SHOW Signed

net.rim.device.api.crypto.certificate.wtls
Class WTLSCertificate

java.lang.Object
  |
  +--net.rim.device.api.crypto.certificate.wtls.WTLSCertificate

All Implemented Interfaces:

Certificate, Persistable, Persistable

public final class WTLSCertificate

extends Object

implements Certificate, Persistable

Represents a WTLS certificate. The WTLS Certificate is defined in WAP-199-WTLS from Feb. 2000.

Category:

Signed: This element is only accessible by signed clients. If you intend to use this element, please contact RIM to establish the necessary agreements that will allow you to have your COD files signed. Signing is only required for use on the device, development under the JDE can occur without signing the CODs.

Since:

JDE 3.6.0

See Also:

Certificate

Field Summary

Fields inherited from interface net.rim.device.api.crypto.certificate.Certificate

DISPLAY_CA, DISPLAY_ROOT, EMAIL_ADDRESSES, IS_END_ENTITY, PROMPT_TO_TRUST_ON_IMPORT, PUBLIC_KEY_ALGORITHM_INFORMATION, SUMMARY_TEXT

Constructor Summary

	WTLSCertificate(byte[] input) Creates a WTLSCertificate object given a byte array containing the encoding of the certificate.
	WTLSCertificate(byte[] input, int offset, int length) Creates a WTLSCertificate object given a byte array containing the encoding of the certificate.
	WTLSCertificate(InputStream input) Creates a WTLSCertificate object from the given input stream.

Method Summary

	void	checkCertificateChain(int position, Certificate[] chain) Checks to make sure that the certificate at position is valid within the chain.
	boolean	equals(Object other) Returns true if and only if the certificate is equal to the object other.
	CertificateDisplayField[]	getCustomDisplayFields() For a WTLS certificate, the default information provided by the displayCertificateDetails method in CertificateUtilities is sufficient.
	byte[]	getEncoding() Returns the encoding of the certificate.
	byte[]	getEncoding(int field) Returns the encoding of the field from the certificate.
	CertificateExtension	getExtension(OID oid) Returns an extension with the given OID associated with this certificate.
	CertificateExtension[]	getExtensions() Returns all the extensions associated with this certificate.
	CertificateExtension[]	getExtensions(boolean criticalBit) Returns all the extensions associated with this certificate that have their critical bit set to the value of criticalBit.
	Object	getInformation(long id, Object param, Object defaultValue)
	DistinguishedName	getIssuer() Returns a DistinguishedName (WTLSDistinguishedName) object, representing the issuer of this certificate.
	long	getNotAfter() Returns the date on which this certificate will expire.
	long	getNotBefore() Returns the date on which this certificate will become valid.
	PublicKey	getPublicKey() Extracts the subject's public key.
	String	getPublicKeyAlgorithm()
	byte[]	getSerialNumber() Returns a byte array containing the serial number of the certificate.
	String	getSignatureAlgorithm()
	CertificateStatus	getStatus() Retrieves the CertificateStatus for this certificate object
	DistinguishedName	getSubject() Returns a DistinguishedName (WTLSDistinguishedName) object, representing the subject name this certificate (in different representations).
	String	getSubjectFriendlyName() Returns a human-readable string version of the name of the subject of this certificate.
	String	getType() Returns the type of this certificate - "WTLS".
	int	getVersion() Returns the version of the certificate we have parsed.
	int	hashCode()
	boolean	isCA() Returns true if the certificate is of a certificate authority.
	boolean	isRoot() Returns true if the certificate is self signed.
	boolean	isValid() Check that this certificate is valid, using the current date and time as the time reference.
	boolean	isValid(long date) Check that this certificate is valid, using date as the time reference.
	int	queryKeyUsage(long purpose)
	void	setStatus(CertificateStatus status) Sets the current CertificateStatus for this certificate object.
	String	toString() Converts the certificate to a string representation by calling CertificateUtilities.getSubjectFriendlyName().
	void	verify() Verifies the certificate if the certificate is self signed.
	void	verify(KeyStore keystore) Verifies the certificate.
	void	verify(PublicKey issuerPublicKey) Verifies the certificate.

Methods inherited from class java.lang.Object

getClass, notify, notifyAll, wait, wait, wait

Constructor Detail

WTLSCertificate

public WTLSCertificate(byte[] input)
                throws CertificateParsingException,
                       NoSuchAlgorithmException

Creates a WTLSCertificate object given a byte array containing the encoding of the certificate.

Parameters:

input - A byte array containing the certificate data.

Throws:

CertificateParsingException - Thrown if a parsing error occurs.

