KeyStorePasswordManager (BlackBerry JDE 5.0.0 API Reference)

Overview

Package

Class

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

net.rim.device.api.crypto.keystore
Class KeyStorePasswordManager

java.lang.Object
  net.rim.device.api.crypto.keystore.KeyStorePasswordManager

public final class KeyStorePasswordManager
extends Object
extends Object

Provides all of the keystore password functionality for the keystore.

This includes functionality of remembering how many attempts at the password, forcing the user to enter the password, remembering the password for a timeout period and other important functions. You should only use the key store password class when trying to determine if someone knows the key store password.

Category:: Signed: This element is only accessible by signed applications. If you intend to use this element, please visit http://www.blackberry.com/go/codesigning to obtain a set of code signing keys. Code signing is only required for applications running on BlackBerry smartphones; development on BlackBerry Smartphone Simulators can occur without code signing.
Since:: BlackBerry API 3.6.0

Method Summary
	`void`	`challenge()` Displays the password dialog and prompts the user to enter a correct password.
	`void`	`challenge(String additionalPrompt)` Displays a custom password dialog and prompts the user to enter a correct password.
	`void`	`changePassword()` This function is called to change the KeyStore password on the device.
	`boolean`	`checkTicket(KeyStorePasswordTicket ticket)` Checks to make sure that the ticket is valid and that it is of the appropriate type.
	`boolean`	`clean()` This method is called when the user wants to clean out the keystore information requiring the entry of the password the next time they try to access anything in the keystore.
	`byte[]`	`decrypt(byte[] input, int offset, int length, String label, KeyStorePasswordTicket ticket)` Returns the byte array that is decrypted with the password.
	`byte[]`	`decrypt(byte[] input, String label, KeyStorePasswordTicket ticket)` Returns the byte array that is decrypted with the password.
	`byte[]`	`decrypt(int securityLevel, long salt, byte[] input, int offset, int length, String label, KeyStorePasswordTicket ticket)` Deprecated. Use the other decrypt method that does not take in a salt or security level.
	`byte[]`	`decrypt(int securityLevel, long salt, byte[] input, String label, KeyStorePasswordTicket ticket)` Deprecated. Use the decrypt method that does not take in the security level and salt. These parameters are encoded in the input byte[] now automatically and are not needed as parameters.
	`byte[]`	`decryptReEncrypt(int securityLevel, byte[] ciphertext)` During a change password operation this helper function allows an easy way to change the encryption of an object from the old password to the new password.
	`byte[]`	`decryptReEncrypt(int securityLevel, long salt, byte[] ciphertext)` Deprecated. Use the decryptReEncrypt method that no longer requires a securityLevel and a salt.
	`byte[]`	`encrypt(int securityLevel, byte[] input, int offset, int length, String label, KeyStorePasswordTicket ticket)` Returns the byte array that is encrypted with the password.
	`byte[]`	`encrypt(int securityLevel, byte[] input, String label, KeyStorePasswordTicket ticket)` Returns the byte array that is encrypted with the password.
	`byte[]`	`encrypt(int securityLevel, long salt, byte[] input, int offset, int length, String label, KeyStorePasswordTicket ticket)` Deprecated. Use the encrypt method that no longer uses the salt.
	`byte[]`	`encrypt(int securityLevel, long salt, byte[] input, String label, KeyStorePasswordTicket ticket)` Deprecated. Use the encrypt method that does not take a salt.
	`static KeyStorePasswordManager`	`getInstance()` Returns an instance of the KeyStorePasswordManager.
	`KeyStorePasswordTicket`	`getTicket()` Returns a ticket if the operation to retrieve one was successful.
	`KeyStorePasswordTicket`	`getTicket(String additionalPrompt)` Returns a ticket if the operation to retrieve one was successful.
	`KeyStorePasswordTicket`	`getTicket(String additionalPrompt, KeyStore keyStore)` Returns a ticket if the operation to retrieve one was successful.
	`KeyStorePasswordTicket`	`getTicket(String additionalPrompt, KeyStoreData keyStoreData)` Returns a ticket if the operation to retrieve one was successful.
	`KeyStorePasswordTicket`	`getTicket(KeyStore keyStore)` Returns a ticket if the operation to retrieve one was successful.
	`KeyStorePasswordTicket`	`getTicket(KeyStoreData keyStoreData)` Returns a ticket if the operation to retrieve one was successful.
	`byte[]`	`setPassword()` Sets the password by prompting the user for it and then asking for its confirmation.

Methods inherited from class java.lang.Object
`equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait`

Method Detail

getInstance

public static KeyStorePasswordManager getInstance()

Returns an instance of the KeyStorePasswordManager.

Category:: Signed: This element is only accessible by signed applications. If you intend to use this element, please visit http://www.blackberry.com/go/codesigning to obtain a set of code signing keys. Code signing is only required for applications running on BlackBerry smartphones; development on BlackBerry Smartphone Simulators can occur without code signing.
Since:: BlackBerry API 3.6.0

challenge

public void challenge()
               throws KeyStoreCancelException

Displays the password dialog and prompts the user to enter a correct password.

Throws:: KeyStoreCancelException - Thrown if the user fails to enter a valid password or cancels out of the password dialog.
Category:: Signed: This element is only accessible by signed applications. If you intend to use this element, please visit http://www.blackberry.com/go/codesigning to obtain a set of code signing keys. Code signing is only required for applications running on BlackBerry smartphones; development on BlackBerry Smartphone Simulators can occur without code signing.
Since:: BlackBerry API 3.6.0

challenge

public void challenge(String additionalPrompt)
               throws KeyStoreCancelException

Displays a custom password dialog and prompts the user to enter a correct password.

Parameters:: label - The text label for the password dialog.
Throws:: KeyStoreCancelException - Thrown if the user fails to enter a valid password or cancels out of the password dialog.
Category:: Signed: This element is only accessible by signed applications. If you intend to use this element, please visit http://www.blackberry.com/go/codesigning to obtain a set of code signing keys. Code signing is only required for applications running on BlackBerry smartphones; development on BlackBerry Smartphone Simulators can occur without code signing.
Since:: BlackBerry API 3.6.0

encrypt

public byte[] encrypt(int securityLevel,
                      long salt,
                      byte[] input,
                      String label,
                      KeyStorePasswordTicket ticket)
               throws KeyStoreCancelException

Deprecated. Use the encrypt method that does not take a salt.

Returns the byte array that is encrypted with the password.

Parameters:: securityLevel - The security level.; salt - The salt that is used to encrypt the password. This should be random.; input - The input byte array that is to be encrypted.; label - a label that will be shown to the user when they are prompted to encrypt their data.; ticket - A ticket denoting whether or not the developer has access to the keystore. A ticket can be retrieved from the getTicket method in the key store or keystore data. The ticket can also be null which will most likely prompt for a password from the user automatically (calls getTicket).
Returns:: A byte array containing the encrypted input
Throws:: KeyStoreCancelException - Thrown when the user cancels out of the simple password dialog since they appear to not want to enter their password.
Category:: Signed: This element is only accessible by signed applications. If you intend to use this element, please visit http://www.blackberry.com/go/codesigning to obtain a set of code signing keys. Code signing is only required for applications running on BlackBerry smartphones; development on BlackBerry Smartphone Simulators can occur without code signing.
Since:: BlackBerry API 3.6.0

encrypt

public byte[] encrypt(int securityLevel,
                      byte[] input,
                      String label,
                      KeyStorePasswordTicket ticket)
               throws KeyStoreCancelException

Returns the byte array that is encrypted with the password.

