blackberry.com
BlackBerry Dynamics
Runtime library for iOS applications
from the application developer portal
Public Member Functions | Properties

GDPKICertificate Class Reference

X.509 Public Key Certificate. More...

#import <GDPKI.h>

List of all members.

Public Member Functions

Properties


Detailed Description

Objects of this class are used to represent X.509 public key certificates in the BlackBerry Dynamics secure store. Certificates in the store could be used as part of integration with an enterprise public key infrastructure.

The properties of this class correspond to the standard fields of an X.509 public key certificate.

See also:
RFC 3280 and RFC 5280 on the ietf.org website.

Public Key Infrastructure Integration

BlackBerry Dynamics can be integrated into a public key infrastructure (PKI) implementation. BlackBerry Dynamics has a number of capabilities for handling the X.509 public key certificates that would be associated with an end user within an enterprise PKI implementation.

Certificate Store Notifications

The BlackBerry Dynamics runtime maintains a secure certificate store on the device. The application code can be notified when certificates are added to, and removed from, the secure certificate store.

The typical usage of the notification interface is as follows.

  1. The application code implements and adds a notification observer, using the native NSNotificationCenter programming interface.
  2. When the BlackBerry Dynamics runtime adds an X.509 certificate to its store, a notification is dispatched to the observer. The notification includes a reference to an object that represents the certificate.
  3. The application code in the observer extracts the certificate object from the notification.
  4. The application code can read the object properties to determine the characteristics of the certificate.

The available notifications are:

In all cases, the object of the notification will be an instance of this class that represents the certificate.

See also:
NSNotificationCenter class reference on the apple.com developer website.
Certificate Credential Import documentation for a related interface.

Code Snippets

The following code snippets illustrate some common tasks.

Certificate Notification Observer

 - (void)addCertificateObservers {
     [[NSNotificationCenter defaultCenter] addObserver:self
                                              selector:@selector(certificateAdded:)
                                                  name:GDPKINotificationCertificateAdded
                                                object:nil];
     [[NSNotificationCenter defaultCenter] addObserver:self
                                              selector:@selector(certificateRemoved:)
                                                  name:GDPKINotificationCertificateRemoved
                                                object:nil];
 }

 - (void)certificateAdded:(NSNotification *)nsNotification {
     GDPKICertificate *gdPKICertificate = nsNotification.object;
     SecCertificateRef secCertificate =
         SecCertificateCreateWithData(NULL, gdPKICertificate.binaryX509DER);
     CFStringRef secCertificateSummary =
         SecCertificateCopySubjectSummary(secCertificate);
     NSLog(@"Certificate added. Serial Number: \"%s\", Summary:\"%s\".\n",
           gdPKICertificate.serialNumber, (NSString*)secCertificateSummary);
     CFRelease(secCertificateSummary);
     CFRelease(secCertificate);
 }

 - (void)certificateRemoved:(NSNotification *)nsNotification {
     GDPKICertificate *gdPKICertificate = nsNotification.object;
   
     NSLog(@"Certificate removed. Serial Number: \"%@\".\n",
           gdPKICertificate.serialNumber );
 }
The above snippet shows:

  • Registration for notification of certificate addition and removal. The observer code is specified by selector.
  • Dummy implementation of the certificate added listener that:
    • Logs one field directly from the notification object, which is a BlackBerry Dynamics representation of a certificate.
    • Creates a native representation of the same certificate, and logs another field from it.
  • Dummy implementation of the certificate removed listener that logs one X.509 field.
See also:
Certificates reference documentation on the apple.com developer website.

Member Function Documentation

- (instancetype) initWithData: (NSData *)  x509

Call this function to initialize a new object from binary DER encoded X.509 certificate data.

Parameters:
x509NSData containing the binary DER encoded X.509 data.

Property Documentation

- (NSData*) binaryX509DER [read, assign]

Binary DER encoded representation of the X.509 certificate data.

- (NSInteger) version [read, assign]

The X.509 version of the certificate.

- (NSString*) serialNumber [read, assign]

Value of the X.509 Serial Number field of the certificate.

- (NSString*) subjectName [read, assign]

Value of the X.509 Subject field of the certificate.

- (NSString*) subjectAlternativeName [read, assign]

Value of the X.509 Subject Alternative Name field of the certificate.

- (NSString*) issuer [read, assign]

Value of the X.509 Issuer field of the certificate.

- (NSDate*) notBeforeDate [read, assign]

Value of the X.509 Validity: Not Before date and time of the certificate.

- (NSDate*) notAfterDate [read, assign]

Value of the X.509 Validity: Not After date and time of the certificate.

- (NSString*) keyUsage [read, assign]

Value of the X.509 Key Usage field of the certificate.


The documentation for this class was generated from the following file: