SHOW Signed
 

net.rim.device.api.crypto.certificate
Class CertificateChainProperties

java.lang.Object
  |
  +--net.rim.device.api.crypto.certificate.CertificateProperties
        |
        +--net.rim.device.api.crypto.certificate.CertificateChainProperties

public class CertificateChainProperties
extends CertificateProperties

This class iterates through the certificates in a certificate chain and returns a bitfield that indicates many of the properties of the chain, such as the validity, the trust status, the revocation status, and the strength of the certificates in the chain.

Category:
Signed: This element is only accessible by signed applications. If you intend to use this element, please visit http://www.blackberry.com/go/codesigning to obtain a set of code signing keys. Code signing is only required for applications running on BlackBerry smartphones; development on BlackBerry Smartphone Simulators can occur without code signing.

Since:
JDE 4.0.0

Field Summary
 
Fields inherited from class net.rim.device.api.crypto.certificate.CertificateProperties
IMPROPER_CERTIFICATE_CHAIN, INCOMPLETE_CERTIFICATE_CHAIN, INVALID_CERTIFICATE_PRESENT, REVOCATION_REASON_AFFILIATION_CHANGED, REVOCATION_REASON_BASE, REVOCATION_REASON_CA_COMPROMISE, REVOCATION_REASON_CERTIFICATE_HOLD, REVOCATION_REASON_CESSATION_OF_OPERATION, REVOCATION_REASON_KEY_COMPROMISE, REVOCATION_REASON_KEY_RETIRED, REVOCATION_REASON_REMOVE_FROM_CRL, REVOCATION_REASON_SUPERSEDED, REVOCATION_REASON_UNSPECIFIED, REVOCATION_REASON_USER_ID_INVALID, REVOKED_CERTIFICATE_STATUS_PRESENT, STALE_CERTIFICATE_STATUS, UNKNOWN_CERTIFICATE_STATUS_PRESENT, UNSUPPORTED_CERTIFICATE_CHAIN, UNTRUSTED_CERTIFICATE_CHAIN, UNVERIFIED_CERTIFICATE_CHAIN, WEAK_CERTIFICATE_CHAIN, WEAK_CERTIFICATE_CHAIN_DIGEST
 
Constructor Summary
 Category: Signed CertificateChainProperties()
          Creates a new CertificateChainProperties object.
 
Method Summary
 Category: Signed static long[] getCertificateChainProperties(Certificate[][] chains, KeyStore keyStore, KeyStore trustedKeyStore, long date)
          Returns the properties of the given certificate chains.
 Category: Signed static long[] getCertificateChainProperties(Certificate[][] chains, KeyStore keyStore, KeyStore trustedKeyStore, long date, CryptoSystemProperties cryptoSystemProperties)
          Returns the properties of the given certificate chains.
 Category: Signed static long[] getCertificateChainProperties(Certificate[][] chains, KeyStore trustedKeyStore, long date)
          Returns the properties of the given certificate chains.
 Category: Signed static long[] getCertificateChainProperties(Certificate[][] chains, KeyStore trustedKeyStore, long date, CryptoSystemProperties cryptoSystemProperties)
          Returns the properties of the given certificate chains.
 Category: Signed static long getCertificateChainProperties(Certificate[] chain, KeyStore keyStore, KeyStore trustedKeyStore, long date)
          Returns the properties of the given certificate chain.
 Category: Signed static long getCertificateChainProperties(Certificate[] chain, KeyStore keyStore, KeyStore trustedKeyStore, long date, CryptoSystemProperties cryptoSystemProperties)
          Returns the properties of the given certificate chain.
 Category: Signed static long getCertificateChainProperties(Certificate[] chain, KeyStore trustedKeyStore, long date)
          Returns the properties of the given certificate chain.
 Category: Signed static long getCertificateChainProperties(Certificate[] chain, KeyStore trustedKeyStore, long date, CryptoSystemProperties cryptoSystemProperties)
          Returns the properties of the given certificate chain.
 Category: Signed static int selectBestCertificateChain(long[] properties)
          Finds a certificate chain that has properties matching one of a default set of property masks.
 Category: Signed static long selectBestCertificateChainProperties(long[] properties)
          Returns the properties associated with the chain returned by a call to selectBestCertificateChain.
 Category: Signed static int[] selectCertificateChain(long[] properties, long[] propertyMasks)
          Finds a certificate chain that has properties matching one of a provided set of property masks.
 
Methods inherited from class net.rim.device.api.crypto.certificate.CertificateProperties
select, selectBest, selectBestProperties
 
Methods inherited from class java.lang.Object
equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

CertificateChainProperties

public CertificateChainProperties()
Creates a new CertificateChainProperties object.

This is the default constructor and is not used.