Parameters:: securityLevel - The security level.; salt - The salt that is used to encrypt the password. This should be random. Use the SALT_LENGTH parameter to determine how long the salt should be.; input - The input byte array that is to be encrypted.; label - a label that will be shown to the user when they are prompted to encrypt their data.; ticket - A ticket denoting whether or not the developer has access to the keystore. A ticket can be retrieved from the getTicket method in the key store or keystore data. The ticket can also be null which will most likely prompt for a password from the user automatically (calls getTicket).
Returns:: A byte array containing the encrypted input
Throws:: KeyStoreCancelException - Thrown when the user cancels out of the simple password dialog since they appear to not want to enter their password.
Category:: Signed: This element is only accessible by signed applications. If you intend to use this element, please visit http://www.blackberry.com/go/codesigning to obtain a set of code signing keys. Code signing is only required for applications running on BlackBerry smartphones; development on BlackBerry Smartphone Simulators can occur without code signing.
Since:: BlackBerry API 4.0.0

encrypt

public byte[] encrypt(int securityLevel,
                      long salt,
                      byte[] input,
                      int offset,
                      int length,
                      String label,
                      KeyStorePasswordTicket ticket)
               throws KeyStoreCancelException

Deprecated. Use the encrypt method that no longer uses the salt.

Returns the byte array that is encrypted with the password.

Parameters:: securityLevel - The security level.; salt - The salt that is used to encrypt the password. This should be random.; input - The input byte array that is to be encrypted.; offset - The offset into the byte array to be encrypted.; length - The number of bytes to be encrypted.; label - a label that will be shown to the user during the prompt for their passphrase if necessary.; ticket - A ticket denoting whether or not the developer has access to the keystore. A ticket can be retrieved from the getTicket method in the key store or keystore data. The ticket can also be null which will most likely prompt for a password from the user automatically (essentially calls getTicket for you).
Returns:: A byte array containing the encrypted input.
Throws:: KeyStoreCancelException - Thrown when the user cancels out of the simple password dialog since they appear to not want to enter their password.
Category:: Signed: This element is only accessible by signed applications. If you intend to use this element, please visit http://www.blackberry.com/go/codesigning to obtain a set of code signing keys. Code signing is only required for applications running on BlackBerry smartphones; development on BlackBerry Smartphone Simulators can occur without code signing.
Since:: BlackBerry API 3.6.0

encrypt

public byte[] encrypt(int securityLevel,
                      byte[] input,
                      int offset,
                      int length,
                      String label,
                      KeyStorePasswordTicket ticket)
               throws KeyStoreCancelException

Returns the byte array that is encrypted with the password.

Parameters:: securityLevel - The security level.; salt - The salt that is used to encrypt the password. This should be random. Use the SALT_LENGTH parameter to determine how long the salt should be.; input - The input byte array that is to be encrypted.; offset - The offset into the byte array to be encrypted.; length - The number of bytes to be encrypted.; label - a label that will be shown to the user during the prompt for their passphrase if necessary.; ticket - A ticket denoting whether or not the developer has access to the keystore. A ticket can be retrieved from the getTicket method in the key store or keystore data. The ticket can also be null which will most likely prompt for a password from the user automatically (essentially calls getTicket for you).
Returns:: A byte array containing the encrypted input.
Throws:: KeyStoreCancelException - Thrown when the user cancels out of the simple password dialog since they appear to not want to enter their password.
Category:: Signed: This element is only accessible by signed applications. If you intend to use this element, please visit http://www.blackberry.com/go/codesigning to obtain a set of code signing keys. Code signing is only required for applications running on BlackBerry smartphones; development on BlackBerry Smartphone Simulators can occur without code signing.
Since:: BlackBerry API 4.0.0

decrypt

public byte[] decrypt(int securityLevel,
                      long salt,
                      byte[] input,
                      String label,
                      KeyStorePasswordTicket ticket)
               throws KeyStoreCancelException,
                      KeyStoreDecodeException

Deprecated. Use the decrypt method that does not take in the security level and salt. These parameters are encoded in the input byte[] now automatically and are not needed as parameters.

Returns the byte array that is decrypted with the password.

