• BlackBerry Dynamics
  • Runtime library for iOS applications
GDPKICertificate Class Reference

X.509 Public Key Certificate. More...

#import <BlackBerryDynamics/GD/GDPKI.h>

Inheritance diagram for GDPKICertificate:


Objects of this class are used to represent X.509 public key certificates in the BlackBerry Dynamics secure store. Certificates in the store could be used as part of integration with an enterprise public key infrastructure.

The properties of this class correspond to the standard fields of an X.509 public key certificate.

See also
RFC 3280 and RFC 5280 on the ietf.org website.

Public Key Infrastructure Integration

BlackBerry Dynamics can be integrated into a public key infrastructure (PKI) implementation. BlackBerry Dynamics has a number of capabilities for handling the X.509 public key certificates that would be associated with an end user within an enterprise PKI implementation.

Certificate Store Notifications

The BlackBerry Dynamics runtime maintains a secure certificate store on the device. The application code can be notified when certificates are added to, and removed from, the secure certificate store.

The typical usage of the notification interface is as follows.

  1. The application code implements and adds a notification observer, using the native NSNotificationCenter programming interface.
    1. When the BlackBerry Dynamics runtime adds an X.509 certificate to its store, a notification is dispatched to the observer. The notification includes a reference to an object that represents the certificate.
  2. The application code in the observer extracts the certificate object from the notification.
  3. The application code can read the object properties to determine the characteristics of the certificate.

The available notifications are:

In all cases, the object of the notification will be an instance of this class that represents the certificate.

See also
NSNotificationCenter class reference on the apple.com developer website.
Certificate Credential Import documentation for a related interface.

Code Snippets

The following code snippets illustrate some common tasks.

Certificate Notification Observer

- (void)addCertificateObservers {
[[NSNotificationCenter defaultCenter] addObserver:self
[[NSNotificationCenter defaultCenter] addObserver:self
- (void)certificateAdded:(NSNotification *)nsNotification {
GDPKICertificate *gdPKICertificate = nsNotification.object;
SecCertificateRef secCertificate =
SecCertificateCreateWithData(NULL, gdPKICertificate.binaryX509DER);
CFStringRef secCertificateSummary =
NSLog(@"Certificate added. Serial Number: \"%s\", Summary:\"%s\".\n",
gdPKICertificate.serialNumber, (NSString*)secCertificateSummary);
- (void)certificateRemoved:(NSNotification *)nsNotification {
GDPKICertificate *gdPKICertificate = nsNotification.object;
NSLog(@"Certificate removed. Serial Number: \"%@\".\n",
gdPKICertificate.serialNumber );

The above snippet shows:

  • Registration for notification of certificate addition and removal. The observer code is specified by selector.
  • Dummy implementation of the certificate added listener that:
    • Logs one field directly from the notification object, which is a BlackBerry Dynamics representation of a certificate.
    • Creates a native representation of the same certificate, and logs another field from it.
  • Dummy implementation of the certificate removed listener that logs one X.509 field.

See also
Certificates reference documentation on the apple.com developer website.

Instance Methods

(instancetype) - initWithData:
 Initialize from binary DER encoded X.509 certificate data. More...


NSData * binaryX509DER
 Binary DER encoded certificate data. More...
NSInteger version
 X.509 version. More...
NSString * serialNumber
 X.509 Serial Number field. More...
NSString * subjectName
 X.509 Subject field. More...
NSString * subjectAlternativeName
 X.509 Subject Alternative Name field. More...
NSString * issuer
 X.509 Issuer field. More...
NSDate * notBeforeDate
 X.509 Validity: Not Before date and time. More...
NSDate * notAfterDate
 X.509 Validity: Not After date and time. More...
NSString * keyUsage
 X.509 Key Usage field. More...

Method Documentation

◆ initWithData:

- (instancetype) initWithData: (NSData *)  x509

Call this function to initialize a new object from binary DER encoded X.509 certificate data.

x509NSData containing the binary DER encoded X.509 data.

Property Documentation

◆ binaryX509DER

- (NSData*) binaryX509DER

Binary DER encoded representation of the X.509 certificate data.

◆ version

- (NSInteger) version

The X.509 version of the certificate.

◆ serialNumber

- (NSString*) serialNumber

Value of the X.509 Serial Number field of the certificate.

◆ subjectName

- (NSString*) subjectName

Value of the X.509 Subject field of the certificate.

◆ subjectAlternativeName

- (NSString*) subjectAlternativeName

Value of the X.509 Subject Alternative Name field of the certificate.

◆ issuer

- (NSString*) issuer

Value of the X.509 Issuer field of the certificate.

◆ notBeforeDate

- (NSDate*) notBeforeDate

Value of the X.509 Validity: Not Before date and time of the certificate.

◆ notAfterDate

- (NSDate*) notAfterDate

Value of the X.509 Validity: Not After date and time of the certificate.

◆ keyUsage

- (NSString*) keyUsage

Value of the X.509 Key Usage field of the certificate.

The documentation for this class was generated from the following file:
NSData * binaryX509DER
Binary DER encoded certificate data.
Definition: platform/apple/ios/build/BlackBerryDynamics.framework/Headers/GDPKI.h:104
NSString * serialNumber
X.509 Serial Number field.
Definition: platform/apple/ios/build/BlackBerryDynamics.framework/Headers/GDPKI.h:116
NSString *const GDPKINotificationCertificateRemoved
Certificate removal notification identifier.
X.509 Public Key Certificate.
Definition: platform/apple/ios/build/BlackBerryDynamics.framework/Headers/GDPKI.h:89
NSString *const GDPKINotificationCertificateAdded
Certificate addition notification identifier.