Since:
JDE 4.0.0
Category:
Signed: This element is only accessible by signed applications. If you intend to use this element, please visit http://www.blackberry.com/go/codesigning to obtain a set of code signing keys. Code signing is only required for applications running on BlackBerry smartphones; development on BlackBerry Smartphone Simulators can occur without code signing.
Method Detail

getCertificateChainProperties

public static long[] getCertificateChainProperties(Certificate[][] chains,
                                                   KeyStore keyStore,
                                                   KeyStore trustedKeyStore,
                                                   long date)
Returns the properties of the given certificate chains.
Parameters:
chain - an array of certificate chains.
keyStore - the KeyStore that may contain private keys for the certificates in the chain.
trustedKeyStore - if any certifcate in the chain is a member of this key store, then the chain is considered trusted.
date - the date to use for certificate validity checking.
Since:
JDE 4.1.0
Category:
Signed: This element is only accessible by signed applications. If you intend to use this element, please visit http://www.blackberry.com/go/codesigning to obtain a set of code signing keys. Code signing is only required for applications running on BlackBerry smartphones; development on BlackBerry Smartphone Simulators can occur without code signing.

getCertificateChainProperties

public static long[] getCertificateChainProperties(Certificate[][] chains,
                                                   KeyStore keyStore,
                                                   KeyStore trustedKeyStore,
                                                   long date,
                                                   CryptoSystemProperties cryptoSystemProperties)
Returns the properties of the given certificate chains.
Parameters:
chain - an array of certificate chains.
keyStore - the KeyStore that may contain private keys for the certificates in the chain.
trustedKeyStore - if any certifcate in the chain is a member of this key store, then the chain is considered trusted.
date - the date to use for certificate validity checking.
cryptoSystemProperties - a class to be used for certificate strength checking.
Since:
JDE 4.1.0
Category:
Signed: This element is only accessible by signed applications. If you intend to use this element, please visit http://www.blackberry.com/go/codesigning to obtain a set of code signing keys. Code signing is only required for applications running on BlackBerry smartphones; development on BlackBerry Smartphone Simulators can occur without code signing.

getCertificateChainProperties

public static long[] getCertificateChainProperties(Certificate[][] chains,
                                                   KeyStore trustedKeyStore,
                                                   long date)
Returns the properties of the given certificate chains.
Parameters:
chain - an array of certificate chains.
trustedKeyStore - if any certifcate in the chain is a member of this key store, then the chain is considered trusted.
date - the date to use for certificate validity checking.
Since:
JDE 4.0.0
Category:
Signed: This element is only accessible by signed applications. If you intend to use this element, please visit http://www.blackberry.com/go/codesigning to obtain a set of code signing keys. Code signing is only required for applications running on BlackBerry smartphones; development on BlackBerry Smartphone Simulators can occur without code signing.

getCertificateChainProperties

public static long[] getCertificateChainProperties(Certificate[][] chains,
                                                   KeyStore trustedKeyStore,
                                                   long date,
                                                   CryptoSystemProperties cryptoSystemProperties)
Returns the properties of the given certificate chains.
Parameters:
chain - an array of certificate chains.
trustedKeyStore - if any certifcate in the chain is a member of this key store, then the chain is considered trusted.
date - the date to use for certificate validity checking.
Since:
JDE 4.0.0
Category:
Signed: This element is only accessible by signed applications. If you intend to use this element, please visit http://www.blackberry.com/go/codesigning to obtain a set of code signing keys. Code signing is only required for applications running on BlackBerry smartphones; development on BlackBerry Smartphone Simulators can occur without code signing.

getCertificateChainProperties

public static long getCertificateChainProperties(Certificate[] chain,
                                                 KeyStore keyStore,
                                                 KeyStore trustedKeyStore,
                                                 long date)
Returns the properties of the given certificate chain.
Parameters:
chain - an array of certificates that compromise the chain.
keyStore - the KeyStore that may contain private keys for the certificates in the chain.
trustedKeyStore - if any certifcate in the chain is a member of this key store, then the chain is considered trusted.
date - the date to use for certificate validity checking.
Since:
JDE 4.1.0
Category:
Signed: This element is only accessible by signed applications. If you intend to use this element, please visit http://www.blackberry.com/go/codesigning to obtain a set of code signing keys. Code signing is only required for applications running on BlackBerry smartphones; development on BlackBerry Smartphone Simulators can occur without code signing.

getCertificateChainProperties

public static long getCertificateChainProperties(Certificate[] chain,
                                                 KeyStore keyStore,
                                                 KeyStore trustedKeyStore,
                                                 long date,
                                                 CryptoSystemProperties cryptoSystemProperties)
Returns the properties of the given certificate chain.
Parameters:
chain - an array of certificates that compromise the chain.
keyStore - the KeyStore that may contain private keys for the certificates in the chain.
trustedKeyStore - if any certifcate in the chain is a member of this key store, then the chain is considered trusted.
date - the date to use for certificate validity checking.
cryptoSystemProperties - a class to be used for certificate strength checking. If this is null, than the default properties are used from the cryptosystem of the public key.
Since:
JDE 4.1.0
Category:
Signed: This element is only accessible by signed applications. If you intend to use this element, please visit http://www.blackberry.com/go/codesigning to obtain a set of code signing keys. Code signing is only required for applications running on BlackBerry smartphones; development on BlackBerry Smartphone Simulators can occur without code signing.

