com.netflix.msl.util

Class MslContext

java.lang.Object

com.netflix.msl.util.MslContext

public abstract class MslContext
extends java.lang.Object

The context provides access to all factories, builders, and containers that are needed by the MSL library. There is expected to be one global context per trusted services network or peer-to-peer network. By extension, the MSL store instance returned by the context is expected to be specific to the owning context.

See Also:

MslStore

Nested Class Summary

Nested Classes

Modifier and Type	Class and Description
static class	MslContext.ReauthCode Re-authentication reason codes.

Constructor Summary

Constructors

Constructor and Description
MslContext()

Method Summary

Modifier and Type	Method and Description
abstract EntityAuthenticationData	getEntityAuthenticationData(MslContext.ReauthCode reauthCode) Returns the entity authentication data for this entity.
abstract EntityAuthenticationFactory	getEntityAuthenticationFactory(EntityAuthenticationScheme scheme) Returns the entity authentication factory for the specified scheme.
abstract EntityAuthenticationScheme	getEntityAuthenticationScheme(java.lang.String name) Returns the entity authentication scheme identified by the specified name or null if there is none.
abstract java.util.SortedSet<KeyExchangeFactory>	getKeyExchangeFactories() Returns the supported key exchange factories in order of preferred use.
abstract KeyExchangeFactory	getKeyExchangeFactory(KeyExchangeScheme scheme) Returns the key exchange factory for the specified scheme.
abstract KeyExchangeScheme	getKeyExchangeScheme(java.lang.String name) Returns the key exchange scheme identified by the specified name or null if there is none.
abstract MessageCapabilities	getMessageCapabilities() Returns the message capabilities for this entity.
abstract ICryptoContext	getMslCryptoContext() Returns the primary crypto context used for MSL-level crypto operations.
abstract MslEncoderFactory	getMslEncoderFactory() Returns the MSL encoder factory specific to this MSL context.
abstract MslStore	getMslStore() Returns the MSL store specific to this MSL context.
abstract java.util.Random	getRandom() Returns a random number generator.
java.util.Date	getRemoteTime() Return the expected remote entity time or null if the clock is not yet synchronized.
abstract long	getTime() Returns the local entity time.
abstract TokenFactory	getTokenFactory() Returns the token factory.
abstract UserAuthenticationFactory	getUserAuthenticationFactory(UserAuthenticationScheme scheme) Returns the user authentication factory for the specified scheme.
abstract UserAuthenticationScheme	getUserAuthenticationScheme(java.lang.String name) Returns the user authentication scheme identified by the specified name or null if there is none.
abstract boolean	isPeerToPeer() Returns true if the context is operating in a peer-to-peer network.
void	updateRemoteTime(java.util.Date time) Update the remote entity time.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

MslContext

public MslContext()

Method Detail

getTime

public abstract long getTime()

Returns the local entity time. This is assumed to be the real time.

Returns:

{number} the local entity time in milliseconds since the epoch.

getRandom

public abstract java.util.Random getRandom()

Returns a random number generator.

It is extremely important to provide a secure (pseudo-)random number generator with a good source of entropy. Many random number generators, including those found in the Java Runtime Environment, JavaScript, and operating systems do not provide sufficient randomness.

If in doubt, performing an XOR on the output of two or more independent random sources can be used to provide better random values.

Returns:

a random number generator.

isPeerToPeer

public abstract boolean isPeerToPeer()

Returns true if the context is operating in a peer-to-peer network. The message processing logic is slightly different in peer-to-peer networks.

Returns:

true if in peer-to-peer mode.

getMessageCapabilities

public abstract MessageCapabilities getMessageCapabilities()

Returns the message capabilities for this entity.

Returns:

this entity's message capabilities.

getEntityAuthenticationData

public abstract EntityAuthenticationData getEntityAuthenticationData(MslContext.ReauthCode reauthCode)

Returns the entity authentication data for this entity. This is used to authenticate messages prior to generation of a master token.

This method should never return null but may do so in the one situation when the reauthCode parameter is provided and the application knows that the request being sent can no longer succeed because the existing master token, user ID token, or service tokens are no longer valid. This will abort the request.

