed file tag with the specified TagName is not attached to the specified vault item, this method raises an exception.
The value passed for FileName must be a vault-local absolute path. The value passed for TagName may be up to 4095 characters in length (not including the null terminator).
The value returned by this method will be one of the following (except VAULT_TDT_RAWDATA, which is not applicable):
| VAULT_TDT_RAWDATA | 0x0 | The tag is untyped and must be addressed by Id. |
| VAULT_TDT_BOOLEAN | 0x1 | The tag contains Boolean data and must be addressed by name. |
| VAULT_TDT_STRING | 0x2 | The tag contains String (UTF-16LE) data and must be addressed by name. |
| VAULT_TDT_DATETIME | 0x3 | The tag contains DateTime data and must be addressed by name. |
| VAULT_TDT_NUMBER | 0x4 | The tag contains numeric (signed 64-bit) data and must be addressed by name. |
| VAULT_TDT_ANSISTRING | 0x5 | The tag contains AnsiString (8-bit string) data and must be addressed by name. |
Please refer to the File Tags topic for more information.
Note: This method can be called only when active is True.
get_file_tag_size Method
This method retrieves the size of a raw file tag attached to the specified vault item.
Syntax
def get_file_tag_size(file_name: str, tag_id: int) -> int: ...
Remarks
This method retrieves the size of the binary data held by a raw file tag, identified by TagId, attached to the vault item (e.g., file, directory, or alternate stream) specified by FileName. If a raw file tag with the specified TagId is not attached to the specified vault item, this method returns 0 as the tag size.
The value passed for FileName must be a vault-local absolute path. The value passed for TagId must be in the range 0x0001 to 0xCFFF (inclusive).
Please refer to the File Tags topic for more information.
Note: This method can be called only when active is True.
get_search_result_attributes Method
This method retrieves the attributes of a vault item found during a search operation.
Syntax
def get_search_result_attributes(search_id: int) -> int: ...
Remarks
This method retrieves the attributes of a vault item (e.g., file, directory, symbolic link, or alternate stream) found via find_first/find_first_by_query/find_next as part of the search operation identified by SearchId. Please refer to those methods' documentation for more information.
The value passed for SearchId must be a search operation Id returned by find_first or find_first_by_query.
The vault item's attributes are returned as a 32-bit integer composed of one or more of the following values:
| VAULT_FATTR_FILE | 0x00000001 | The entry is a file. |
| VAULT_FATTR_DIRECTORY | 0x00000002 | The entry is a directory. |
| VAULT_FATTR_DATA_STREAM | 0x00000004 | The entry is an alternate data stream. |
| VAULT_FATTR_COMPRESSED | 0x00000008 | The file or stream is compressed. |
| VAULT_FATTR_ENCRYPTED | 0x00000010 | The file or stream is encrypted. |
| VAULT_FATTR_SYMLINK | 0x00000020 | The entry is a symbolic link. |
| VAULT_FATTR_READONLY | 0x00000040 | The file is read-only.
This attribute is not used by CBFS Vault, but it can be set and retrieved. |
| VAULT_FATTR_ARCHIVE | 0x00000080 | The file requires archiving.
This attribute is not used by CBFS Vault, but it can be set and retrieved. |
| VAULT_FATTR_HIDDEN | 0x00000100 | The file is hidden.
This attribute is not used by CBFS Vault, but it can be set and retrieved. |
| VAULT_FATTR_SYSTEM | 0x00000200 | The file is a system file.
This attribute is not used by CBFS Vault, but it can be set and retrieved. |
| VAULT_FATTR_TEMPORARY | 0x00000400 | The file is temporary.
This attribute is not used by CBFS Vault, but it can be set and retrieved. |
| VAULT_FATTR_DELETE_ON_CLOSE | 0x00000800 | The file should be deleted when the last handle to the file is closed.
This attribute is currently not supported by CBFS Vault. |
| VAULT_FATTR_RESERVED_0 | 0x00001000 | Reserved. |
| VAULT_FATTR_RESERVED_1 | 0x00002000 | Reserved. |
| VAULT_FATTR_RESERVED_2 | 0x00004000 | Reserved. |
| VAULT_FATTR_RESERVED_3 | 0x00008000 | Reserved. |
| VAULT_FATTR_NO_USER_CHANGE | 0x0000F03F | A mask that includes all attributes that cannot be changed.
Applications cannot use the set_file_attributes method to directly change any of the following attributes: FILE, DIRECTORY, DATA_STREAM, COMPRESSED, ENCRYPTED, SYMLINK, RESERVED_0, RESERVED_1, RESERVED_2, or RESERVED_3. |
| VAULT_FATTR_USER_DEFINED | 0x7FF00000 | A mask for application-defined attributes.
Applications can use the set_file_attributes method to set custom attributes, as long as their values are covered by this mask. |
| VAULT_FATTR_ANY_FILE | 0x7FFFFFFF | A mask that includes any and all attributes. |
If, however, attributes were not requested as part of the specified search operation (by passing either 0 or a value including VAULT_FF_NEED_ATTRIBUTES for the find_first/find_first_by_query method's Flags parameter), this method will always return 0. Please refer to the documentation for these methods for more information.
Note: This method can be called only when active is True.
get_search_result_creation_time Method
This method retrieves the creation time of a vault item found during a search operation.
Syntax
def get_search_result_creation_time(search_id: int) -> datetime.datetime: ...
Remarks
This method retrieves the creation time of a vault item (e.g., file, directory, symbolic link, or alternate stream) found via find_first/find_first_by_query/find_next as part of the search operation identified by SearchId. Please refer to those methods' documentation for more information.
The value passed for SearchId must be a search operation Id returned by find_first or find_first_by_query.
The timestamps returned by this method are specified in UTC.
If times were not requested as part of the specified search operation (by passing either 0 or a value including VAULT_FF_NEED_TIMES for the find_first/find_first_by_query method's Flags parameter), this method will always return January 1, 1601 00:00:00 UTC. Please refer to the documentation for these methods for more information.
Note: This method can be called only when active is True.
get_search_result_full_name Method
This method retrieves the fully qualified name of a vault item found during a search operation.
Syntax
def get_search_result_full_name(search_id: int) -> str: ...
Remarks
This method retrieves the fully qualified name of a vault item (e.g., file, directory, symbolic link, or alternate stream) found via find_first/find_first_by_query/find_next as part of the search operation identified by SearchId (i.e., the vault item's vault-local absolute path). Please refer to those methods' documentation for more information.
The value passed for SearchId must be a search operation Id returned by find_first or find_first_by_query.
If fully qualified names were not requested as part of the specified search operation (by passing either 0 or a value including VAULT_FF_NEED_FULL_NAME for the find_first/find_first_by_query method's Flags parameter), this method will always return an empty string. Please refer to the documentation for these methods for more information.
Note: This method can be called only when active is True.
get_search_result_last_access_time Method
This method retrieves the last access time of a vault item found during a search operation.
Syntax
def get_search_result_last_access_time(search_id: int) -> datetime.datetime: ...
Remarks
This method retrieves the creation time of a vault item (e.g., file, directory, symbolic link, or alternate stream) found via find_first/find_first_by_query/find_next as part of the search operation identified by SearchId. Please refer to those methods' documentation for more information.
The value passed for SearchId must be a search operation Id returned by find_first or find_first_by_query.
The timestamps returned by this method are specified in UTC.
If times were not requested as part of the specified search operation (by passing either 0 or a value including VAULT_FF_NEED_TIMES for the find_first/find_first_by_query method's Flags parameter), this method will always return January 1, 1601 00:00:00 UTC. Please refer to the documentation for these methods for more information.
Note: Vault items' last access times are updated only if the use_access_time property is enabled.
Note: This method can be called only when active is True.
get_search_result_link_destination Method
This method retrieves the destination of a symbolic link found during a search operation.
Syntax
def get_search_result_link_destination(search_id: int) -> str: ...
Remarks
This method retrieves the fully qualified name of a symbolic link found via find_first/find_first_by_query/find_next as part of the search operation identified by SearchId. Please refer to those methods' documentation for more information.
The value passed for SearchId must be a search operation Id returned by find_first or find_first_by_query.
If the most recently found vault item is not a symbolic link, or if symbolic link destinations were not requested as part of the specified search operation (by passing either 0 or a value including VAULT_FF_NEED_LINK_DEST for the find_first/find_first_by_query method's Flags parameter), this method will always return an empty string. Please refer to the documentation for these methods for more information.
Note: This method can be called only when active is True.
get_search_result_metadata_size Method
This method retrieves the size of the metadata associated with a vault item found during a search operation.
Syntax
def get_search_result_metadata_size(search_id: int) -> int: ...
Remarks
This method retrieves the size of the metadata associated with a vault item (e.g., file, directory, symbolic link, or alternate stream) found via find_first/find_first_by_query/find_next as part of the search operation identified by SearchId. Please refer to those methods' documentation for more information.
The metadata size of a vault item reflects the total size of all vault pages associated with it that do not contain actual file/stream data; this includes file tags (both internal and application defined), index pages, B-trees, and all other "filesystem information".
The value passed for SearchId must be a search operation Id returned by find_first or find_first_by_query.
If metadata sizes were not requested as part of the specified search operation (by passing either 0 or a value including VAULT_FF_NEED_METADATA_SIZE for the find_first/find_first_by_query method's Flags parameter), this method will always return 0. Please refer to the documentation for these methods for more information.
Note: This method can be called only when active is True.
get_search_result_modification_time Method
This method retrieves the modification time of a vault item found during a search operation.
Syntax
def get_search_result_modification_time(search_id: int) -> datetime.datetime: ...
Remarks
This method retrieves the modification time of a vault item (e.g., file, directory, symbolic link, or alternate stream) found via find_first/find_first_by_query/find_next as part of the search operation identified by SearchId. Please refer to those methods' documentation for more information.
The value passed for SearchId must be a search operation Id returned by find_first or find_first_by_query.
The timestamps returned by this method are specified in UTC.
If times were not requested as part of the specified search operation (by passing either 0 or a value including VAULT_FF_NEED_TIMES for the find_first/find_first_by_query method's Flags parameter), this method will always return January 1, 1601 00:00:00 UTC. Please refer to the documentation for these methods for more information.
Note: This method can be called only when active is True.
get_search_result_name Method
This method retrieves the name of a vault item found during a search operation.
Syntax
def get_search_result_name(search_id: int) -> str: ...
Remarks
This method retrieves the name of a vault item (e.g., file, directory, symbolic link, or alternate stream) found via find_first/find_first_by_query/find_next as part of the search operation identified by SearchId. Please refer to those methods' documentation for more information.
The value passed for SearchId must be a search operation Id returned by find_first or find_first_by_query.
The names returned by this method do not include a path; use get_search_result_full_name if a path is needed.
If names were not requested as part of the specified search operation (by passing either 0 or a value including VAULT_FF_NEED_NAME for the find_first/find_first_by_query method's Flags parameter), this method will always return an empty string. Please refer to the documentation for these methods for more information.
Note: This method can be called only when active is True.
get_search_results Method
This method retrieves all information about a vault item found during a search operation.
Syntax
def get_search_results(search_id: int, name: List[str], full_name: List[str], attributes: List[int], size: List[int], creation_time: List[datetime.datetime], modification_time: List[datetime.datetime], last_access_time: List[datetime.datetime], link_destination: List[str], metadata_size: List[int]) -> None: ...
Remarks
This method retrieves all available information about a vault item (e.g., file, directory, symbolic link, or alternate stream) found via find_first/find_first_by_query/find_next as part of the search operation identified by SearchId. Please refer to those methods' documentation for more information.
The value passed for SearchId must be a search operation Id returned by find_first or find_first_by_query.
If names were not requested as part of the specified search operation (by passing either 0 or a value including VAULT_FF_NEED_NAME for the find_first/find_first_by_query method's Flags parameter), this method will always return empty strings. Please refer to the documentation for these methods for more information.
