net.rim.device.api.crypto.certificate.x509
Class X509CertificateRevocationList

java.lang.Object
  extended by net.rim.device.api.crypto.certificate.x509.X509CertificateRevocationList
All Implemented Interfaces:
CertificateRevocationList

public class X509CertificateRevocationList
extends Object
implements CertificateRevocationList

Provides support for X.509 Certificate Revocation Lists (CRLs) as defined in RFC 2459, including support for both version one and version two. This class does not provide a means to acquire a CRL, but merely parses a CRL that has already been retrieved.

See Also:
Certificate, CertificateRevocationList
Category:
Signed: This element is only accessible by signed applications. If you intend to use this element, please visit http://www.blackberry.com/go/codesigning to obtain a set of code signing keys. Code signing is only required for applications running on BlackBerry smartphones; development on BlackBerry Smartphone Simulators can occur without code signing.
Since:
BlackBerry API 3.6.0

Constructor Summary
Category: Signed X509CertificateRevocationList(InputStream in, KeyStore keyStore)
          Creates an X509CertificateRevocationList object from the data in the given input stream.
Category: Signed X509CertificateRevocationList(ASN1InputStream in, KeyStore keyStore)
          Creates an X509CertificateRevocationList object from the data in the given ASN.1 input stream.
 
Method Summary
Category: Signed  boolean equals(Object obj2)
          Indicates whether some other object is "equal to" this one.
Category: Signed  CertificateExtension getCRLEntryExtension(Certificate certificate, OID oid)
          Returns the CRL entry extension, for this certificate, for the given oid if it exists, otherwise null.
Category: Signed  CertificateExtension[] getCRLEntryExtensions(Certificate certificate)
          Returns all the CRL entry extensions associated with this certificate, or null.
Category: Signed  CertificateExtension[] getCRLEntryExtensions(Certificate certificate, boolean criticalBit)
          Returns all the extensions associated with this CRL Entry that have their critical bit set to the value of criticalBit, or null if none are found.
Category: Signed  CertificateStatus getCertificateStatus(Certificate certificate)
          Returns the status of the given certificate, if it is found in this CRL and the CRL is valid.
Category: Signed  CertificateStatus getCertificateStatus(Certificate certificate, long time)
          Returns the status of the given certificate, if it is found in this CRL and the CRL is valid.
Category: Signed  CertificateExtension getExtension(OID oid)
          Returns the extension for the given oid if it exists in the CRL, otherwise null.
Category: Signed  CertificateExtension[] getExtensions()
          Returns all the extensions associated with this CRL, or null.
Category: Signed  CertificateExtension[] getExtensions(boolean criticalBit)
          Returns all the extensions associated with this CRL that have their critical bit set to the value of criticalBit, or null if none are found.
Category: Signed  DistinguishedName getIssuer()
          Get the issuer of this CRL.
Category: Signed  long getNextUpdate()
          Returns the date by when the next CRL will be issued, or 0 if this information is not provided.
Category: Signed  long getThisUpdate()
          Returns the date of issue for this CRL.
 
Methods inherited from class java.lang.Object
getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 



Constructor Detail

X509CertificateRevocationList

public X509CertificateRevocationList(InputStream in,
                                     KeyStore keyStore)
                              throws CRLEncodingException,
                                     CRLVerificationException,
                                     IOException,
                                     CryptoTokenException,
                                     CryptoUnsupportedOperationException
Creates an X509CertificateRevocationList object from the data in the given input stream. The CRL is read in and parsed, and the signature is verified with the appropriate certificate from the specified key store.

Parameters:
in - The input stream containing the ASN.1 representation of the CRL.
keyStore - The key store that contains the certificate necessary to verify the CRL (ie the CA's certificate).

Throws:
CRLEncodingException - Thrown if the CRL is formatted improperly.
CRLVerificationException - Thrown if the signature in the CRL cannot be verified, or the necessary certificate cannot be found.
IOException - Thrown in the case of a stream I/O error.
CryptoTokenException - Thrown if an error occurs with the crypto token or the crypto token is invalid.
CryptoUnsupportedOperationException - Thrown if a call is made to an unsupported operation.
Category:
Signed: This element is only accessible by signed applications. If you intend to use this element, please visit http://www.blackberry.com/go/codesigning to obtain a set of code signing keys. Code signing is only required for applications running on BlackBerry smartphones; development on BlackBerry Smartphone Simulators can occur without code signing.
Since:
BlackBerry API 3.6.0

X509CertificateRevocationList

public X509CertificateRevocationList(ASN1InputStream in,
                                     KeyStore keyStore)
                              throws CRLEncodingException,
                                     CRLVerificationException,
                                     IOException,
                                     CryptoTokenException,
                                     CryptoUnsupportedOperationException
Creates an X509CertificateRevocationList object from the data in the given ASN.1 input stream.

The CRL is read in and parsed, and the signature is verified with the appropriate certificate from the specified key store.