getCertificateChainProperties

public static long getCertificateChainProperties(Certificate[] chain,
                                                 KeyStore trustedKeyStore,
                                                 long date)
Returns the properties of the given certificate chain.
Parameters:
chain - an array of certificates that compromise the chain.
trustedKeyStore - if any certifcate in the chain is a member of this key store, then the chain is considered trusted.
date - the date to use for certificate validity checking.
Since:
JDE 4.0.0
Category:
Signed: This element is only accessible by signed applications. If you intend to use this element, please visit http://www.blackberry.com/go/codesigning to obtain a set of code signing keys. Code signing is only required for applications running on BlackBerry smartphones; development on BlackBerry Smartphone Simulators can occur without code signing.

getCertificateChainProperties

public static long getCertificateChainProperties(Certificate[] chain,
                                                 KeyStore trustedKeyStore,
                                                 long date,
                                                 CryptoSystemProperties cryptoSystemProperties)
Returns the properties of the given certificate chain.
Parameters:
chain - an array of certificates that compromise the chain.
trustedKeyStore - if any certifcate in the chain is a member of this key store, then the chain is considered trusted.
date - the date to use for certificate validity checking.
cryptoSystemProperties - a class to be used for certificate strength checking. If this is null, than the default properties are used from the cryptosystem of the public key.
Since:
JDE 4.0.0
Category:
Signed: This element is only accessible by signed applications. If you intend to use this element, please visit http://www.blackberry.com/go/codesigning to obtain a set of code signing keys. Code signing is only required for applications running on BlackBerry smartphones; development on BlackBerry Smartphone Simulators can occur without code signing.

selectBestCertificateChain

public static int selectBestCertificateChain(long[] properties)
Finds a certificate chain that has properties matching one of a default set of property masks.
Parameters:
properties - an array of certificate chain properties
Returns:
If there is a chain with no errors, the index of that chain is returned.

Otherwise, all of the chains have at least one error. The chains are checked for each of the following sets of properties:

  1. STALE_CERTIFICATE_STATUS
  2. UNKNOWN_CERTIFICATE_STATUS_PRESENT and any previous properties
  3. INCOMPLETE_CERTIFICATE_CHAIN and any previous properties
  4. UNTRUSTED_CERTIFICATE_CHAIN and any previous properties
  5. WEAK_CERTIFICATE_CHAIN and any previous properties
  6. INVALID_CERTIFICATE_PRESENT and any previous properties
  7. REVOKED_CERTIFICATE_STATUS_PRESENT and any previous properties
  8. Any properties at all.
Since:
JDE 4.0.0
Category:
Signed: This element is only accessible by signed applications. If you intend to use this element, please visit http://www.blackberry.com/go/codesigning to obtain a set of code signing keys. Code signing is only required for applications running on BlackBerry smartphones; development on BlackBerry Smartphone Simulators can occur without code signing.

selectBestCertificateChainProperties

public static long selectBestCertificateChainProperties(long[] properties)
Returns the properties associated with the chain returned by a call to selectBestCertificateChain.
Since:
JDE 4.0.0
Category:
Signed: This element is only accessible by signed applications. If you intend to use this element, please visit http://www.blackberry.com/go/codesigning to obtain a set of code signing keys. Code signing is only required for applications running on BlackBerry smartphones; development on BlackBerry Smartphone Simulators can occur without code signing.

selectCertificateChain

public static int[] selectCertificateChain(long[] properties,
                                           long[] propertyMasks)
Finds a certificate chain that has properties matching one of a provided set of property masks.
Parameters:
properties - an array of certiticate chain properties
propertyMasks - an array of certificate chain property masks
Returns:
an array of two integers (n,m) satisfying the following conditions:
  1. Chain n only has properties specified in mask m (although it may not have all of the specified properties)
  2. There is no n' and no m' < m such that chain n' only has properties specified in mask m'.
(In other words, m is the smallest index into the mask array for which there is a chain that only has properties specified in that mask, and n is the index of a chain that has those properties.)

If there is no chain matching any of the property masks, then the array (-1,-1) is returned.

Since:
JDE 4.0.0
Category:
Signed: This element is only accessible by signed applications. If you intend to use this element, please visit http://www.blackberry.com/go/codesigning to obtain a set of code signing keys. Code signing is only required for applications running on BlackBerry smartphones; development on BlackBerry Smartphone Simulators can occur without code signing.



Copyright 1999-2009 Research In Motion Limited. 295 Phillip Street, Waterloo, Ontario, Canada, N2L 3W8. All Rights Reserved.
Copyright 1993-2003 Sun Microsystems, Inc. 901 San Antonio Road, Palo Alto, California, 94303, U.S.A.
Copyright 2002-2003 Nokia Corporation All Rights Reserved.
Java is a trademark or registered trademark of Sun Microsystems, Inc. in the US and other countries.