Note: This method can be called only when active is True.
get_search_result_size Method
This method retrieves the size of a vault item found during a search operation.
Syntax
def get_search_result_size(search_id: int) -> int: ...
Remarks
This method retrieves the size of a vault item (e.g., file, directory, symbolic link, or alternate stream) found via find_first/find_first_by_query/find_next as part of the search operation identified by SearchId. Please refer to those methods' documentation for more information.
Note: For files, the returned value reflects only the size of the file's immediate contents; it does not account for any alternate streams the file may or may not contain.
The value passed for SearchId must be a search operation Id returned by find_first or find_first_by_query.
If the vault item is a directory, or if sizes were not requested as part of the specified search operation (by passing either 0 or a value including VAULT_FF_NEED_SIZE for the find_first/find_first_by_query method's Flags parameter), this method will always return 0. Please refer to the documentation for these methods for more information.
Note: This method can be called only when active is True.
is_directory_empty Method
This method checks whether a directory is empty.
Syntax
def is_directory_empty(directory: str) -> bool: ...
Remarks
This method checks whether the directory specified by Directory is empty (i.e., does not contain any files, subdirectories, or symbolic links). If the specified directory is empty, this method returns True; otherwise, it returns False.
The value passed for Directory must be a vault-local absolute path.
Note: This method can be called only when active is True.
is_valid_vault Method
This method checks whether a local file is a CBFS Vault vault.
Syntax
def is_valid_vault() -> bool: ...
Remarks
This method checks whether the file specified by the vault_file property is a CBFS Vault vault that can be opened by the class. The file being checked must be fully closed when this method is called.
If the specified file is a CBFS Vault vault, this method returns True; otherwise, it returns False.
If the callback_mode property is enabled, the check will be performed by the appropriate Vault* events (and the value held by vault_file is simply passed to such events for the application to use).
Note: This method uses a simple detection mechanism; it does not perform a full consistency check or attempt any repairs, so applications may still need to call check_and_repair even if this method returns True. If an error occurs during the detection process, this method raises an exception.
Note: This method cannot be called when active is True, and it cannot be called within events.
move_file Method
This method renames or moves a vault item.
Syntax
def move_file(old_file_name: str, new_file_name: str, overwrite: bool) -> None: ...
Remarks
This method renames or moves a vault item (e.g., file, directory, symbolic link, or alternate stream) from the specified OldFileName to the specified NewFileName. For alternate streams, renaming is always possible, but moving them from one file to another is allowed only if the AllowMoveStreamsBetweenFiles configuration setting is enabled.
The values passed for OldFileName and NewFileName must both be vault-local absolute paths (including the item's old and new names, respectively) in the same vault.
The Overwrite parameter specifies what to do if a vault item with the specified NewFileName already exists. If Overwrite is True, and such an item exists, it will be overwritten by the item specified by OldFileName. But if such an item exists, and Overwrite is False, this method raises an exception.
Note: The usual rules of deletion still apply for an item being overwritten. Notably, a nonempty directory cannot be overwritten.
Note: This method can be called only when active is True, and it cannot be called within events.
open_file Method
This method opens a new or existing file or alternate stream in the vault.
Syntax
def open_file(file_name: str, open_mode: int, read_enabled: bool, write_enabled: bool, password: str) -> CBFSVaultStream: ...
Remarks
This method opens the file or alternate stream specified by FileName, creating it if necessary based on the specified OpenMode, and returns a stream object that provides access to its data.
Note: Files and alternate streams cannot be created or written to if the vault is open in read_only mode.
The value passed for FileName must be a vault-local absolute path.
The OpenMode parameter specifies what behavior to use when opening a file or alternate stream. Valid values are as follows:
| VAULT_FOM_CREATE_NEW | 0 | Creates a new file or alternate stream if possible, failing if one already exists. |
| VAULT_FOM_CREATE_ALWAYS | 1 | Creates a new file or stream, overwriting an existing one if necessary. |
| VAULT_FOM_OPEN_EXISTING | 2 | Opens a file or stream if it exists; fails otherwise. |
| VAULT_FOM_OPEN_ALWAYS | 3 | Opens a file or stream if it exists; creates a new one otherwise. |
The ReadEnabled and WriteEnabled parameters specify which kinds of access the returned stream object should permit.
Note: WriteEnabled is ignored if read_only is True.
The Password parameter works as follows:
- If the specified file or alternate stream already exists and is encrypted, the specified Password is used to decrypt and access its data.
- If a new file or alternate stream is created, and the default_file_encryption property is not VAULT_EM_NONE, the specified Password is used to encrypt it.
Internally, this method simply calls open_file_ex, passing on all shared parameters' values and using the following defaults for the others:
- ShareDenyRead and ShareDenyWrite use True.
- Encryption uses the current default_file_encryption value.
- Compression and CompressionLevel use the current default_file_compression and DefaultFileCompressionLevel values, respectively.
- PagesPerBlock uses 16.
Note: This method can be called only when active is True, and it cannot be called within events.
open_file_ex Method
This method opens a new or existing file or alternate stream in the vault.
Syntax
def open_file_ex(file_name: str, open_mode: int, read_enabled: bool, write_enabled: bool, share_deny_read: bool, share_deny_write: bool, encryption: int, password: str, compression: int, compression_level: int, pages_per_block: int) -> CBFSVaultStream: ...
Remarks
This method opens the file or alternate stream specified by FileName, creating it if necessary based on the specified OpenMode, and returns a stream object that provides access to its data.
Note: Files and alternate streams cannot be created or written to if the vault is open in read_only mode.
The value passed for FileName must be a vault-local absolute path.
The OpenMode parameter specifies what behavior to use when opening a file or alternate stream. Valid values are as follows:
| VAULT_FOM_CREATE_NEW | 0 | Creates a new file or alternate stream if possible, failing if one already exists. |
| VAULT_FOM_CREATE_ALWAYS | 1 | Creates a new file or stream, overwriting an existing one if necessary. |
| VAULT_FOM_OPEN_EXISTING | 2 | Opens a file or stream if it exists; fails otherwise. |
| VAULT_FOM_OPEN_ALWAYS | 3 | Opens a file or stream if it exists; creates a new one otherwise. |
The ReadEnabled and WriteEnabled parameters specify which kinds of access the returned stream object should permit.
Note: WriteEnabled is ignored if read_only is True.
The ShareDenyRead and ShareDenyWrite parameters specify whether other accessors may read and/or write the specified file or alternate stream simultaneously. To prevent simultaneous read and/or write access, pass True; to allow it, pass False.
The Encryption parameter specifies the encryption mode to use when creating a file or alternate stream. Valid values are as follows:
| VAULT_EM_NONE | 0x0 | Do not use encryption. |
| VAULT_EM_DEFAULT | 0x1 | Use default encryption (VAULT_EM_XTS_AES256_PBKDF2_HMAC_SHA256). |
| VAULT_EM_XTS_AES256_PBKDF2_HMAC_SHA256 | 0x2 | Use AES256 encryption with PBKDF2 key derivation based on a HMAC_SHA256 key hash. |
| VAULT_EM_CUSTOM256_PBKDF2_HMAC_SHA256 | 0x3 | Use event-based custom 256-bit encryption with PBKDF2 key derivation based on a HMAC_SHA256 key hash.
A 256-bit (32-byte) block size is used with this encryption mode. |
| VAULT_EM_CUSTOM512_PBKDF2_HMAC_SHA256 | 0x4 | Use event-based custom 512-bit encryption with PBKDF2 key derivation based on a HMAC_SHA256 key hash.
A 512-bit (64-byte) block size is used with this encryption mode. |
| VAULT_EM_CUSTOM1024_PBKDF2_HMAC_SHA256 | 0x5 | Use event-based custom 1024-bit encryption with PBKDF2 key derivation based on a HMAC_SHA256 key hash.
A 1024-bit (128-byte) block size is used with this encryption mode. |
| VAULT_EM_CUSTOM256_CUSTOM_KEY_DERIVE | 0x23 | Use event-based custom 256-bit encryption with custom key derivation.
A 256-bit (32-byte) block size is used with this encryption mode. |
| VAULT_EM_CUSTOM512_CUSTOM_KEY_DERIVE | 0x24 | Use event-based custom 512-bit encryption with custom key derivation.
A 512-bit (64-byte) block size is used with this encryption mode. |
| VAULT_EM_CUSTOM1024_CUSTOM_KEY_DERIVE | 0x25 | Use event-based custom 1024-bit encryption with custom key derivation.
A 1024-bit (128-byte) block size is used with this encryption mode. |
| VAULT_EM_CUSTOM256_DIRECT_KEY | 0x43 | Use event-based custom 256-bit encryption with no key derivation.
A 256-bit (32-byte) block size is used with this encryption mode. This mode is useful for cases in which the password is an identifier for an external key and should not be used for key derivation. |
| VAULT_EM_CUSTOM512_DIRECT_KEY | 0x44 | Use event-based custom 512-bit encryption with no key derivation.
A 512-bit (64-byte) block size is used with this encryption mode. This mode is useful for cases in which the password is an identifier for an external key and should not be used for key derivation. |
| VAULT_EM_CUSTOM1024_DIRECT_KEY | 0x45 | Use event-based custom 1024-bit encryption with no key derivation.
A 1024-bit (128-byte) block size is used with this encryption mode. This mode is useful for cases in which the password is an identifier for an external key and should not be used for key derivation. |
| VAULT_EM_UNKNOWN | 0xFF | Unidentified or unknown encryption. |
Applications that use custom encryption must implement at least the on_data_encrypt and on_data_decrypt events. Certain custom encryption modes may require that the on_hash_calculate or on_key_derive event be implemented as well. Please refer to the Encryption topic for more information.
The Password parameter works as follows:
- If the specified file or alternate stream already exists and is encrypted, the specified Password is used to decrypt and access its data.
- If a file or alternate stream is created, and Encryption is not VAULT_EM_NONE, the specified Password is used to encrypt it.
The Compression parameter specifies the compression mode to use when creating a file or alternate stream. Valid values are as follows:
| VAULT_CM_NONE | 0 | Do not use compression. |
| VAULT_CM_DEFAULT | 1 | Use default compression (zlib). |
| VAULT_CM_CUSTOM | 2 | Use event-based custom compression.
This compression level is not used. |
| VAULT_CM_ZLIB | 3 | Use zlib compression.
Valid compression levels are 1-9. |
| VAULT_CM_RLE | 4 | Use RLE compression.
This compression level is not used. |
Applications that use custom compression must implement the on_data_compress and on_data_decompress events. Please refer to the Compression topic for more information.
The CompressionLevel parameter specifies the compression level to use, if applicable.
The PagesPerBlock parameter specifies how many pages should be compressed as a single block, if applicable. Valid values are powers of 2 up to and including 128 (i.e., 2, 4, 8, 16, 32, 64, or 128), or 0, which is interpreted as "default" (currently 16 for both zlib and run-length encoding [RLE]). Larger values allow for more efficient compression; however, because a block must be decompressed (and, for writes, recompressed) anytime its data are accessed, larger values can also cause excessive slowdown, especially for random access.
Note: This method can be called only when active is True, and it cannot be called within events.
open_root_data Method
This method opens the vault's root data stream.
Syntax
def open_root_data() -> CBFSVaultStream: ...
Remarks
This method opens the vault's root data stream, returning a stream object that provides access to its data.
Please refer to the Using RootData topic for more information.
Note: This method can be called only when active is True, and it cannot be called within events.
open_vault Method
This method opens a new or existing vault.
Syntax
def open_vault(open_mode: int, journaling_mode: int) -> None: ...
Remarks
This method opens a vault, creating it if necessary based on the specified OpenMode.
The OpenMode parameter specifies what behavior to use when opening a vault. Valid values are as follows:
| VAULT_OM_CREATE_NEW | 0 | Creates a new vault if possible, failing if one already exists. |
| VAULT_OM_CREATE_ALWAYS | 1 | Creates a new vault, overwriting an existing one if necessary. |
| VAULT_OM_OPEN_EXISTING | 2 | Opens a vault if it exists; fails otherwise. |
| VAULT_OM_OPEN_ALWAYS | 3 | Opens a vault if it exists; creates a new one otherwise. |
The JournalingMode parameter specifies whether any form of journaling should be used when working with the vault. Valid values are as follows:
| VAULT_JM_NONE | 0 | No journaling is used.
This mode ensures the fastest operations, but if the application crashes, corruption of the vault is possible. |
| VAULT_JM_METADATA | 1 | Journaling is used only for metadata (filesystem structure and directory contents).
This mode is a balance between speed and reliability. |
| VAULT_JM_FULL | 2 | Journaling is used for both filesystem structure and file data and metadata.
This mode is the slowest but the most reliable option. |
When a vault is being created or opened, the vault_file and/or callback_mode properties are used to specify its location. If callback_mode is disabled (default), the class creates or opens a file-based vault at the path specified by vault_file.
If callback_mode is enabled, then the application controls where the vault is located and how it is accessed by the Vault* events (and the value held by vault_file is simply passed to said events for the application to use). For brevity, vaults created and accessed using callback mode are referred to as "callback mode vaults"; please refer to the Callback Mode topic for more information.
The class also has a number of other properties and configuration settings used when creating or opening a vault, all of which are listed below. Please refer to each one's documentation for more information, including usage restrictions.
- auto_compact_at property
- AutoCompactDelay configuration setting
- case_sensitive property
- logo property
- MaxNonPagedNameLength configuration setting
- page_size property
- PartSize configuration setting
- path_separator property
- read_only property
- use_access_time property
- use_system_cache property
If a file-based vault's storage file (or the storage device it is located on) is marked as read-only, then the read_only property must be enabled before this method is called. If an application attempts to open a vault with a read-only storage file in read-write mode, this method raises an exception.
Note: This method cannot be called when active is True, and it cannot be called within events.
resolve_link Method
This method retrieves the destination of a symbolic link.
Syntax
def resolve_link(link_name: str, normalize: bool) -> str: ...
Remarks
This method retrieves the destination pointed to by the symbolic link specified by LinkName.
The value passed for LinkName must be a vault-local absolute path.
As the create_link method's documentation describes, symbolic links can be created with either relative or absolute vault-local paths. The Normalize parameter specifies whether the class should normalize the specified link's destination before returning it. Passing True will ensure a vault-local absolute path is always returned; passing False will cause the original destination path to be returned.
Note: This method can be called only when active is True.
set_file_attributes Method
This method sets the attributes of a vault item.
Syntax
def set_file_attributes(file_name: str, attributes: int) -> None: ...
Remarks
This method sets the attributes of the vault item (e.g., file, directory, symbolic link, or alternate stream) specified by FileName.
The value passed for FileName must be a vault-local absolute path.
The Attributes parameter specifies the new attributes for the vault item, which should be constructed by ORing together one or more of the following values:
| VAULT_FATTR_FILE | 0x00000001 | The entry is a file. |
| VAULT_FATTR_DIRECTORY | 0x00000002 | The entry is a directory. |
| VAULT_FATTR_DATA_STREAM | 0x00000004 | The entry is an alternate data stream. |
| VAULT_FATTR_COMPRESSED | 0x00000008 | The file or stream is compressed. |
| VAULT_FATTR_ENCRYPTED | 0x00000010 | The file or stream is encrypted. |
| VAULT_FATTR_SYMLINK | 0x00000020 | The entry is a symbolic link. |
| VAULT_FATTR_READONLY | 0x00000040 | The file is read-only.
This attribute is not used by CBFS Vault, but it can be set and retrieved. |
| VAULT_FATTR_ARCHIVE | 0x00000080 | The file requires archiving.
This attribute is not used by CBFS Vault, but it can be set and retrieved. |
| VAULT_FATTR_HIDDEN | 0x00000100 | The file is hidden.
This attribute is not used by CBFS Vault, but it can be set and retrieved. |
| VAULT_FATTR_SYSTEM | 0x00000200 | The file is a system file.
This attribute is not used by CBFS Vault, but it can be set and retrieved. |
| VAULT_FATTR_TEMPORARY | 0x00000400 | The file is temporary.
This attribute is not used by CBFS Vault, but it can be set and retrieved. |
| VAULT_FATTR_DELETE_ON_CLOSE | 0x00000800 | The file should be deleted when the last handle to the file is closed.
This attribute is currently not supported by CBFS Vault. |
| VAULT_FATTR_RESERVED_0 | 0x00001000 | Reserved. |
| VAULT_FATTR_RESERVED_1 | 0x00002000 | Reserved. |
| VAULT_FATTR_RESERVED_2 | 0x00004000 | Reserved. |
| VAULT_FATTR_RESERVED_3 | 0x00008000 | Reserved. |
| VAULT_FATTR_NO_USER_CHANGE | 0x0000F03F | A mask that includes all attributes that cannot be changed.
Applications cannot use the set_file_attributes method to directly change any of the following attributes: FILE, DIRECTORY, DATA_STREAM, COMPRESSED, ENCRYPTED, SYMLINK, RESERVED_0, RESERVED_1, RESERVED_2, or RESERVED_3. |
| VAULT_FATTR_USER_DEFINED | 0x7FF00000 | A mask for application-defined attributes.
Applications can use the set_file_attributes method to set custom attributes, as long as their values are covered by this mask. |
| VAULT_FATTR_ANY_FILE | 0x7FFFFFFF | A mask that includes any and all attributes. |
Note: This method can be called only when active is True, and it cannot be called within events.
set_file_compression Method
This method compresses or decompresses a file or alternate stream.
Syntax
def set_file_compression(file_name: str, compression: int, compression_level: int, pages_per_block: int, password: str) -> None: ...
Remarks
This method changes the compression mode used to compress the file or alternate stream specified by FileName.
The value passed for FileName must be a vault-local absolute path.
The Compression parameter specifies the new compression mode to use. Valid values are as follows:
| VAULT_CM_NONE | 0 | Do not use compression. |
| VAULT_CM_DEFAULT | 1 | Use default compression (zlib). |
| VAULT_CM_CUSTOM | 2 | Use event-based custom compression.
This compression level is not used. |
| VAULT_CM_ZLIB | 3 | Use zlib compression.
Valid compression levels are 1-9. |
| VAULT_CM_RLE | 4 | Use RLE compression.
This compression level is not used. |
Applications that use custom compression must implement the on_data_compress and on_data_decompress events. Please refer to the Compression topic for more information.
The CompressionLevel parameter specifies the compression level to use, if applicable.
The PagesPerBlock parameter specifies how many pages should be compressed as a single block, if applicable. Valid values are powers of 2 up to and including 128 (i.e., 2, 4, 8, 16, 32, 64, or 128), or 0, which is interpreted as "default" (currently 16 for both zlib and run-length encoding [RLE]). Larger values allow for more efficient compression; however, because a block must be decompressed (and, for writes, recompressed) anytime its data are accessed, larger values can also cause excessive slowdown, especially for random access.
The Password parameter specifies the password to use to access the file's data, if it is encrypted.
Note: This method can be called only when active is True, and it cannot be called within events.
set_file_creation_time Method
This method sets the creation time of a vault item.
Syntax
def set_file_creation_time(file_name: str, creation_time: datetime.datetime) -> None: ...
Remarks
This method sets the creation time of the vault item (e.g., file, directory, symbolic link, or alternate stream) specified by FileName.
The value passed for FileName must be a vault-local absolute path.
The CreationTime parameter specifies the new creation time for the vault item, which must be specified in UTC.
Note: This method can be called only when active is True, and it cannot be called within events.
set_file_encryption Method
This method encrypts, decrypts, or changes the encryption password of a file or alternate stream.
Syntax
def set_file_encryption(file_name: str, encryption: int, old_password: str, new_password: str) -> None: ...
Remarks
This method changes the encryption mode or password used to encrypt the file or alternate stream specified by FileName.
The value passed for FileName must be a vault-local absolute path.
The Encryption parameter specifies the new encryption mode to use. Valid values are as follows:
| VAULT_EM_NONE | 0x0 | Do not use encryption. |
| VAULT_EM_DEFAULT | 0x1 | Use default encryption (VAULT_EM_XTS_AES256_PBKDF2_HMAC_SHA256). |
| VAULT_EM_XTS_AES256_PBKDF2_HMAC_SHA256 | 0x2 | Use AES256 encryption with PBKDF2 key derivation based on a HMAC_SHA256 key hash. |
| VAULT_EM_CUSTOM256_PBKDF2_HMAC_SHA256 | 0x3 | Use event-based custom 256-bit encryption with PBKDF2 key derivation based on a HMAC_SHA256 key hash.
A 256-bit (32-byte) block size is used with this encryption mode. |
| VAULT_EM_CUSTOM512_PBKDF2_HMAC_SHA256 | 0x4 | Use event-based custom 512-bit encryption with PBKDF2 key derivation based on a HMAC_SHA256 key hash.
A 512-bit (64-byte) block size is used with this encryption mode. |
| VAULT_EM_CUSTOM1024_PBKDF2_HMAC_SHA256 | 0x5 | Use event-based custom 1024-bit encryption with PBKDF2 key derivation based on a HMAC_SHA256 key hash.
A 1024-bit (128-byte) block size is used with this encryption mode. |
| VAULT_EM_CUSTOM256_CUSTOM_KEY_DERIVE | 0x23 | Use event-based custom 256-bit encryption with custom key derivation.
A 256-bit (32-byte) block size is used with this encryption mode. |
| VAULT_EM_CUSTOM512_CUSTOM_KEY_DERIVE | 0x24 | Use event-based custom 512-bit encryption with custom key derivation.
A 512-bit (64-byte) block size is used with this encryption mode. |
| VAULT_EM_CUSTOM1024_CUSTOM_KEY_DERIVE | 0x25 | Use event-based custom 1024-bit encryption with custom key derivation.
A 1024-bit (128-byte) block size is used with this encryption mode. |
| VAULT_EM_CUSTOM256_DIRECT_KEY | 0x43 | Use event-based custom 256-bit encryption with no key derivation.
A 256-bit (32-byte) block size is used with this encryption mode. This mode is useful for cases in which the password is an identifier for an external key and should not be used for key derivation. |
| VAULT_EM_CUSTOM512_DIRECT_KEY | 0x44 | Use event-based custom 512-bit encryption with no key derivation.
A 512-bit (64-byte) block size is used with this encryption mode. This mode is useful for cases in which the password is an identifier for an external key and should not be used for key derivation. |
| VAULT_EM_CUSTOM1024_DIRECT_KEY | 0x45 | Use event-based custom 1024-bit encryption with no key derivation.
A 1024-bit (128-byte) block size is used with this encryption mode. This mode is useful for cases in which the password is an identifier for an external key and should not be used for key derivation. |
| VAULT_EM_UNKNOWN | 0xFF | Unidentified or unknown encryption. |
Applications that use custom encryption must implement at least the on_data_encrypt and on_data_decrypt events. Certain custom encryption modes may require that the on_hash_calculate or on_key_derive event be implemented as well. Please refer to the Encryption topic for more information.
The OldPassword parameter specifies the current encryption password, if applicable.
The NewPassword parameter specifies the new encryption password to use, if applicable.
Note: This method can be called only when active is True, and it cannot be called within events.
set_file_last_access_time Method
This method sets the last access time of a vault item.
Syntax
def set_file_last_access_time(file_name: str, last_access_time: datetime.datetime) -> None: ...
Remarks
This method sets the last access time of the vault item (e.g., file, directory, symbolic link, or alternate stream) specified by FileName.
The value passed for FileName must be a vault-local absolute path.
The LastAccessTime parameter specifies the new last access time for the vault item, which must be specified in UTC.
Note: This method can be called only when active is True, and it cannot be called within events.
set_file_modification_time Method
This method sets the modification time of a vault item.
Syntax
def set_file_modification_time(file_name: str, modification_time: datetime.datetime) -> None: ...
Remarks
This method sets the modification time of the vault item (e.g., file, directory, symbolic link, or alternate stream) specified by FileName.
The value passed for FileName must be a vault-local absolute path.
The ModificationTime parameter specifies the new modification time for the vault item, which must be specified in UTC.
Note: This method can be called only when active is True, and it cannot be called within events.
set_file_size Method
This method sets the size of a file or alternate stream.
Syntax
def set_file_size(file_name: str, size: int, password: str) -> None: ...
Remarks
This method sets the size of the file or alternate stream specified by FileName.
The value passed for FileName must be a vault-local absolute path.
The Size parameter specifies the new size of the file or alternate stream, which must be greater than or equal to 0.
Applications can also change the size of a file or alternate stream using the stream objects returned by the open_file and open_file_ex methods.
Note: This method can be called only when active is True, and it cannot be called within events.
set_file_tag Method
This method attaches a raw file tag with binary data to the specified vault item.
Syntax
def set_file_tag(file_name: str, tag_id: int, data: bytes) -> None: ...
Remarks
This method attaches a raw file tag with binary data to the vault item (e.g., file, directory, or alternate stream) specified by FileName using the specified TagId. If a raw file tag with the specified TagId is already attached to the specified vault item, it is replaced.
The value passed for FileName must be a vault-local absolute path. The value passed for TagId must be in the range 0x0001 to 0xCFFF (inclusive).
The Data parameter specifies the raw binary data to store in the file tag; it may be up to 65531 bytes in length.
Please refer to the File Tags topic for more information.
Note: This method can be called only when active is True, and it cannot be called within events.
set_file_tag_as_ansi_string Method
This method attaches an AnsiString-typed file tag to the specified vault item.
Syntax
def set_file_tag_as_ansi_string(file_name: str, tag_name: str, value: str) -> None: ...
Remarks
This method attaches an AnsiString-typed file tag to the vault item (e.g., file, directory, or alternate stream) specified by FileTag using the specified TagName. If a typed file tag with the specified TagName is already attached to the specified vault item, it is replaced.
The value passed for FileName must be a vault-local absolute path. The value passed for TagName may be up to 4095 characters in length (not including the null terminator).
The Value parameter specifies the AnsiString value to store in the file tag; it may be up to 65529 - (name_length * 2) bytes in length (where name_length is measured in characters), including null terminators for both the AnsiString value and the name.
Please refer to the File Tags topic for more information.
Note: AnsiString file tag values are converted to UTF-16LE when referenced in a search query string. To reduce the chance of string-conversion-related issues, it is recommended that applications only store ASCII characters in AnsiString-typed file tags, and prefer String-typed file tags (created using set_file_tag_as_string) in all other cases.
Note: This method can be called only when active is True, and it cannot be called within events.
set_file_tag_as_boolean Method
This method attaches a Boolean-typed file tag to the specified vault item.
Syntax
def set_file_tag_as_boolean(file_name: str, tag_name: str, value: bool) -> None: ...
Remarks
This method attaches a Boolean-typed file tag to the vault item (e.g., file, directory, or alternate stream) specified by FileTag using the specified TagName. If a typed file tag with the specified TagName is already attached to the specified vault item, it is replaced.
The value passed for FileName must be a vault-local absolute path. The value passed for TagName may be up to 4095 characters in length (not including the null terminator).
The Value parameter specifies the Boolean value to store in the file tag.
Please refer to the File Tags topic for more information.
Note: This method can be called only when active is True, and it cannot be called within events.
set_file_tag_as_date_time Method
This method attaches a DateTime-typed file tag to the specified vault item.
Syntax
def set_file_tag_as_date_time(file_name: str, tag_name: str, value: datetime.datetime) -> None: ...
Remarks
This method attaches a DateTime-typed file tag to the vault item (e.g., file, directory, or alternate stream) specified by FileTag using the specified TagName. If a typed file tag with the specified TagName is already attached to the specified vault item, it is replaced.
The value passed for FileName must be a vault-local absolute path. The value passed for TagName may be up to 4095 characters in length (not including the null terminator).
The Value parameter specifies the DateTime value to store in the file tag, which must be specified in UTC.
Please refer to the File Tags topic for more information.
Note: This method can be called only when active is True, and it cannot be called within events.
set_file_tag_as_number Method
This method attaches a Number-typed file tag to the specified vault item.
Syntax
def set_file_tag_as_number(file_name: str, tag_name: str, value: int) -> None: ...
Remarks
This method attaches a Number-typed file tag to the vault item (e.g., file, directory, or alternate stream) specified by FileTag using the specified TagName. If a typed file tag with the specified TagName is already attached to the specified vault item, it is replaced.
The value passed for FileName must be a vault-local absolute path. The value passed for TagName may be up to 4095 characters in length (not including the null terminator).
The Value parameter specifies the Number value to store in the file tag.
Please refer to the File Tags topic for more information.
Note: This method can be called only when active is True, and it cannot be called within events.
set_file_tag_as_string Method
This method attaches a String-typed file tag to the specified vault item.
Syntax
def set_file_tag_as_string(file_name: str, tag_name: str, value: str) -> None: ...
Remarks
This method attaches a String-typed file tag to the vault item (e.g., file, directory, or alternate stream) specified by FileTag using the specified TagName. If a typed file tag with the specified TagName is already attached to the specified vault item, it is replaced.
The value passed for FileName must be a vault-local absolute path. The value passed for TagName may be up to 4095 characters in length (not including the null terminator).
The Value parameter specifies the UTF-16LE String value to store in the file tag; it may be up to 65529 - (name_length * 2) bytes in length (where name_length is measured in characters), including null terminators for both the String value and the name.
Please refer to the File Tags topic for more information.
Note: This method can be called only when active is True, and it cannot be called within events.
unix_time_to_file_time Method
This method converts the date/time in Unix format to the Windows FileTime format.
Syntax
def unix_time_to_file_time(unix_time: int, nanoseconds: int) -> datetime.datetime: ...
Remarks
Use this method to convert the date/time in Unix format to the Windows FileTime format.
Pass the Unix time value to UnixTime and optionally pass the subsecond part of the time, expressed in nanoseconds, to the Nanoseconds parameter. If the subsecond part of the time is not available, set Nanoseconds to zero (0) value.
update_vault_encryption Method
This method encrypts, decrypts, or changes the encryption password of the vault.
Syntax
def update_vault_encryption(encryption: int, old_password: str, new_password: str) -> None: ...
Remarks
This method changes the encryption mode or password used to encrypt the vault.
The Encryption parameter specifies the new encryption mode to use. Valid values are as follows:
| VAULT_EM_NONE | 0x0 | Do not use encryption. |
| VAULT_EM_DEFAULT | 0x1 | Use default encryption (VAULT_EM_XTS_AES256_PBKDF2_HMAC_SHA256). |
| VAULT_EM_XTS_AES256_PBKDF2_HMAC_SHA256 | 0x2 | Use AES256 encryption with PBKDF2 key derivation based on a HMAC_SHA256 key hash. |
| VAULT_EM_CUSTOM256_PBKDF2_HMAC_SHA256 | 0x3 | Use event-based custom 256-bit encryption with PBKDF2 key derivation based on a HMAC_SHA256 key hash.
A 256-bit (32-byte) block size is used with this encryption mode. |
| VAULT_EM_CUSTOM512_PBKDF2_HMAC_SHA256 | 0x4 | Use event-based custom 512-bit encryption with PBKDF2 key derivation based on a HMAC_SHA256 key hash.
A 512-bit (64-byte) block size is used with this encryption mode. |
| VAULT_EM_CUSTOM1024_PBKDF2_HMAC_SHA256 | 0x5 | Use event-based custom 1024-bit encryption with PBKDF2 key derivation based on a HMAC_SHA256 key hash.
A 1024-bit (128-byte) block size is used with this encryption mode. |
| VAULT_EM_CUSTOM256_CUSTOM_KEY_DERIVE | 0x23 | Use event-based custom 256-bit encryption with custom key derivation.
A 256-bit (32-byte) block size is used with this encryption mode. |
| VAULT_EM_CUSTOM512_CUSTOM_KEY_DERIVE | 0x24 | Use event-based custom 512-bit encryption with custom key derivation.
A 512-bit (64-byte) block size is used with this encryption mode. |
| VAULT_EM_CUSTOM1024_CUSTOM_KEY_DERIVE | 0x25 | Use event-based custom 1024-bit encryption with custom key derivation.
A 1024-bit (128-byte) block size is used with this encryption mode. |
| VAULT_EM_CUSTOM256_DIRECT_KEY | 0x43 | Use event-based custom 256-bit encryption with no key derivation.
A 256-bit (32-byte) block size is used with this encryption mode. This mode is useful for cases in which the password is an identifier for an external key and should not be used for key derivation. |
| VAULT_EM_CUSTOM512_DIRECT_KEY | 0x44 | Use event-based custom 512-bit encryption with no key derivation.
A 512-bit (64-byte) block size is used with this encryption mode. This mode is useful for cases in which the password is an identifier for an external key and should not be used for key derivation. |
| VAULT_EM_CUSTOM1024_DIRECT_KEY | 0x45 | Use event-based custom 1024-bit encryption with no key derivation.
A 1024-bit (128-byte) block size is used with this encryption mode. This mode is useful for cases in which the password is an identifier for an external key and should not be used for key derivation. |
| VAULT_EM_UNKNOWN | 0xFF | Unidentified or unknown encryption. |
Applications that use custom encryption must implement at least the on_data_encrypt and on_data_decrypt events. Certain custom encryption modes may require that the on_hash_calculate or on_key_derive event be implemented as well. Please refer to the Encryption topic for more information.
The OldPassword parameter specifies the current encryption password, if applicable.
The NewPassword parameter specifies the new encryption password to use, if applicable.
Note: This method can be called only when active is True, and it cannot be called within events.
warp_hole Method
[TBD.].
Syntax
def warp_hole(name: List[str], some_value: int, full_name: List[str], attributes: List[int], size: List[int], creation_time: List[datetime.datetime], some_value2: int, is_dir: List[bool]) -> str: ...
Remarks
[TBD.]
on_data_compress Event
This event fires to compress a block of data using a custom compression algorithm.
Syntax
class CBVaultDataCompressEventParams(object): @property def in_data() -> c_void_p: ... @property def in_size() -> int: ... @property def out_data() -> c_void_p: ... @property def out_size() -> int: ... @out_size.setter def out_size(value) -> None: ... @property def compression_level() -> int: ... @property def result_code() -> int: ... @result_code.setter def result_code(value) -> None: ... # In class CBVault: @property def on_data_compress() -> Callable[[CBVaultDataCompressEventParams], None]: ... @on_data_compress.setter def on_data_compress(event_hook: Callable[[CBVaultDataCompressEventParams], None]) -> None: ...
Remarks
This event fires when the class needs to compress a block of data using an application-defined compression algorithm. Please refer to the Compression topic for more information.
This event only needs to be handled by applications that use the VAULT_CM_CUSTOM compression mode. To handle this event properly, applications must compress all InSize bytes of data in the InData buffer, write the compressed data to the OutData buffer, and set OutSize to reflect the total number of bytes written to OutData.
Note: OutSize is initially set to the capacity of the OutData buffer. If the OutData buffer is not large enough to accommodate all of the data after compression (which, while uncommon, may occur with some compression algorithms), do not write any data to OutData. Instead, set ResultCode to VAULT_ERR_BUFFER_TOO_SMALL to inform the class that the current block of data should remain uncompressed.
Please see the Buffer Parameters topic for more information on how to work with memory buffer event parameters.