Parameters:
in - The ASN.1 input stream containing the ASN.1 representation of the CRL.
keyStore - The key store that contains the certificate necessary to verify the CRL (ie the CA's certificate).
Throws:
CRLEncodingException - Thrown if the CRL is formatted improperly.
CRLVerificationException - Thrown if the signature in the CRL cannot be verified, or the necessary certificate cannot be found.
IOException - Thrown in the case of a stream I/O error.
CryptoTokenException - Thrown if an error occurs with the crypto token or the crypto token is invalid.
CryptoUnsupportedOperationException - Thrown if a call is made to an unsupported operation.
Category:
Signed: This element is only accessible by signed applications. If you intend to use this element, please visit http://www.blackberry.com/go/codesigning to obtain a set of code signing keys. Code signing is only required for applications running on BlackBerry smartphones; development on BlackBerry Smartphone Simulators can occur without code signing.
Since:
BlackBerry API 3.6.0


Method Detail

getCertificateStatus

public CertificateStatus getCertificateStatus(Certificate certificate)
Returns the status of the given certificate, if it is found in this CRL and the CRL is valid. The CRL is valid if the current time is after the creation time of the CRL and before the next update time of the CRL.

Specified by:
getCertificateStatus in interface CertificateRevocationList
Parameters:
certificate - The X.509 certificate in question.
Returns:
A CertificateStatus object (with status set to "REVOKED") or null if the certificate is not in the CRL or the CRL is not valid.
Category:
Signed: This element is only accessible by signed applications. If you intend to use this element, please visit http://www.blackberry.com/go/codesigning to obtain a set of code signing keys. Code signing is only required for applications running on BlackBerry smartphones; development on BlackBerry Smartphone Simulators can occur without code signing.
Since:
BlackBerry API 3.6.0

getCertificateStatus

public CertificateStatus getCertificateStatus(Certificate certificate,
                                              long time)
Returns the status of the given certificate, if it is found in this CRL and the CRL is valid. The CRL is valid if the time is after the creation time of the CRL and before the next update time of the CRL.

Specified by:
getCertificateStatus in interface CertificateRevocationList
Parameters:
certificate - The certificate in question.
time - the time to use in checking the certificate status
Returns:
A CertificateStatus object or null if the certificate is not in the CRL.
Category:
Signed: This element is only accessible by signed applications. If you intend to use this element, please visit http://www.blackberry.com/go/codesigning to obtain a set of code signing keys. Code signing is only required for applications running on BlackBerry smartphones; development on BlackBerry Smartphone Simulators can occur without code signing.
Since:
BlackBerry API 3.6.0

getThisUpdate

public long getThisUpdate()
Returns the date of issue for this CRL.

Specified by:
getThisUpdate in interface CertificateRevocationList
Returns:
A long representing the date.
Category:
Signed: This element is only accessible by signed applications. If you intend to use this element, please visit http://www.blackberry.com/go/codesigning to obtain a set of code signing keys. Code signing is only required for applications running on BlackBerry smartphones; development on BlackBerry Smartphone Simulators can occur without code signing.
Since:
BlackBerry API 3.6.0

getNextUpdate

public long getNextUpdate()
Returns the date by when the next CRL will be issued, or 0 if this information is not provided.

Specified by:
getNextUpdate in interface CertificateRevocationList
Returns:
A long representing the date.
Category:
Signed: This element is only accessible by signed applications. If you intend to use this element, please visit http://www.blackberry.com/go/codesigning to obtain a set of code signing keys. Code signing is only required for applications running on BlackBerry smartphones; development on BlackBerry Smartphone Simulators can occur without code signing.
Since:
BlackBerry API 3.6.0

getIssuer

public DistinguishedName getIssuer()
Get the issuer of this CRL.

Specified by:
getIssuer in interface CertificateRevocationList
Returns:
The issuer of this CRL
Category:
Signed: This element is only accessible by signed applications. If you intend to use this element, please visit http://www.blackberry.com/go/codesigning to obtain a set of code signing keys. Code signing is only required for applications running on BlackBerry smartphones; development on BlackBerry Smartphone Simulators can occur without code signing.
Since:
BlackBerry API 3.6.0

getCRLEntryExtension

public CertificateExtension getCRLEntryExtension(Certificate certificate,
                                                 OID oid)
Returns the CRL entry extension, for this certificate, for the given oid if it exists, otherwise null.

Specified by:
getCRLEntryExtension in interface CertificateRevocationList
Parameters:
certificate - The certificate to look up the CRL entry extension for.
oid - The oid to use to look up the extension.
Returns:
A CertificateExtension object. May be null.
See Also:
OIDs
Category:
Signed: This element is only accessible by signed applications. If you intend to use this element, please visit http://www.blackberry.com/go/codesigning to obtain a set of code signing keys. Code signing is only required for applications running on BlackBerry smartphones; development on BlackBerry Smartphone Simulators can occur without code signing.
Since:
BlackBerry API 3.6.0

getCRLEntryExtensions

public CertificateExtension[] getCRLEntryExtensions(Certificate certificate)
Returns all the CRL entry extensions associated with this certificate, or null.