NoSuchAlgorithmException - Thrown if the specified key or signature encoding algorithm is not supported.

Since:

JDE 3.6.0

Category:

Signed: This element is only accessible by signed clients. If you intend to use this element, please contact RIM to establish the necessary agreements that will allow you to have your COD files signed. Signing is only required for use on the device, development under the JDE can occur without signing the CODs.

WTLSCertificate

public WTLSCertificate(byte[] input,
                       int offset,
                       int length)
                throws CertificateParsingException,
                       NoSuchAlgorithmException

Creates a WTLSCertificate object given a byte array containing the encoding of the certificate.

Parameters:

input - The byte array containing the certificate bytes.

offset - The starting offset of the certificate bytes.

length - The length of the certificate in bytes.

Throws:

CertificateParsingException - Thrown if a parsing error occurs.

NoSuchAlgorithmException - Thrown if the specified key or signature encoding algorithm is not supported.

Since:

JDE 3.6.0

Category:

Signed: This element is only accessible by signed clients. If you intend to use this element, please contact RIM to establish the necessary agreements that will allow you to have your COD files signed. Signing is only required for use on the device, development under the JDE can occur without signing the CODs.

WTLSCertificate

public WTLSCertificate(InputStream input)
                throws CertificateParsingException,
                       NoSuchAlgorithmException

Creates a WTLSCertificate object from the given input stream.

Parameters:

input - The input stream containing the certificate data.

Throws:

CertificateParsingException - Thrown if a parsing error occurs.

NoSuchAlgorithmException - Thrown if the specified key or signature encoding algorithm is not supported.

Since:

JDE 3.6.0

Category:

Signed: This element is only accessible by signed clients. If you intend to use this element, please contact RIM to establish the necessary agreements that will allow you to have your COD files signed. Signing is only required for use on the device, development under the JDE can occur without signing the CODs.

Method Detail

getEncoding

public byte[] getEncoding()

Returns the encoding of the certificate.

Returns:

the byte array, or null if not present.

Since:

JDE 3.6.0

Category:

Signed: This element is only accessible by signed clients. If you intend to use this element, please contact RIM to establish the necessary agreements that will allow you to have your COD files signed. Signing is only required for use on the device, development under the JDE can occur without signing the CODs.

getEncoding

public byte[] getEncoding(int field)

Returns the encoding of the field from the certificate.

Returns:

the byte array, or null if not present.

Since:

JDE 3.6.0

Category:

Signed: This element is only accessible by signed clients. If you intend to use this element, please contact RIM to establish the necessary agreements that will allow you to have your COD files signed. Signing is only required for use on the device, development under the JDE can occur without signing the CODs.

verify

public void verify(PublicKey issuerPublicKey)
            throws CertificateVerificationException,
                   NoSuchAlgorithmException,
                   InvalidSignatureEncodingException,
                   CryptoTokenException,
                   CryptoUnsupportedOperationException

Verifies the certificate.

The function checks that the certificate was signed by issuerPublicKey.

Since:

JDE 3.6.0

Category:

Signed: This element is only accessible by signed clients. If you intend to use this element, please contact RIM to establish the necessary agreements that will allow you to have your COD files signed. Signing is only required for use on the device, development under the JDE can occur without signing the CODs.

verify

public void verify(KeyStore keystore)
            throws CertificateVerificationException,
                   NoSuchAlgorithmException,
                   InvalidSignatureEncodingException,
                   NoIssuerFoundException,
                   CryptoTokenException,
                   CryptoUnsupportedOperationException

Verifies the certificate.

The function checks that the certificate was signed by at least one of the publicKeys from the given keyStore.

Since:

JDE 3.6.0

Category:

Signed: This element is only accessible by signed clients. If you intend to use this element, please contact RIM to establish the necessary agreements that will allow you to have your COD files signed. Signing is only required for use on the device, development under the JDE can occur without signing the CODs.

isRoot

public boolean isRoot()

Returns true if the certificate is self signed.

Since:

JDE 3.6.0

Category:

Signed: This element is only accessible by signed clients. If you intend to use this element, please contact RIM to establish the necessary agreements that will allow you to have your COD files signed. Signing is only required for use on the device, development under the JDE can occur without signing the CODs.

isCA

public boolean isCA()

Returns true if the certificate is of a certificate authority.

Since:

JDE 3.6.0

Category:

Signed: This element is only accessible by signed clients. If you intend to use this element, please contact RIM to establish the necessary agreements that will allow you to have your COD files signed. Signing is only required for use on the device, development under the JDE can occur without signing the CODs.

checkCertificateChain

public void checkCertificateChain(int position,
                                  Certificate[] chain)
                           throws CertificateChainTooLongException,
                                  CertificateVerificationException

Checks to make sure that the certificate at position is valid within the chain.

Parameters:

position - The position of this ceritificate within the chain.

chain - The array of certificates representing the certificate chain. Note that the end-entity certificate must appear at array index [0].

Throws:

CertificateChainTooLongException - Thrown if the number of certificates, before this one, in the chain is longer than the certificates policy allows.

CertificateVerificationException - Thrown if there is another problem with the chain

Since:

JDE 3.6.0

Category:

Signed: This element is only accessible by signed clients. If you intend to use this element, please contact RIM to establish the necessary agreements that will allow you to have your COD files signed. Signing is only required for use on the device, development under the JDE can occur without signing the CODs.

verify

public void verify()
            throws CertificateVerificationException,
                   DecodeException,
                   CryptoTokenException,
                   CryptoUnsupportedOperationException,
                   InvalidSignatureEncodingException,
                   NoSuchAlgorithmException

Verifies the certificate if the certificate is self signed.

Since:

JDE 3.6.0

Category:

Signed: This element is only accessible by signed clients. If you intend to use this element, please contact RIM to establish the necessary agreements that will allow you to have your COD files signed. Signing is only required for use on the device, development under the JDE can occur without signing the CODs.

getPublicKey

public PublicKey getPublicKey()
                       throws InvalidCryptoSystemException

Extracts the subject's public key.

Returns:

The public key of the subject.

Throws:

InvalidCryptoSystemException - Thrown if the crypto system used to create the key was invalid.

Since:

JDE 3.6.0

Category:

Signed: This element is only accessible by signed clients. If you intend to use this element, please contact RIM to establish the necessary agreements that will allow you to have your COD files signed. Signing is only required for use on the device, development under the JDE can occur without signing the CODs.

getPublicKeyAlgorithm

public String getPublicKeyAlgorithm()

Description copied from interface: Certificate

Returns a string representing the intended use of the public key. If no specific algorithm is intended for this public key, then the generic string for the public key will be returned.

Since:

JDE 3.6.0

Category:

Signed: This element is only accessible by signed clients. If you intend to use this element, please contact RIM to establish the necessary agreements that will allow you to have your COD files signed. Signing is only required for use on the device, development under the JDE can occur without signing the CODs.

getSignatureAlgorithm

public String getSignatureAlgorithm()

Description copied from interface: Certificate

Returns a string representing the signature algorithm used to sign this certificate.

Since:

JDE 3.6.0

Category:

Signed: This element is only accessible by signed clients. If you intend to use this element, please contact RIM to establish the necessary agreements that will allow you to have your COD files signed. Signing is only required for use on the device, development under the JDE can occur without signing the CODs.

getType

public String getType()

Returns the type of this certificate - "WTLS".

Since:

JDE 3.6.0

Category:

Signed: This element is only accessible by signed clients. If you intend to use this element, please contact RIM to establish the necessary agreements that will allow you to have your COD files signed. Signing is only required for use on the device, development under the JDE can occur without signing the CODs.

getStatus

public CertificateStatus getStatus()

Retrieves the CertificateStatus for this certificate object

Returns:

the current CertificateStatus stored for this certificate on the device. May be null.

Since:

JDE 3.6.0

Category:

Signed: This element is only accessible by signed clients. If you intend to use this element, please contact RIM to establish the necessary agreements that will allow you to have your COD files signed. Signing is only required for use on the device, development under the JDE can occur without signing the CODs.

setStatus

public void setStatus(CertificateStatus status)
               throws KeyStoreCancelException,
                      InvalidTimeException,
                      BackwardStatusException

Sets the current CertificateStatus for this certificate object.

Parameters:

status - the new CertificateStatus that will be set for this certificate. It is important to note that this status should not attempt to set the status backwards (i.e. from REVOKED to GOOD) and it should not allow the date of a status to be in the future.

Throws:

KeyStoreCancelException - if the user decides not to enter their KeyStore password.

InvalidTimeException - if the time of the status is set in the future.

BackwardStatusException - if the status of the certificate is being backwards (i.e. from REVOKED to GOOD ).

Since:

JDE 3.6.0

Category:

Signed: This element is only accessible by signed clients. If you intend to use this element, please contact RIM to establish the necessary agreements that will allow you to have your COD files signed. Signing is only required for use on the device, development under the JDE can occur without signing the CODs.

isValid

public boolean isValid()

Check that this certificate is valid, using the current date and time as the time reference. It checks that the current date is between the values returned by getNotValidBefore() and getNotValidBefore().

Returns:

A boolean that determines if the certificate is valid.

Since:

JDE 3.6.0

Category:

Signed: This element is only accessible by signed clients. If you intend to use this element, please contact RIM to establish the necessary agreements that will allow you to have your COD files signed. Signing is only required for use on the device, development under the JDE can occur without signing the CODs.

isValid

public boolean isValid(long date)

Check that this certificate is valid, using date as the time reference.

It checks that date is between the values returned by getNotValidBefore() and getNotValidBefore().

Parameters:

date - The specified date that determines whether or not the certificates are valid.

Returns:

A boolean that determines if the certificate is valid.

Since:

JDE 3.6.0

Category:

Signed: This element is only accessible by signed clients. If you intend to use this element, please contact RIM to establish the necessary agreements that will allow you to have your COD files signed. Signing is only required for use on the device, development under the JDE can occur without signing the CODs.

getVersion

public int getVersion()

Returns the version of the certificate we have parsed. The value returned should be 1 for this version of a WTLS certificate.

Since:

JDE 3.6.0

Category:

Signed: This element is only accessible by signed clients. If you intend to use this element, please contact RIM to establish the necessary agreements that will allow you to have your COD files signed. Signing is only required for use on the device, development under the JDE can occur without signing the CODs.

getSerialNumber

public byte[] getSerialNumber()

Returns a byte array containing the serial number of the certificate. Since the WTLS identifier format is usually text, these bytes are likely a textual representation of the actual serial number. May be null.

Since:

JDE 3.6.0

Category:

Signed: This element is only accessible by signed clients. If you intend to use this element, please contact RIM to establish the necessary agreements that will allow you to have your COD files signed. Signing is only required for use on the device, development under the JDE can occur without signing the CODs.

getIssuer

public DistinguishedName getIssuer()

Returns a DistinguishedName (WTLSDistinguishedName) object, representing the issuer of this certificate.

Returns:

The DistinguishedName object.

Since:

JDE 3.6.0

See Also:

DistinguishedName

Category:

Signed: This element is only accessible by signed clients. If you intend to use this element, please contact RIM to establish the necessary agreements that will allow you to have your COD files signed. Signing is only required for use on the device, development under the JDE can occur without signing the CODs.

getSubject

public DistinguishedName getSubject()

Returns a DistinguishedName (WTLSDistinguishedName) object, representing the subject name this certificate (in different representations).

Returns:

The DistinguishedName object.

Since:

JDE 3.6.0

See Also:

DistinguishedName

Category:

Signed: This element is only accessible by signed clients. If you intend to use this element, please contact RIM to establish the necessary agreements that will allow you to have your COD files signed. Signing is only required for use on the device, development under the JDE can occur without signing the CODs.

getNotBefore

public long getNotBefore()

Returns the date on which this certificate will become valid.

Since:

JDE 3.6.0

Category:

Signed: This element is only accessible by signed clients. If you intend to use this element, please contact RIM to establish the necessary agreements that will allow you to have your COD files signed. Signing is only required for use on the device, development under the JDE can occur without signing the CODs.

getNotAfter

public long getNotAfter()

Returns the date on which this certificate will expire.

Since:

JDE 3.6.0

Category:

Signed: This element is only accessible by signed clients. If you intend to use this element, please contact RIM to establish the necessary agreements that will allow you to have your COD files signed. Signing is only required for use on the device, development under the JDE can occur without signing the CODs.

getExtension

public CertificateExtension getExtension(OID oid)

Returns an extension with the given OID associated with this certificate. This returns null since there are no extensions in a WTLS certificate.

Since:

JDE 3.6.0

Category:

Signed: This element is only accessible by signed clients. If you intend to use this element, please contact RIM to establish the necessary agreements that will allow you to have your COD files signed. Signing is only required for use on the device, development under the JDE can occur without signing the CODs.

getExtensions

public CertificateExtension[] getExtensions()

Returns all the extensions associated with this certificate. This returns null since there are no extensions in a WTLS certificate.

Returns:

The CertificateExtension[] or null.

Since:

JDE 3.6.0

Category:

Signed: This element is only accessible by signed clients. If you intend to use this element, please contact RIM to establish the necessary agreements that will allow you to have your COD files signed. Signing is only required for use on the device, development under the JDE can occur without signing the CODs.

getExtensions

public CertificateExtension[] getExtensions(boolean criticalBit)

Returns all the extensions associated with this certificate that have their critical bit set to the value of criticalBit. This returns null since there are no extensions in a WTLS certificate

Parameters:

criticalBit - A boolean that is true, if all critical extensions are to be returned and set to false if all non-critical extensions are to be returned.