The CompressionLevel specifies the requested compression level. Possible values are 0 through 9; where 0 means "use the default compression level". Applications may ignore this value if it is not needed by their compression algorithm.
The ResultCode parameter will always be 0 when the event is fired. If the event cannot be handled in a "successful" manner for some reason (e.g., a resource is not available or security checks failed), set it to a nonzero value to report an appropriate error. Please see the Error Reporting and Handling topic for more information.
Note: An application should not attempt to call class's methods from handlers of this event. Doing this is guaranteed to cause a deadlock.
on_data_decompress Event
This event fires to decompress a block of data using a custom compression algorithm.
Syntax
class CBVaultDataDecompressEventParams(object): @property def in_data() -> c_void_p: ... @property def in_size() -> int: ... @property def out_data() -> c_void_p: ... @property def out_size() -> int: ... @out_size.setter def out_size(value) -> None: ... @property def result_code() -> int: ... @result_code.setter def result_code(value) -> None: ... # In class CBVault: @property def on_data_decompress() -> Callable[[CBVaultDataDecompressEventParams], None]: ... @on_data_decompress.setter def on_data_decompress(event_hook: Callable[[CBVaultDataDecompressEventParams], None]) -> None: ...
Remarks
This event fires when the class needs to decompress a block of data using an application-defined compression algorithm. Please refer to the Compression topic for more information.
This event only needs to be handled by applications that use the VAULT_CM_CUSTOM compression mode. To handle this event properly, applications must decompress all InSize bytes of data in the InData buffer, write the decompressed data to the OutData buffer, and set OutSize to reflect the total number of bytes written to OutData.
Note: OutSize is initially set to the capacity of the OutData buffer, which (under normal circumstances) should be large enough to accommodate all of the decompressed data. Only if the vault is corrupted should the OutData buffer ever be too small to hold the decompressed data; so if this occurs, do not write any data to OutData. Instead, set ResultCode to VAULT_ERR_VAULT_CORRUPTED.
Please see the Buffer Parameters topic for more information on how to work with memory buffer event parameters.
The ResultCode parameter will always be 0 when the event is fired. If the event cannot be handled in a "successful" manner for some reason (e.g., a resource is not available or security checks failed), set it to a nonzero value to report an appropriate error. Please see the Error Reporting and Handling topic for more information.
Note: An application should not attempt to call class's methods from handlers of this event. Doing this is guaranteed to cause a deadlock.
on_data_decrypt Event
This event fires to decrypt a block of data using a custom encryption implementation.
Syntax
class CBVaultDataDecryptEventParams(object): @property def key() -> c_void_p: ... @property def key_length() -> int: ... @property def salt1() -> c_void_p: ... @property def salt_1_size() -> int: ... @property def salt2() -> c_void_p: ... @property def salt_2_size() -> int: ... @property def data() -> c_void_p: ... @property def data_size() -> int: ... @property def result_code() -> int: ... @result_code.setter def result_code(value) -> None: ... # In class CBVault: @property def on_data_decrypt() -> Callable[[CBVaultDataDecryptEventParams], None]: ... @on_data_decrypt.setter def on_data_decrypt(event_hook: Callable[[CBVaultDataDecryptEventParams], None]) -> None: ...
Remarks
This event fires when the class needs to decrypt a block of data using an application-defined encryption implementation. Please refer to the Encryption topic for more information.
This event only needs to be handled by applications that use one of the VAULT_EM_CUSTOM* encryption modes. To handle this event properly, applications must decrypt all DataSize bytes of data in the Data buffer. After decrypting the data, applications must write it back to the Data buffer. The size of the decrypted data must match DataSize, which is always a multiple of 32.
The Key buffer contains the encryption key (e.g., password) specified for the file, alternate stream, or vault whose data are being decrypted. The KeyLength parameter specifies the length, in bytes, of Key.
The Salt1 and Salt2 buffers contain the same salt values provided when the data were encrypted in an earlier on_data_encrypt event. The Salt1Size and Salt2Size parameters specify the length, in bytes, of Salt1 and Salt2.
Please see the Buffer Parameters topic for more information on how to work with memory buffer event parameters.
The ResultCode parameter will always be 0 when the event is fired. If the event cannot be handled in a "successful" manner for some reason (e.g., a resource is not available or security checks failed), set it to a nonzero value to report an appropriate error. Please see the Error Reporting and Handling topic for more information.
Note: An application should not attempt to call class's methods from handlers of this event. Doing this is guaranteed to cause a deadlock.
on_data_encrypt Event
This event fires to encrypt a block of data using a custom encryption implementation.
Syntax
class CBVaultDataEncryptEventParams(object): @property def key() -> c_void_p: ... @property def key_length() -> int: ... @property def salt1() -> c_void_p: ... @property def salt_1_size() -> int: ... @property def salt2() -> c_void_p: ... @property def salt_2_size() -> int: ... @property def data() -> c_void_p: ... @property def data_size() -> int: ... @property def result_code() -> int: ... @result_code.setter def result_code(value) -> None: ... # In class CBVault: @property def on_data_encrypt() -> Callable[[CBVaultDataEncryptEventParams], None]: ... @on_data_encrypt.setter def on_data_encrypt(event_hook: Callable[[CBVaultDataEncryptEventParams], None]) -> None: ...
Remarks
This event fires when the class needs to encrypt a block of data using an application-defined encryption implementation. Please refer to the Encryption topic for more information.
This event only needs to be handled by applications that use one of the VAULT_EM_CUSTOM* encryption modes. To handle this event properly, applications must encrypt all DataSize bytes of data in the Data buffer. After encrypting the data, applications must write it back to the Data buffer. The size of the encrypted data must match DataSize, which is always a multiple of 32.
The Key buffer contains the encryption key (e.g., password) specified for the file, alternate stream, or vault whose data are being decrypted. The KeyLength parameter specifies the length, in bytes, of Key.
The Salt1 and Salt2 buffers contain salt values that can be used to strengthen encryption, if desired. The Salt1Size and Salt2Size parameters specify the length, in bytes, of Salt1 and Salt2.
Please see the Buffer Parameters topic for more information on how to work with memory buffer event parameters.
The ResultCode parameter will always be 0 when the event is fired. If the event cannot be handled in a "successful" manner for some reason (e.g., a resource is not available or security checks failed), set it to a nonzero value to report an appropriate error. Please see the Error Reporting and Handling topic for more information.
Note: An application should not attempt to call class's methods from handlers of this event. Doing this is guaranteed to cause a deadlock.
on_error Event
This event fires if an unhandled error occurs during an event.
Syntax
class CBVaultErrorEventParams(object): @property def error_code() -> int: ... @property def description() -> str: ... # In class CBVault: @property def on_error() -> Callable[[CBVaultErrorEventParams], None]: ... @on_error.setter def on_error(event_hook: Callable[[CBVaultErrorEventParams], None]) -> None: ...
Remarks
This event fires if an unhandled error occurs during another event. Developers can use this information to track down unhandled errors in an application's event handlers.
on_file_after_copy Event
This event fires after the file has been copied during file export/import operations.
Syntax
class CBVaultFileAfterCopyEventParams(object): @property def source_path() -> str: ... @property def destination_path() -> str: ... @property def attributes() -> int: ... @property def result_code() -> int: ... @result_code.setter def result_code(value) -> None: ... # In class CBVault: @property def on_file_after_copy() -> Callable[[CBVaultFileAfterCopyEventParams], None]: ... @on_file_after_copy.setter def on_file_after_copy(event_hook: Callable[[CBVaultFileAfterCopyEventParams], None]) -> None: ...
Remarks
This event fires when the class is executing the copy_to_vault or copy_from_vault method after the file specified by SourcePath has been copied to a file identified by DestinationPath.
For a directory, the event fires after the directory identified by SourcePath has been created as DestinationPath and all of the source directory's contents have been processed.
The event will fire only if the VAULT_CFF_FIRE_COPY_EVENTS flag is included in the Flags parameter of the copy_from_vault or copy_to_vault method. Also, the event will not fire for the base directory that was passed to the copy_to_vault or copy_from_vault method.
A process may check whether it was a file or directory copied by inspecting the value of the Attributes parameter, which contains the attributes of the file as a 32-bit integer. The attributes are composed of one or more of the following values:
| VAULT_FATTR_FILE | 0x00000001 | The entry is a file. |
| VAULT_FATTR_DIRECTORY | 0x00000002 | The entry is a directory. |
| VAULT_FATTR_DATA_STREAM | 0x00000004 | The entry is an alternate data stream. |
| VAULT_FATTR_COMPRESSED | 0x00000008 | The file or stream is compressed. |
| VAULT_FATTR_ENCRYPTED | 0x00000010 | The file or stream is encrypted. |
| VAULT_FATTR_SYMLINK | 0x00000020 | The entry is a symbolic link. |
| VAULT_FATTR_READONLY | 0x00000040 | The file is read-only.
This attribute is not used by CBFS Vault, but it can be set and retrieved. |
| VAULT_FATTR_ARCHIVE | 0x00000080 | The file requires archiving.
This attribute is not used by CBFS Vault, but it can be set and retrieved. |
| VAULT_FATTR_HIDDEN | 0x00000100 | The file is hidden.
This attribute is not used by CBFS Vault, but it can be set and retrieved. |
| VAULT_FATTR_SYSTEM | 0x00000200 | The file is a system file.
This attribute is not used by CBFS Vault, but it can be set and retrieved. |
| VAULT_FATTR_TEMPORARY | 0x00000400 | The file is temporary.
This attribute is not used by CBFS Vault, but it can be set and retrieved. |
| VAULT_FATTR_DELETE_ON_CLOSE | 0x00000800 | The file should be deleted when the last handle to the file is closed.
This attribute is currently not supported by CBFS Vault. |
| VAULT_FATTR_RESERVED_0 | 0x00001000 | Reserved. |
| VAULT_FATTR_RESERVED_1 | 0x00002000 | Reserved. |
| VAULT_FATTR_RESERVED_2 | 0x00004000 | Reserved. |
| VAULT_FATTR_RESERVED_3 | 0x00008000 | Reserved. |
| VAULT_FATTR_NO_USER_CHANGE | 0x0000F03F | A mask that includes all attributes that cannot be changed.
Applications cannot use the set_file_attributes method to directly change any of the following attributes: FILE, DIRECTORY, DATA_STREAM, COMPRESSED, ENCRYPTED, SYMLINK, RESERVED_0, RESERVED_1, RESERVED_2, or RESERVED_3. |
| VAULT_FATTR_USER_DEFINED | 0x7FF00000 | A mask for application-defined attributes.
Applications can use the set_file_attributes method to set custom attributes, as long as their values are covered by this mask. |
| VAULT_FATTR_ANY_FILE | 0x7FFFFFFF | A mask that includes any and all attributes. |
To cancel further copying, return the VAULT_ERR_INTERRUPTED_BY_USER error code via ResultCode.
The ResultCode parameter will always be 0 when the event is fired. If the event cannot be handled in a "successful" manner for some reason (e.g., a resource is not available or security checks failed), set it to a nonzero value to report an appropriate error. Please see the Error Reporting and Handling topic for more information.
on_file_before_copy Event
This event fires before the file is copied during file export/import operations.
Syntax
class CBVaultFileBeforeCopyEventParams(object): @property def source_path() -> str: ... @property def destination_path() -> str: ... @property def attributes() -> int: ... @attributes.setter def attributes(value) -> None: ... @property def destination_exists() -> bool: ... @property def skip() -> bool: ... @skip.setter def skip(value) -> None: ... @property def result_code() -> int: ... @result_code.setter def result_code(value) -> None: ... # In class CBVault: @property def on_file_before_copy() -> Callable[[CBVaultFileBeforeCopyEventParams], None]: ... @on_file_before_copy.setter def on_file_before_copy(event_hook: Callable[[CBVaultFileBeforeCopyEventParams], None]) -> None: ...
Remarks
This event fires when the class is executing the copy_to_vault or copy_from_vault method before the file specified by SourcePath is copied to a file identified by DestinationPath or before the directory identified by SourcePath is about to be created as DestinationPath.
This event will fire only if the VAULT_CFF_FIRE_COPY_EVENTS flag is included in the Flags parameter of the copy_from_vault or copy_to_vault method. Also, the event will not fire for the base directory that was passed to the copy_to_vault or copy_from_vault method.
A process may check whether it is a file or a directory being copied by inspecting the value of the Attributes parameter, which contains the attributes of the file as a 32-bit integer. The attributes are composed of one or more of the following values:
| VAULT_FATTR_FILE | 0x00000001 | The entry is a file. |
| VAULT_FATTR_DIRECTORY | 0x00000002 | The entry is a directory. |
| VAULT_FATTR_DATA_STREAM | 0x00000004 | The entry is an alternate data stream. |
| VAULT_FATTR_COMPRESSED | 0x00000008 | The file or stream is compressed. |
| VAULT_FATTR_ENCRYPTED | 0x00000010 | The file or stream is encrypted. |
| VAULT_FATTR_SYMLINK | 0x00000020 | The entry is a symbolic link. |
| VAULT_FATTR_READONLY | 0x00000040 | The file is read-only.
This attribute is not used by CBFS Vault, but it can be set and retrieved. |
| VAULT_FATTR_ARCHIVE | 0x00000080 | The file requires archiving.
This attribute is not used by CBFS Vault, but it can be set and retrieved. |
| VAULT_FATTR_HIDDEN | 0x00000100 | The file is hidden.
This attribute is not used by CBFS Vault, but it can be set and retrieved. |
| VAULT_FATTR_SYSTEM | 0x00000200 | The file is a system file.
This attribute is not used by CBFS Vault, but it can be set and retrieved. |
| VAULT_FATTR_TEMPORARY | 0x00000400 | The file is temporary.
This attribute is not used by CBFS Vault, but it can be set and retrieved. |
| VAULT_FATTR_DELETE_ON_CLOSE | 0x00000800 | The file should be deleted when the last handle to the file is closed.
This attribute is currently not supported by CBFS Vault. |
| VAULT_FATTR_RESERVED_0 | 0x00001000 | Reserved. |
| VAULT_FATTR_RESERVED_1 | 0x00002000 | Reserved. |
| VAULT_FATTR_RESERVED_2 | 0x00004000 | Reserved. |
| VAULT_FATTR_RESERVED_3 | 0x00008000 | Reserved. |
| VAULT_FATTR_NO_USER_CHANGE | 0x0000F03F | A mask that includes all attributes that cannot be changed.
Applications cannot use the set_file_attributes method to directly change any of the following attributes: FILE, DIRECTORY, DATA_STREAM, COMPRESSED, ENCRYPTED, SYMLINK, RESERVED_0, RESERVED_1, RESERVED_2, or RESERVED_3. |
| VAULT_FATTR_USER_DEFINED | 0x7FF00000 | A mask for application-defined attributes.
Applications can use the set_file_attributes method to set custom attributes, as long as their values are covered by this mask. |
| VAULT_FATTR_ANY_FILE | 0x7FFFFFFF | A mask that includes any and all attributes. |
An event handler may change the following attributes: VAULT_FATTR_READONLY, VAULT_FATTR_ARCHIVE, VAULT_FATTR_HIDDEN, VAULT_FATTR_SYSTEM, VAULT_FATTR_TEMPORARY. When files are imported to the vault, an event handler may set user-defined flags that match the VAULT_FATTR_USER_DEFINED mask.
The DestinationExists flag indicates the presence of the file or directory at the moment when the event is fired.
Note: When copying the files from the vault, it is possible that a file gets created or deleted outside of the class; the value of this parameter may become inaccurate.
To skip the file, set the Skip parameter to true. When the file is skipped, on_file_after_copy does not fire.
To cancel copying, return the VAULT_ERR_INTERRUPTED_BY_USER error code via ResultCode.
The ResultCode parameter will always be 0 when the event is fired. If the event cannot be handled in a "successful" manner for some reason (e.g., a resource is not available or security checks failed), set it to a nonzero value to report an appropriate error. Please see the Error Reporting and Handling topic for more information.
on_file_password_needed Event
This event fires if a password is needed to open an encrypted file.
Syntax
class CBVaultFilePasswordNeededEventParams(object): @property def file_name() -> str: ... @property def password() -> str: ... @password.setter def password(value) -> None: ... @property def ttl_in_cache() -> int: ... @ttl_in_cache.setter def ttl_in_cache(value) -> None: ... @property def result_code() -> int: ... @result_code.setter def result_code(value) -> None: ... # In class CBVault: @property def on_file_password_needed() -> Callable[[CBVaultFilePasswordNeededEventParams], None]: ... @on_file_password_needed.setter def on_file_password_needed(event_hook: Callable[[CBVaultFilePasswordNeededEventParams], None]) -> None: ...
Remarks
This event fires when the encrypted file specified by FileName is being opened if a valid password has not been provided (either directly, or via the default_file_access_password property or cache_file_password method). This event will not fire if a valid password has already been provided, or if the file specified by FileName does not exist in the vault.
To allow access to the specified file, set the Password parameter to the correct password.
If an invalid password is provided by the event handler, the event will fire again.
To prevent access to the specified file or to stop being asked for a password in a loop, return the VAULT_ERR_INVALID_PASSWORD error code via ResultCode.
The TTLInCache parameter specifies time to seconds that the class keeps the password in the internal cache to reduce the number of requests for a password. The value of 0 tells the class to discard the password after the first use.
Note: This event can be fired on different threads, and possibly even on several threads concurrently. As an alternative to handling this event, applications can provide a default file encryption password using the default_file_access_password property or can call the cache_file_password method (before a file is opened) to specify a one-time-use password.
The ResultCode parameter will always be 0 when the event is fired. If the event cannot be handled in a "successful" manner for some reason (e.g., a resource is not available or security checks failed), set it to a nonzero value to report an appropriate error. Please see the Error Reporting and Handling topic for more information.
on_hash_calculate Event
This event fires to calculate a password hash using a custom hashing implementation.
Syntax
class CBVaultHashCalculateEventParams(object): @property def password() -> c_void_p: ... @property def password_size() -> int: ... @property def salt() -> c_void_p: ... @property def salt_size() -> int: ... @property def hash() -> c_void_p: ... @property def hash_size() -> int: ... @property def result_code() -> int: ... @result_code.setter def result_code(value) -> None: ... # In class CBVault: @property def on_hash_calculate() -> Callable[[CBVaultHashCalculateEventParams], None]: ... @on_hash_calculate.setter def on_hash_calculate(event_hook: Callable[[CBVaultHashCalculateEventParams], None]) -> None: ...
Remarks
This event fires when the class needs to calculate a password hash using an application-defined hashing implementation. The calculated hash is used to check the password's validity before using it for encryption. Please refer to the Encryption topic for more information.
This event needs to be handled only by applications that use one of the VAULT_EM_CUSTOM*_DIRECT_KEY encryption modes. To handle this event property, applications must calculate a hash of the data in the Password buffer (whose length, in bytes, is specified by PasswordSize). The calculated hash must be written to the Hash buffer. The size of the calculated hash must not exceed HashSize.
Applications may perform, if desired, their own password validation and return a predefined value for the hash. Applications should not use the same process for key derivation and hash calculation (or should, at the very least, ensure that Salt is used in both operations).
The Salt buffer contains a salt value that can be used (if desired) to strengthen security by increasing the uniqueness of the hash. The SaltSize parameter specifies the length, in bytes, of Salt.
Please see the Buffer Parameters topic for more information on how to work with memory buffer event parameters.
The ResultCode parameter will always be 0 when the event is fired. If the event cannot be handled in a "successful" manner for some reason (e.g., a resource is not available or security checks failed), set it to a nonzero value to report an appropriate error. Please see the Error Reporting and Handling topic for more information.
Note: An application should not attempt to call class's methods from handlers of this event. Doing this is guaranteed to cause a deadlock.
on_key_derive Event
This event fires to derive an encryption key using a custom key derivation implementation.
Syntax
class CBVaultKeyDeriveEventParams(object): @property def password() -> c_void_p: ... @property def password_size() -> int: ... @property def salt() -> c_void_p: ... @property def salt_size() -> int: ... @property def key() -> c_void_p: ... @property def key_size() -> int: ... @property def result_code() -> int: ... @result_code.setter def result_code(value) -> None: ... # In class CBVault: @property def on_key_derive() -> Callable[[CBVaultKeyDeriveEventParams], None]: ... @on_key_derive.setter def on_key_derive(event_hook: Callable[[CBVaultKeyDeriveEventParams], None]) -> None: ...
Remarks
This event fires when the class needs to derive an encryption key using an application-defined key derivation implementation. Please refer to the Encryption topic for more information.
This event needs to be handled only by applications that use one of the VAULT_EM_CUSTOM*_CUSTOM_KEY_DERIVE encryption modes. To handle this event properly, applications must derive an encryption key from the data in the Password buffer (whose length, in bytes, is specified by PasswordSize). The derived encryption key must be written to the Key buffer. The size of the derived encryption key must not exceed KeySize.
Applications should not use the same process for key derivation and hash calculation (or should, at the very least, ensure that Salt is used in both operations).
The Salt buffer contains a salt value that can be used (if desired) to strengthen security by increasing the uniqueness of the derived key. The SaltSize parameter specifies the length, in bytes, of Salt.
Please see the Buffer Parameters topic for more information on how to work with memory buffer event parameters.
The ResultCode parameter will always be 0 when the event is fired. If the event cannot be handled in a "successful" manner for some reason (e.g., a resource is not available or security checks failed), set it to a nonzero value to report an appropriate error. Please see the Error Reporting and Handling topic for more information.
Note: An application should not attempt to call class's methods from handlers of this event. Doing this is guaranteed to cause a deadlock.
on_progress Event
This event fires to indicate the progress of long-running vault operations.
Syntax
class CBVaultProgressEventParams(object): @property def operation() -> int: ... @property def file_name() -> str: ... @property def progress() -> int: ... @property def total() -> int: ... @property def can_stop() -> bool: ... @property def stop() -> bool: ... @stop.setter def stop(value) -> None: ... # In class CBVault: @property def on_progress() -> Callable[[CBVaultProgressEventParams], None]: ... @on_progress.setter def on_progress(event_hook: Callable[[CBVaultProgressEventParams], None]) -> None: ...
Remarks
This event fires anytime the class needs to report the progress of a long-running vault operation. Certain operations may cause this event to fire repeatedly.
The Operation parameter specifies which long-running operation caused this event to fire. Possible values are as follows:
| VAULT_PO_FORMATTING | 0 | Formatting a vault. |
| VAULT_PO_CHECKING_1 | 1 | Checking a vault (stage 1). |
| VAULT_PO_CHECKING_2 | 2 | Checking a vault (stage 2). |
| VAULT_PO_CHECKING_3 | 3 | Checking a vault (stage 3). |
| VAULT_PO_CHECKING_4 | 4 | Checking a vault (stage 4). |
| VAULT_PO_CHECKING_5 | 5 | Checking a vault (stage 5). |
| VAULT_PO_PAGE_CORRUPTED | 8 | Processing a corrupted vault page. |
| VAULT_PO_PAGE_ORPHANED | 9 | Processing an orphaned vault page. |
| VAULT_PO_COMPRESSING | 10 | Compressing a file or alternate stream. |
| VAULT_PO_DECOMPRESSING | 11 | Decompressing a file or alternate stream. |
| VAULT_PO_ENCRYPTING | 12 | Encrypting a vault, file, or alternate stream. |
| VAULT_PO_DECRYPTING | 13 | Decrypting a vault, file, or alternate stream |
| VAULT_PO_COMPACTING | 14 | Compacting a vault. |
| VAULT_PO_RESIZING | 15 | Resizing a vault. |
| VAULT_PO_CALCULATING_SIZE | 16 | Calculating a vault's size. |
| VAULT_PO_COPYING_FILES_TO_VAULT | 17 | Copying files to a vault. |
| VAULT_PO_COPYING_FILES_FROM_VAULT | 18 | Copying files from a vault. |
When the operation is copying files from or to the vault, FileName contains the path of the source file being copied.
The Progress and Total parameters reflect the current and maximum progress values. Both will be 0 if the operation's progression cannot be determined.
The CanStop parameter indicates whether the application may interrupt the operation by setting the Stop parameter to True.
Note: Some operations can be interrupted only at certain points over the course of their lifetime.
Note: An application should not attempt to call class's methods from handlers of this event. Doing this is guaranteed to cause a deadlock.
on_vault_close Event
This event fires to close a callback mode vault.
Syntax
class CBVaultVaultCloseEventParams(object): @property def vault_handle() -> int: ... @property def result_code() -> int: ... @result_code.setter def result_code(value) -> None: ... # In class CBVault: @property def on_vault_close() -> Callable[[CBVaultVaultCloseEventParams], None]: ... @on_vault_close.setter def on_vault_close(event_hook: Callable[[CBVaultVaultCloseEventParams], None]) -> None: ...
Remarks
This event fires when the class needs to close the callback mode vault specified by VaultHandle.
This event needs to be handled only if the callback_mode property is enabled; please refer to the Callback Mode topic for more information. To handle this event properly, applications must close the vault specified by VaultHandle and invalidate the handle itself.
The VaultHandle parameter contains an application-defined information, associated with an open callback mode vault, as returned by the application in an earlier on_vault_open event.
The ResultCode parameter will always be 0 when the event is fired. If the event cannot be handled in a "successful" manner for some reason (e.g., a resource is not available or security checks failed), set it to a nonzero value to report an appropriate error. Please see the Error Reporting and Handling topic for more information.
Note: An application should not attempt to call class's methods from handlers of this event. Doing this is guaranteed to cause a deadlock.
on_vault_delete Event
This event fires to delete a callback mode vault.
Syntax
class CBVaultVaultDeleteEventParams(object): @property def vault() -> str: ... @property def result_code() -> int: ... @result_code.setter def result_code(value) -> None: ... # In class CBVault: @property def on_vault_delete() -> Callable[[CBVaultVaultDeleteEventParams], None]: ... @on_vault_delete.setter def on_vault_delete(event_hook: Callable[[CBVaultVaultDeleteEventParams], None]) -> None: ...
Remarks
This event fires when the class needs to delete the callback mode vault identified by Vault.
This event needs to be handled only if the callback_mode property is enabled; please refer to the Callback Mode topic for more information. To handle this event properly, applications must delete the vault identified by Vault.
The Vault parameter contains an application-defined vault identifier (e.g., name, file path). The value of this parameter will always match the current value of the vault_file property.
The ResultCode parameter will always be 0 when the event is fired. If the event cannot be handled in a "successful" manner for some reason (e.g., a resource is not available or security checks failed), set it to a nonzero value to report an appropriate error. Please see the Error Reporting and Handling topic for more information.
Note: An application should not attempt to call class's methods from handlers of this event. Doing this is guaranteed to cause a deadlock.
on_vault_flush Event
This event fires to flush a callback mode vault's data out to storage.
Syntax
class CBVaultVaultFlushEventParams(object): @property def vault_handle() -> int: ... @property def result_code() -> int: ... @result_code.setter def result_code(value) -> None: ... # In class CBVault: @property def on_vault_flush() -> Callable[[CBVaultVaultFlushEventParams], None]: ... @on_vault_flush.setter def on_vault_flush(event_hook: Callable[[CBVaultVaultFlushEventParams], None]) -> None: ...
Remarks
This event fires when the class needs to flush the data of the callback mode vault specified by VaultHandle out to storage.
This event needs to be handled only if the callback_mode property is enabled; please refer to the Callback Mode topic for more information. To handle this event properly, applications must flush all data currently buffered for the vault specified by VaultHandle out to storage. For example, if the application is storing vault data in a file on disk, it could call FlushFileBuffers() on Windows.
The VaultHandle parameter contains an application-defined information, associated with an open callback mode vault, as returned by the application in an earlier on_vault_open event.
The ResultCode parameter will always be 0 when the event is fired. If the event cannot be handled in a "successful" manner for some reason (e.g., a resource is not available or security checks failed), set it to a nonzero value to report an appropriate error. Please see the Error Reporting and Handling topic for more information.
Note: An application should not attempt to call class's methods from handlers of this event. Doing this is guaranteed to cause a deadlock.
on_vault_get_parent_size Event
This event fires to determine how much free space is available for growing a callback mode vault.
Syntax
class CBVaultVaultGetParentSizeEventParams(object): @property def vault() -> str: ... @property def vault_handle() -> int: ... @property def free_space() -> int: ... @free_space.setter def free_space(value) -> None: ... @property def result_code() -> int: ... @result_code.setter def result_code(value) -> None: ... # In class CBVault: @property def on_vault_get_parent_size() -> Callable[[CBVaultVaultGetParentSizeEventParams], None]: ... @on_vault_get_parent_size.setter def on_vault_get_parent_size(event_hook: Callable[[CBVaultVaultGetParentSizeEventParams], None]) -> None: ...
Remarks
This event fires when the class needs to determine how much free space is available for growing the callback mode vault specified by VaultHandle.
This event needs to be handled only if the callback_mode property is enabled; please refer to the Callback Mode topic for more information. To handle this event properly, applications must set FreeSpace to indicate how many bytes of free space are available in the "parent storage" of the vault specified by VaultHandle. For example:
- If the vault is stored in a file, return the amount of free space on the associated disk.
- If the vault is stored in memory, return the amount of memory available to the application (keeping in mind any other memory needs the application may have).
- If the vault is stored on some remote system, query it to determine how much free space is available.
The Vault parameter contains an application-defined vault identifier (e.g., name, file path). The value of this parameter will always match the current value of the vault_file property.
The VaultHandle parameter contains an application-defined information, associated with an open callback mode vault, as returned by the application in an earlier on_vault_open event.
The ResultCode parameter will always be 0 when the event is fired. If the event cannot be handled in a "successful" manner for some reason (e.g., a resource is not available or security checks failed), set it to a nonzero value to report an appropriate error. Please see the Error Reporting and Handling topic for more information.
Note: An application should not attempt to call class's methods from handlers of this event. Doing this is guaranteed to cause a deadlock.
on_vault_get_size Event
This event fires to determine the size of a callback mode vault.
Syntax
class CBVaultVaultGetSizeEventParams(object): @property def vault_handle() -> int: ... @property def size() -> int: ... @size.setter def size(value) -> None: ... @property def result_code() -> int: ... @result_code.setter def result_code(value) -> None: ... # In class CBVault: @property def on_vault_get_size() -> Callable[[CBVaultVaultGetSizeEventParams], None]: ... @on_vault_get_size.setter def on_vault_get_size(event_hook: Callable[[CBVaultVaultGetSizeEventParams], None]) -> None: ...
Remarks
This event fires when the class needs to determine the size of the callback mode vault specified by VaultHandle.
This event needs to be handled only if the callback_mode property is enabled; please refer to the Callback Mode topic for more information. To handle this event properly, applications must set Size to indicate the size, in bytes, of the vault specified by VaultHandle.
The VaultHandle parameter contains an application-defined information, associated with an open callback mode vault, as returned by the application in an earlier on_vault_open event.
The ResultCode parameter will always be 0 when the event is fired. If the event cannot be handled in a "successful" manner for some reason (e.g., a resource is not available or security checks failed), set it to a nonzero value to report an appropriate error. Please see the Error Reporting and Handling topic for more information.
Note: An application should not attempt to call class's methods from handlers of this event. Doing this is guaranteed to cause a deadlock.
on_vault_open Event
This event fires to open a new or existing callback mode vault.
Syntax
class CBVaultVaultOpenEventParams(object): @property def vault() -> str: ... @property def vault_handle() -> int: ... @vault_handle.setter def vault_handle(value) -> None: ... @property def open_mode() -> int: ... @property def read_only() -> bool: ... @read_only.setter def read_only(value) -> None: ... @property def result_code() -> int: ... @result_code.setter def result_code(value) -> None: ... # In class CBVault: @property def on_vault_open() -> Callable[[CBVaultVaultOpenEventParams], None]: ... @on_vault_open.setter def on_vault_open(event_hook: Callable[[CBVaultVaultOpenEventParams], None]) -> None: ...
Remarks
This event fires when the class wants to open the callback mode vault identified by Vault.
This event needs to be handled only if the callback_mode property is enabled; please refer to the Callback Mode topic for more information. To handle this event properly, applications must open the vault identified by Vault, creating it if necessary based on the specified OpenMode, and return any associated information in VaultHandle.
If the ReadOnly parameter is initially True, the application must open the vault in read-only mode. If ReadOnly is initially False, the application may choose whether to open the vault in read-only or read-write mode. It should update the ReadOnly parameter accordingly, if necessary.
If, for any reason, the vault cannot be opened in a manner consistent with the specified OpenMode, the application must return an appropriate error code via ResultCode.
The Vault parameter contains an application-defined vault identifier (e.g., name, file path). The value of this parameter will always match the current value of the vault_file property.
The VaultHandle parameter is used to return some application-defined handle that uniquely identifies the opened vault. The class uses the returned handle to populate the VaultHandle parameters of the other Vault* events fired for the vault later.
The OpenMode parameter specifies what behavior to use when opening the vault. Valid values are as follows:
| VAULT_OM_CREATE_NEW | 0 | Creates a new vault if possible, failing if one already exists. |
| VAULT_OM_CREATE_ALWAYS | 1 | Creates a new vault, overwriting an existing one if necessary. |
| VAULT_OM_OPEN_EXISTING | 2 | Opens a vault if it exists; fails otherwise. |
| VAULT_OM_OPEN_ALWAYS | 3 | Opens a vault if it exists; creates a new one otherwise. |
The ResultCode parameter will always be 0 when the event is fired. If the event cannot be handled in a "successful" manner for some reason (e.g., a resource is not available or security checks failed), set it to a nonzero value to report an appropriate error. Please see the Error Reporting and Handling topic for more information.
Note: An application should not attempt to call class's methods from handlers of this event. Doing this is guaranteed to cause a deadlock.
on_vault_read Event
This event fires to read data from a callback mode vault.
Syntax
class CBVaultVaultReadEventParams(object): @property def vault_handle() -> int: ... @property def offset() -> int: ... @property def buffer() -> c_void_p: ... @property def count() -> int: ... @property def result_code() -> int: ... @result_code.setter def result_code(value) -> None: ... # In class CBVault: @property def on_vault_read() -> Callable[[CBVaultVaultReadEventParams], None]: ... @on_vault_read.setter def on_vault_read(event_hook: Callable[[CBVaultVaultReadEventParams], None]) -> None: ...
Remarks
This event fires when the class needs to read data from the callback mode vault specified by VaultHandle.
This event needs to be handled only if the callback_mode property is enabled; please refer to the Callback Mode topic for more information. To handle this event properly, applications must read Count bytes of data from the vault specified by VaultHandle into Buffer, starting at the specified Offset in the vault.
Count is always a multiple of the vault's page_size. If, for any reason, an application cannot read exactly Count bytes of data from the vault, it must return an appropriate error code via ResultCode.
Please see the Buffer Parameters topic for more information on how to work with memory buffer event parameters.
The VaultHandle parameter contains an application-defined information, associated with an open callback mode vault, as returned by the application in an earlier on_vault_open event.
The ResultCode parameter will always be 0 when the event is fired. If the event cannot be handled in a "successful" manner for some reason (e.g., a resource is not available or security checks failed), set it to a nonzero value to report an appropriate error. Please see the Error Reporting and Handling topic for more information.