Specified by:
getCRLEntryExtensions in interface CertificateRevocationList
Parameters:
certificate - the certificate to look up the CRL Entry extensions with
Returns:
all the extensions associated with this certificate in the CRL. May be null.
See Also:
OIDs
Category:
Signed: This element is only accessible by signed applications. If you intend to use this element, please visit http://www.blackberry.com/go/codesigning to obtain a set of code signing keys. Code signing is only required for applications running on BlackBerry smartphones; development on BlackBerry Smartphone Simulators can occur without code signing.
Since:
BlackBerry API 3.6.0

getCRLEntryExtensions

public CertificateExtension[] getCRLEntryExtensions(Certificate certificate,
                                                    boolean criticalBit)
Returns all the extensions associated with this CRL Entry that have their critical bit set to the value of criticalBit, or null if none are found.

Specified by:
getCRLEntryExtensions in interface CertificateRevocationList
Parameters:
certificate - the certificate to use to determine which CRL Entry to look up the extensions from
criticalBit - a boolean that is true, if all critical extensions are to be returned and set to false if all non-critical extensions are to be returned
Returns:
An array of CertificateExtensions or null.
See Also:
OIDs
Category:
Signed: This element is only accessible by signed applications. If you intend to use this element, please visit http://www.blackberry.com/go/codesigning to obtain a set of code signing keys. Code signing is only required for applications running on BlackBerry smartphones; development on BlackBerry Smartphone Simulators can occur without code signing.
Since:
BlackBerry API 3.6.0

getExtension

public CertificateExtension getExtension(OID oid)
Returns the extension for the given oid if it exists in the CRL, otherwise null.

Specified by:
getExtension in interface CertificateRevocationList
See Also:
OIDs
Category:
Signed: This element is only accessible by signed applications. If you intend to use this element, please visit http://www.blackberry.com/go/codesigning to obtain a set of code signing keys. Code signing is only required for applications running on BlackBerry smartphones; development on BlackBerry Smartphone Simulators can occur without code signing.
Since:
BlackBerry API 3.6.0

getExtensions

public CertificateExtension[] getExtensions()
Returns all the extensions associated with this CRL, or null.

Specified by:
getExtensions in interface CertificateRevocationList
See Also:
OIDs
Category:
Signed: This element is only accessible by signed applications. If you intend to use this element, please visit http://www.blackberry.com/go/codesigning to obtain a set of code signing keys. Code signing is only required for applications running on BlackBerry smartphones; development on BlackBerry Smartphone Simulators can occur without code signing.
Since:
BlackBerry API 3.6.0

getExtensions

public CertificateExtension[] getExtensions(boolean criticalBit)
Returns all the extensions associated with this CRL that have their critical bit set to the value of criticalBit, or null if none are found.

Specified by:
getExtensions in interface CertificateRevocationList
Parameters:
criticalBit - a boolean that is true, if all critical extensions are to be returned and set to false if all non-critical extensions are to be returned
Returns:
An array of CertificateExtensions or null.
See Also:
OIDs
Category:
Signed: This element is only accessible by signed applications. If you intend to use this element, please visit http://www.blackberry.com/go/codesigning to obtain a set of code signing keys. Code signing is only required for applications running on BlackBerry smartphones; development on BlackBerry Smartphone Simulators can occur without code signing.
Since:
BlackBerry API 3.6.0

equals

public boolean equals(Object obj2)
Description copied from class: Object
Indicates whether some other object is "equal to" this one.

The equals method implements an equivalence relation:

The equals method for class Object implements the most discriminating possible equivalence relation on objects; that is, for any reference values x and y, this method returns true if and only if x and y refer to the same object (x==y has the value true).

Overrides:
equals in class Object
Parameters:
obj2 - the reference object with which to compare.
Returns:
true if this object is the same as the obj argument; false otherwise.
See Also:
Boolean.hashCode(), Hashtable
Category:
Signed: This element is only accessible by signed applications. If you intend to use this element, please visit http://www.blackberry.com/go/codesigning to obtain a set of code signing keys. Code signing is only required for applications running on BlackBerry smartphones; development on BlackBerry Smartphone Simulators can occur without code signing.
Since:
BlackBerry API 3.6.0





Copyright 1999-2010 Research In Motion Limited. 295 Phillip Street, Waterloo, Ontario, Canada, N2L 3W8. All Rights Reserved.
Copyright 1993-2003 Sun Microsystems, Inc. 901 San Antonio Road, Palo Alto, California, 94303, U.S.A. All Rights Reserved.
Copyright 2002-2003 Nokia Corporation All Rights Reserved.
Java is a trademark of Sun Microsystems, Inc.