Returns:

An array of CertificateExtensions or null.

Since:

JDE 3.6.0

See Also:

OIDs

Category:

Signed: This element is only accessible by signed clients. If you intend to use this element, please contact RIM to establish the necessary agreements that will allow you to have your COD files signed. Signing is only required for use on the device, development under the JDE can occur without signing the CODs.

toString

public String toString()

Converts the certificate to a string representation by calling CertificateUtilities.getSubjectFriendlyName().

Overrides:

toString in class Object

Since:

JDE 3.6.0

Category:

Signed: This element is only accessible by signed clients. If you intend to use this element, please contact RIM to establish the necessary agreements that will allow you to have your COD files signed. Signing is only required for use on the device, development under the JDE can occur without signing the CODs.

equals

public boolean equals(Object other)

Returns true if and only if the certificate is equal to the object other. Equals test whether the two encodings are equal. other can either be a WTLSCertificate or a byte[] representing the encoding of a WTLSCertificate.

Overrides:

equals in class Object

Since:

JDE 3.6.0

Category:

Signed: This element is only accessible by signed clients. If you intend to use this element, please contact RIM to establish the necessary agreements that will allow you to have your COD files signed. Signing is only required for use on the device, development under the JDE can occur without signing the CODs.

hashCode

public int hashCode()

Description copied from class: Object

Returns a hash code value for the object. This method is supported for the benefit of hashtables such as those provided by java.util.Hashtable.

The general contract of hashCode is:

• Whenever it is invoked on the same object more than once during an execution of a Java application, the hashCode method must consistently return the same integer, provided no information used in equals comparisons on the object is modified. This integer need not remain consistent from one execution of an application to another execution of the same application.
• If two objects are equal according to the equals(Object) method, then calling the hashCode method on each of the two objects must produce the same integer result.
• It is not required that if two objects are unequal according to the Object.equals(java.lang.Object) method, then calling the hashCode method on each of the two objects must produce distinct integer results. However, the programmer should be aware that producing distinct integer results for unequal objects may improve the performance of hashtables.

As much as is reasonably practical, the hashCode method defined by class Object does return distinct integers for distinct objects. (This is typically implemented by converting the internal address of the object into an integer, but this implementation technique is not required by the Java^TM programming language.)

Overrides:

hashCode in class Object

Since:

JDE 3.6.0

Category:

Signed: This element is only accessible by signed clients. If you intend to use this element, please contact RIM to establish the necessary agreements that will allow you to have your COD files signed. Signing is only required for use on the device, development under the JDE can occur without signing the CODs.

queryKeyUsage

public int queryKeyUsage(long purpose)

Description copied from interface: Certificate

Indicates whether the key contained in this certificate may be used for the specified purpose.

Since:

JDE 3.6.0

Category:

Signed: This element is only accessible by signed clients. If you intend to use this element, please contact RIM to establish the necessary agreements that will allow you to have your COD files signed. Signing is only required for use on the device, development under the JDE can occur without signing the CODs.

getSubjectFriendlyName

public String getSubjectFriendlyName()

Returns a human-readable string version of the name of the subject of this certificate. This string could be used for display purposes, for example. By default, this method returns the results of CertificateUtilities.getSubjectFriendlyName(), which produces a friendly string using elements of the subject distinguished name. May be null.

Since:

JDE 3.6.0

Category:

Signed: This element is only accessible by signed clients. If you intend to use this element, please contact RIM to establish the necessary agreements that will allow you to have your COD files signed. Signing is only required for use on the device, development under the JDE can occur without signing the CODs.

getCustomDisplayFields

public CertificateDisplayField[] getCustomDisplayFields()

For a WTLS certificate, the default information provided by the displayCertificateDetails method in CertificateUtilities is sufficient. There are no custom display fields to return. So returns null.

Since:

JDE 3.6.0

Category:

Signed: This element is only accessible by signed clients. If you intend to use this element, please contact RIM to establish the necessary agreements that will allow you to have your COD files signed. Signing is only required for use on the device, development under the JDE can occur without signing the CODs.

getInformation

public Object getInformation(long id,
                             Object param,
                             Object defaultValue)

Description copied from interface: Certificate

Retrieves generic information about the certificate

Since:

JDE 3.6.0

Category:

Signed: This element is only accessible by signed clients. If you intend to use this element, please contact RIM to establish the necessary agreements that will allow you to have your COD files signed. Signing is only required for use on the device, development under the JDE can occur without signing the CODs.