Note: An application should not attempt to call class's methods from handlers of this event. Doing this is guaranteed to cause a deadlock.
on_vault_set_size Event
This event fires to resize a callback mode vault.
Syntax
class CBVaultVaultSetSizeEventParams(object): @property def vault_handle() -> int: ... @property def new_size() -> int: ... @property def result_code() -> int: ... @result_code.setter def result_code(value) -> None: ... # In class CBVault: @property def on_vault_set_size() -> Callable[[CBVaultVaultSetSizeEventParams], None]: ... @on_vault_set_size.setter def on_vault_set_size(event_hook: Callable[[CBVaultVaultSetSizeEventParams], None]) -> None: ...
Remarks
This event fires when the class needs to resize the callback mode vault specified by VaultHandle.
This event needs to be handled only if the callback_mode property is enabled; please refer to the Callback Mode topic for more information. To handle this event properly, applications must grow or shrink the vault specified by VaultHandle to reach the specified NewSize. When growing a vault, applications do not need to sanitize newly allocated space.
The VaultHandle parameter contains an application-defined information, associated with an open callback mode vault, as returned by the application in an earlier on_vault_open event.
The ResultCode parameter will always be 0 when the event is fired. If the event cannot be handled in a "successful" manner for some reason (e.g., a resource is not available or security checks failed), set it to a nonzero value to report an appropriate error. Please see the Error Reporting and Handling topic for more information.
Note: An application should not attempt to call class's methods from handlers of this event. Doing this is guaranteed to cause a deadlock.
on_vault_write Event
This event fires to write data to a callback mode vault.
Syntax
class CBVaultVaultWriteEventParams(object): @property def vault_handle() -> int: ... @property def offset() -> int: ... @property def buffer() -> c_void_p: ... @property def count() -> int: ... @property def result_code() -> int: ... @result_code.setter def result_code(value) -> None: ... # In class CBVault: @property def on_vault_write() -> Callable[[CBVaultVaultWriteEventParams], None]: ... @on_vault_write.setter def on_vault_write(event_hook: Callable[[CBVaultVaultWriteEventParams], None]) -> None: ...
Remarks
This event fires when the class needs to write data to the callback mode vault specified by VaultHandle.
This event needs to be handled only if the callback_mode property is enabled; please refer to the Callback Mode topic for more information. To handle this event properly, applications must write Count bytes of data from Buffer to the vault specified by VaultHandle, starting at the specified Offset in the vault.
Count is always a multiple of the vault's page_size. If, for any reason, an application cannot write exactly Count bytes of data to the vault, it must return an appropriate error code via ResultCode.
Please see the Buffer Parameters topic for more information on how to work with memory buffer event parameters.
The VaultHandle parameter contains an application-defined information, associated with an open callback mode vault, as returned by the application in an earlier on_vault_open event.
The ResultCode parameter will always be 0 when the event is fired. If the event cannot be handled in a "successful" manner for some reason (e.g., a resource is not available or security checks failed), set it to a nonzero value to report an appropriate error. Please see the Error Reporting and Handling topic for more information.
Note: An application should not attempt to call class's methods from handlers of this event. Doing this is guaranteed to cause a deadlock.
CBFSVaultStream Type
Syntax
cbfsvault.CBFSVaultStream
Remarks
The CBFSVaultStream type is returned by some of the CBVault class's methods. All stream types in CBFS Vault share a common API, inherited from Python's io.RawIOBase class, documented below.
Note that, for brevity, many of the members offered by io.RawIOBase are not documented here; please refer to the Python documentation for more information.
Properties | |
| length |
Gets the length of the stream, in bytes.
length |
| readable |
Whether the stream supports reading.
readable() |
| seekable |
Whether the stream supports seeking.
seekable() |
| tell |
Gets the current position within the stream.
tell() |
| writable |
Whether the stream supports writing.
writeable() |
Methods | |
| close |
Flushes and closes the stream. Has no effect if the stream is already closed.
close() |
| flush |
Forces all data held by the stream's buffers to be written out to storage.
flush() |
| read |
Reads a specified number of bytes from the stream and returns them, advancing the current position within the stream by the number of bytes read.
read(n=-1) Up to n bytes will be read from the stream and returned. If n is unspecified or -1, all bytes are read. Fewer than n bytes may be returned if fewer than n bytes are read. |
| readall |
Reads and returns all bytes available in the stream from the current position onwards.
readall() |
| readinto |
Reads a sequence of bytes from the stream and advances the current position within the stream by the number of bytes read.
readinto(b) Up to len(b) bytes are read into b, and the number of bytes read is returned. The object b should be a pre-allocated, writable array of bytes, either bytearray or a writable memoryview. |
| seek |
Sets the current position within the stream based on a particular point of origin.
seek(offset, whence=SEEK_SET) offset specifies the offset in the stream to seek to, relative to whence, which must be either SEEK_SET, SEEK_CUR, or SEEK_END (or a corresponding integer value) as described by the io.IOBase.seek documentation. Returns the new position within the stream. |
| truncate |
Sets the length of the current stream.
truncate(size=None) Resizes the current stream to size bytes (or to the current position if size is None). Returns the new size of the stream. |
| write |
Writes a sequence of bytes to the stream and advances the current position within the stream by the number of bytes written.
write(b) The bytes in b are written to the stream, and the number of bytes written in returned. The object b should be an array of bytes, either bytes, bytearray, or memoryview. |
CBVault Config Settings
The class accepts one or more of the following configuration settings. Configuration settings are similar in functionality to properties, but they are rarely used. In order to avoid "polluting" the property namespace of the class, access to these internal properties is provided through the config method.CBVault Config Settings
By default, this setting is disabled, and alternate streams can be renamed only within the same file, and cannot be moved between them.
Note: This setting cannot be changed within events.
By default, this setting is set to 0, and automatic compaction operations will start without delay.
Note: This setting cannot be changed within events.
By default, this setting is set to 0.
A vault's maximum nonpaged name length is permanent, and it cannot be changed after the vault is created. When a vault is open, this configuration setting cannot be changed, and it can be queried only to obtain the value used by the vault.
By default, this setting is set to 0, and the class will automatically choose an optimal value when creating a vault based on page_size.
Note: This setting cannot be changed when active is True, and it cannot be changed within events.
This configuration setting controls the size of the built-in data cache; it is specified in bytes. The cache must be large enough to contain at least eight pages, so this setting's minimum valid value is eight times the value of the page_size property.
By default, this configuration setting is set to 16777216 (16 MB).
Note: This setting can be changed only when active is True.
A multipart vault's part size is permanent, and it cannot be changed after the vault is created. When a vault is open, this configuration setting cannot be changed, and it can be queried only to obtain the value used by the vault.
By default, this setting is set to 0, and the class will not create multipart vaults.
Note: This setting cannot be changed when active is True, and it cannot be changed within events.
CBVault Errors
The class uses the following error codes, all of which are also available as constants for applications' convenience. Please refer to the Error Reporting and Handling topic for more information.CBVault Errors
| -1 The specified file is not a CBFS Vault vault. (VAULT_ERR_INVALID_VAULT_FILE) | |
| -2 The specified page size is not valid. (VAULT_ERR_INVALID_PAGE_SIZE) | |
| -3 The vault is corrupted. Please call check_and_repair. (VAULT_ERR_VAULT_CORRUPTED) | |
| -4 Too many transactions active. (VAULT_ERR_TOO_MANY_TRANSACTIONS) | |
| -5 A file, directory, symbolic link, or alternate stream with the specified name already exists. (VAULT_ERR_FILE_ALREADY_EXISTS) | |
| -6 One or more transactions are still active. (VAULT_ERR_TRANSACTIONS_STILL_ACTIVE) | |
| -7 The specified file tag already exists. (VAULT_ERR_TAG_ALREADY_EXISTS) | |
| -8 The specified file, directory, symbolic link, or alternate stream was not found. (VAULT_ERR_FILE_NOT_FOUND) | |
| -9 The specified path was not found. (VAULT_ERR_PATH_NOT_FOUND) | |
| -10 The specified file or alternate stream is already open in an exclusive access mode. (VAULT_ERR_SHARING_VIOLATION) | |
| -11 Cannot seek beyond the end of a file or alternate stream. (VAULT_ERR_SEEK_BEYOND_EOF) | |
| -12 No other files, directories, symbolic links, or alternate streams match the search criteria. (VAULT_ERR_NO_MORE_FILES) | |
| -13 The specified name is not valid. (VAULT_ERR_INVALID_FILE_NAME) | |
| -14 The requested operation cannot be performed while a vault is open. (VAULT_ERR_VAULT_ACTIVE) | |
| -15 A vault must be open before the requested operation can be performed. (VAULT_ERR_VAULT_NOT_ACTIVE) | |
| -16 The specified password is incorrect. (VAULT_ERR_INVALID_PASSWORD) | |
| -17 The requested operation cannot be performed; the vault is open in read-only mode. (VAULT_ERR_VAULT_READ_ONLY) | |
| -18 Cannot use custom encryption; no custom encryption event handlers provided. (VAULT_ERR_NO_ENCRYPTION_HANDLERS) | |
| -19 Out of memory. (VAULT_ERR_OUT_OF_MEMORY) | |
| -20 A symbolic link's destination file could not be found. (VAULT_ERR_SYMLINK_DESTINATION_NOT_FOUND) | |
| -21 The specified file is not a symbolic link. (VAULT_ERR_FILE_IS_NOT_SYMLINK) | |
| -22 The specified buffer is too small to hold the requested value. (VAULT_ERR_BUFFER_TOO_SMALL) | |
| -23 Decompression failed (possibly due to corruption). (VAULT_ERR_BAD_COMPRESSED_DATA) | |
| -24 Invalid parameter. (VAULT_ERR_INVALID_PARAMETER) | |
| -25 The vault is full (and cannot be automatically resized). (VAULT_ERR_VAULT_FULL) | |
| -26 Operation interrupted by user. (VAULT_ERR_INTERRUPTED_BY_USER) | |
| -27 The specified file tag was not found. (VAULT_ERR_TAG_NOT_FOUND) | |
| -28 The specified directory is not empty. (VAULT_ERR_DIRECTORY_NOT_EMPTY) | |
| -29 The file or alternate stream was closed unexpectedly; the handle is no longer valid. (VAULT_ERR_HANDLE_CLOSED) | |
| -30 Invalid file or alternate stream handle. (VAULT_ERR_INVALID_STREAM_HANDLE) | |
| -31 Access denied. (VAULT_ERR_FILE_ACCESS_DENIED) | |
| -32 Cannot use custom compression; no custom compression event handlers provided. (VAULT_ERR_NO_COMPRESSION_HANDLERS) | |
| -33 Not implemented in this version of CBFS Vault. (VAULT_ERR_NOT_IMPLEMENTED) | |
| -35 The CBFS Vault system driver has not been installed. (VAULT_ERR_DRIVER_NOT_INSTALLED) | |
| -37 The specified vault cannot be opened, it was created using a newer version of CBFS Vault. (VAULT_ERR_NEW_VAULT_VERSION) | |
| -38 The specified file is not a directory. (VAULT_ERR_FILE_IS_NOT_DIRECTORY) | |
| -39 The specified file tag data type is not valid. (VAULT_ERR_INVALID_TAG_DATA_TYPE) | |
| -40 The specified vault storage file does not exist. (VAULT_ERR_VAULT_FILE_DOES_NOT_EXIST) | |
| -41 The specified vault storage file already exists. (VAULT_ERR_VAULT_FILE_ALREADY_EXISTS) | |
| -42 Some callback mode event handler has returned an unidentified error. (VAULT_ERR_CALLBACK_MODE_FAILURE) | |
| -43 External library could not be initialized or used. (VAULT_ERR_EXTERNAL_ERROR) |