Parameters:: securityLevel - The security level.; salt - The salt that is used to encrypt the password. This should be random.; input - The input byte array that is to be encrypted.; label - a string that will be shown to the user on a prompt for passphrase if necessary.; ticket - A ticket denoting whether or not the developer has access to the keystore. A ticket can be retrieved from the getTicket method in the key store or keystore data. The ticket can also be null which will most likely prompt for a password from the user automatically (essentially calls getTicket for you).
Returns:: A byte array containing the decrypted data.
Throws:: KeyStoreCancelException - Thrown when the user cancels out of the simple password dialog since they appear to not want to enter their password.; KeyStoreDecodeException - if the keystore was unable to decrypt the ciphertext given that the security level was incorrect or the password was somehow incorrect.
Category:: Signed: This element is only accessible by signed applications. If you intend to use this element, please visit http://www.blackberry.com/go/codesigning to obtain a set of code signing keys. Code signing is only required for applications running on BlackBerry smartphones; development on BlackBerry Smartphone Simulators can occur without code signing.
Since:: BlackBerry API 3.6.0

decrypt

public byte[] decrypt(byte[] input,
                      String label,
                      KeyStorePasswordTicket ticket)
               throws KeyStoreCancelException,
                      KeyStoreDecodeException

Returns the byte array that is decrypted with the password.

Parameters:: input - The input byte array that is to be encrypted.; label - a string that will be shown to the user on a prompt for passphrase if necessary.; ticket - A ticket denoting whether or not the developer has access to the keystore. A ticket can be retrieved from the getTicket method in the key store or keystore data. The ticket can also be null which will most likely prompt for a password from the user automatically (essentially calls getTicket for you).
Returns:: A byte array containing the decrypted data.
Throws:: KeyStoreCancelException - Thrown when the user cancels out of the simple password dialog since they appear to not want to enter their password.; KeyStoreDecodeException - if the keystore was unable to decrypt the ciphertext given that the security level was incorrect or the password was somehow incorrect.
Category:: Signed: This element is only accessible by signed applications. If you intend to use this element, please visit http://www.blackberry.com/go/codesigning to obtain a set of code signing keys. Code signing is only required for applications running on BlackBerry smartphones; development on BlackBerry Smartphone Simulators can occur without code signing.
Since:: BlackBerry API 4.0.0

decrypt

public byte[] decrypt(int securityLevel,
                      long salt,
                      byte[] input,
                      int offset,
                      int length,
                      String label,
                      KeyStorePasswordTicket ticket)
               throws KeyStoreCancelException,
                      KeyStoreDecodeException

Deprecated. Use the other decrypt method that does not take in a salt or security level.

Returns the byte array that is decrypted with the password.

Parameters:: securityLevel - The security level.; salt - The salt that is used to decrypt the password. This should be random.; input - The input byte array that is to be decrypted.; offset - The offset into the byte array to be decrypted.; length - The number of bytes to be decrypted.; label - A string that will be shown to the user when prompting for a passphrase if necessary.; ticket - A ticket denoting whether or not the developer has access to the keystore. A ticket can be retrieved from the getTicket method in the key store or keystore data. The ticket can also be null which will most likely prompt for a password from the user automatically (essentially calls getTicket for you).
Returns:: A byte array containing the decrypted input
Throws:: KeyStoreCancelException - Thrown when the user cancels out of the simple password dialog since they appear to not want to enter their password.; KeyStoreDecodeException - if the keystore was unable to decrypt the ciphertext given that the security level was incorrect or the password was somehow incorrect.
Category:: Signed: This element is only accessible by signed applications. If you intend to use this element, please visit http://www.blackberry.com/go/codesigning to obtain a set of code signing keys. Code signing is only required for applications running on BlackBerry smartphones; development on BlackBerry Smartphone Simulators can occur without code signing.
Since:: BlackBerry API 3.6.0

decrypt

public byte[] decrypt(byte[] input,
                      int offset,
                      int length,
                      String label,
                      KeyStorePasswordTicket ticket)
               throws KeyStoreCancelException,
                      KeyStoreDecodeException

Returns the byte array that is decrypted with the password.