If the reauthCode parameter is equal to MslContext.ReauthCode.ENTITY_REAUTH then the existing master token has been rejected, along with its bound user ID tokens and service tokens.

If the reauthCode parameter is equal to MslContext.ReauthCode.ENTITYDATA_REAUTH then new entity re-authentication data should be returned for this and all subsequent calls.

The entity authentication scheme must never change.

This method will be called multiple times.

Parameters:

reauthCode - non-null if the master token or entity authentication data was rejected. If the entity authentication data was rejected then new entity authentication data is required.

Returns:

this entity's entity authentication data or null.

getMslCryptoContext

public abstract ICryptoContext getMslCryptoContext()
                                            throws MslCryptoException

Returns the primary crypto context used for MSL-level crypto operations. This is used for the master tokens and user ID tokens.

Trusted network clients should return a crypto context that always returns false for verification. The other crypto context methods will not be used by trusted network clients.

Returns:

the primary MSL crypto context.

Throws:

MslCryptoException - if there is an error creating the crypto context.

getEntityAuthenticationScheme

public abstract EntityAuthenticationScheme getEntityAuthenticationScheme(java.lang.String name)

Returns the entity authentication scheme identified by the specified name or null if there is none.

Parameters:

name - the entity authentication scheme name.

Returns:

the scheme identified by the specified name or null if there is none.

getEntityAuthenticationFactory

public abstract EntityAuthenticationFactory getEntityAuthenticationFactory(EntityAuthenticationScheme scheme)

Returns the entity authentication factory for the specified scheme.

Parameters:

scheme - the entity authentication scheme.

Returns:

the entity authentication factory, or null if no factory is available.

getUserAuthenticationScheme

public abstract UserAuthenticationScheme getUserAuthenticationScheme(java.lang.String name)

Returns the user authentication scheme identified by the specified name or null if there is none.

Parameters:

name - the user authentication scheme name.

Returns:

the scheme identified by the specified name or null if there is none.

getUserAuthenticationFactory

public abstract UserAuthenticationFactory getUserAuthenticationFactory(UserAuthenticationScheme scheme)

Returns the user authentication factory for the specified scheme. Trusted network clients should always return null.

Parameters:

scheme - the user authentication scheme.

Returns:

the user authentication factory, or null if no factory is available.

getTokenFactory

public abstract TokenFactory getTokenFactory()

Returns the token factory. This method will not be called by trusted network clients.

Returns:

the token factory.

getKeyExchangeScheme

public abstract KeyExchangeScheme getKeyExchangeScheme(java.lang.String name)

Returns the key exchange scheme identified by the specified name or null if there is none.

Parameters:

name - the key exchange scheme name.

Returns:

the scheme identified by the specified name or null if there is none.

getKeyExchangeFactory

public abstract KeyExchangeFactory getKeyExchangeFactory(KeyExchangeScheme scheme)

Returns the key exchange factory for the specified scheme.

Parameters:

scheme - the key exchange scheme.

Returns:

the key exchange factory, or null if no factory is available.

getKeyExchangeFactories

public abstract java.util.SortedSet<KeyExchangeFactory> getKeyExchangeFactories()

Returns the supported key exchange factories in order of preferred use. This should return an immutable collection.

Returns:

the key exchange factories, or the empty set.

getMslStore

public abstract MslStore getMslStore()

Returns the MSL store specific to this MSL context.

Returns:

the MSL store.

getMslEncoderFactory

public abstract MslEncoderFactory getMslEncoderFactory()

Returns the MSL encoder factory specific to this MSL context.

Returns:

the MSL encoder factory.

updateRemoteTime

public final void updateRemoteTime(java.util.Date time)

Update the remote entity time.

This function is only used by MslControl and should not be used by the application.

Parameters:

time - remote entity time.

getRemoteTime

public final java.util.Date getRemoteTime()

Return the expected remote entity time or null if the clock is not yet synchronized.

This function is only used by MslControl and should not be used by the application.

Returns:

the expected remote entity time or null if not known.