Parameters:: input - The input byte array that is to be decrypted.; offset - The offset into the byte array to be decrypted.; length - The number of bytes to be decrypted.; label - A string that will be shown to the user when prompting for a passphrase if necessary.; ticket - A ticket denoting whether or not the developer has access to the keystore. A ticket can be retrieved from the getTicket method in the key store or keystore data. The ticket can also be null which will most likely prompt for a password from the user automatically (essentially calls getTicket for you).
Returns:: A byte array containing the decrypted input
Throws:: KeyStoreCancelException - Thrown when the user cancels out of the simple password dialog since they appear to not want to enter their password.; KeyStoreDecodeException - if the keystore was unable to decrypt the ciphertext given that the security level was incorrect or the password was somehow incorrect.
Category:: Signed: This element is only accessible by signed applications. If you intend to use this element, please visit http://www.blackberry.com/go/codesigning to obtain a set of code signing keys. Code signing is only required for applications running on BlackBerry smartphones; development on BlackBerry Smartphone Simulators can occur without code signing.
Since:: BlackBerry API 4.0.0

changePassword

public void changePassword()
                    throws KeyStoreCancelException

This function is called to change the KeyStore password on the device.

This function prompts for the old password and the new password. It ensures that the old password is correct and then proceeds. If the old password is incorrect it continues to prompt until the maximum number of attempts is reached.

Throws:: KeyStoreCancelException - Thrown when the user cancels out of the simple password dialog since they appear to not want to enter their password.
Category:: Signed: This element is only accessible by signed applications. If you intend to use this element, please visit http://www.blackberry.com/go/codesigning to obtain a set of code signing keys. Code signing is only required for applications running on BlackBerry smartphones; development on BlackBerry Smartphone Simulators can occur without code signing.
Since:: BlackBerry API 3.6.0

decryptReEncrypt

public byte[] decryptReEncrypt(int securityLevel,
                               long salt,
                               byte[] ciphertext)
                        throws KeyStoreDecodeException

Deprecated. Use the decryptReEncrypt method that no longer requires a securityLevel and a salt.

During a change password operation this helper function allows an easy way to change the encryption of an object from the old password to the new password.

It is important to note that this will take in a byte array that is encrypted with the old password and return a new byte array that is encrypted with the new password. Everything is seamless to the user.

Parameters:: securityLevel - An integer representing the security level.; salt - The salt used to encrypt the data. Must be random. Note that the salt is going to be the same for the old ciphertext and the new ciphertext.; ciphertext - A byte array containing the ciphertext.
Returns:: A byte array containing the decrypted data.
Throws:: InvalidKeyEncodingException - Thrown if the key is improperly encoded.; KeyStoreDecodeException - if the keystore was unable to decrypt the ciphertext given that the security level was incorrect or the password was somehow incorrect.
Category:: Signed: This element is only accessible by signed applications. If you intend to use this element, please visit http://www.blackberry.com/go/codesigning to obtain a set of code signing keys. Code signing is only required for applications running on BlackBerry smartphones; development on BlackBerry Smartphone Simulators can occur without code signing.
Since:: BlackBerry API 3.6.0

decryptReEncrypt

public byte[] decryptReEncrypt(int securityLevel,
                               byte[] ciphertext)
                        throws KeyStoreDecodeException

During a change password operation this helper function allows an easy way to change the encryption of an object from the old password to the new password.

Parameters:: securityLevel - An integer representing the security level.; ciphertext - A byte array containing the ciphertext.
Returns:: A byte array containing the decrypted data.
Throws:: InvalidKeyEncodingException - Thrown if the key is improperly encoded.; KeyStoreDecodeException - if the keystore was unable to decrypt the ciphertext given that the security level was incorrect or the password was somehow incorrect.
Category:: Signed: This element is only accessible by signed applications. If you intend to use this element, please visit http://www.blackberry.com/go/codesigning to obtain a set of code signing keys. Code signing is only required for applications running on BlackBerry smartphones; development on BlackBerry Smartphone Simulators can occur without code signing.
Since:: BlackBerry API 4.0.0

getTicket

public KeyStorePasswordTicket getTicket(KeyStore keyStore)
                                 throws KeyStoreCancelException

Returns a ticket if the operation to retrieve one was successful. Note that this method is for returning a KeyStorePasswordTicket from the KeyStorePasswordManager. It should be used by the 3rd party KeyStores and KeyStoreDatas to show their KeyStore or KeyStoreData name instead of some generic ticket message.