• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4 
5 #ifndef CHROMEOS_NETWORK_ONC_ONC_UTILS_H_
6 #define CHROMEOS_NETWORK_ONC_ONC_UTILS_H_
7 
8 #include <map>
9 #include <string>
10 #include <vector>
11 
12 #include "base/basictypes.h"
13 #include "base/memory/ref_counted.h"
14 #include "base/memory/scoped_ptr.h"
15 #include "chromeos/chromeos_export.h"
16 #include "chromeos/network/network_type_pattern.h"
17 #include "components/onc/onc_constants.h"
18 
19 namespace base {
20 class DictionaryValue;
21 class ListValue;
22 }
23 
24 namespace net {
25 class X509Certificate;
26 }
27 
28 namespace chromeos {
29 namespace onc {
30 
31 struct OncValueSignature;
32 
33 // A valid but empty (no networks and no certificates) and unencrypted
34 // configuration.
35 CHROMEOS_EXPORT extern const char kEmptyUnencryptedConfiguration[];
36 
37 typedef std::map<std::string, std::string> CertPEMsByGUIDMap;
38 
39 // Parses |json| according to the JSON format. If |json| is a JSON formatted
40 // dictionary, the function returns the dictionary as a DictionaryValue.
41 // Otherwise returns NULL.
42 CHROMEOS_EXPORT scoped_ptr<base::DictionaryValue> ReadDictionaryFromJson(
43     const std::string& json);
44 
45 // Decrypts the given EncryptedConfiguration |onc| (see the ONC specification)
46 // using |passphrase|. The resulting UnencryptedConfiguration is returned. If an
47 // error occurs, returns NULL.
48 CHROMEOS_EXPORT scoped_ptr<base::DictionaryValue> Decrypt(
49     const std::string& passphrase,
50     const base::DictionaryValue& onc);
51 
52 // For logging only: strings not user facing.
53 CHROMEOS_EXPORT std::string GetSourceAsString(::onc::ONCSource source);
54 
55 // Used for string expansion with function ExpandStringInOncObject(...).
56 class CHROMEOS_EXPORT StringSubstitution {
57  public:
StringSubstitution()58   StringSubstitution() {}
~StringSubstitution()59   virtual ~StringSubstitution() {}
60 
61   // Returns the replacement string for |placeholder| in
62   // |substitute|. Currently, substitutes::kLoginIDField and
63   // substitutes::kEmailField are supported.
64   virtual bool GetSubstitute(const std::string& placeholder,
65                              std::string* substitute) const = 0;
66 
67  private:
68   DISALLOW_COPY_AND_ASSIGN(StringSubstitution);
69 };
70 
71 // Replaces all expandable fields that are mentioned in the ONC
72 // specification. The object of |onc_object| is modified in place. Currently
73 // substitutes::kLoginIDField and substitutes::kEmailField are expanded. The
74 // replacement strings are obtained from |substitution|.
75 CHROMEOS_EXPORT void ExpandStringsInOncObject(
76     const OncValueSignature& signature,
77     const StringSubstitution& substitution,
78     base::DictionaryValue* onc_object);
79 
80 // Replaces expandable fields in the networks of |network_configs|, which must
81 // be a list of ONC NetworkConfigurations. See ExpandStringsInOncObject above.
82 CHROMEOS_EXPORT void ExpandStringsInNetworks(
83     const StringSubstitution& substitution,
84     base::ListValue* network_configs);
85 
86 // Creates a copy of |onc_object| with all values of sensitive fields replaced
87 // by |mask|. To find sensitive fields, signature and field name are checked
88 // with the function FieldIsCredential().
89 CHROMEOS_EXPORT scoped_ptr<base::DictionaryValue> MaskCredentialsInOncObject(
90     const OncValueSignature& signature,
91     const base::DictionaryValue& onc_object,
92     const std::string& mask);
93 
94 // Decrypts |onc_blob| with |passphrase| if necessary. Clears |network_configs|,
95 // |global_network_config| and |certificates| and fills them with the validated
96 // NetworkConfigurations, GlobalNetworkConfiguration and Certificates of
97 // |onc_blob|. Returns false if any validation errors or warnings occurred.
98 // Still, some configuration might be added to the output arguments and should
99 // be further processed by the caller.
100 CHROMEOS_EXPORT bool ParseAndValidateOncForImport(
101     const std::string& onc_blob,
102     ::onc::ONCSource onc_source,
103     const std::string& passphrase,
104     base::ListValue* network_configs,
105     base::DictionaryValue* global_network_config,
106     base::ListValue* certificates);
107 
108 // Parse the given PEM encoded certificate |pem_encoded| and create a
109 // X509Certificate from it.
110 CHROMEOS_EXPORT scoped_refptr<net::X509Certificate> DecodePEMCertificate(
111     const std::string& pem_encoded);
112 
113 // Replaces all references by GUID to Server or CA certs by their PEM
114 // encoding. Returns true if all references could be resolved. Otherwise returns
115 // false and network configurations with unresolveable references are removed
116 // from |network_configs|. |network_configs| must be a list of ONC
117 // NetworkConfiguration dictionaries.
118 CHROMEOS_EXPORT bool ResolveServerCertRefsInNetworks(
119     const CertPEMsByGUIDMap& certs_by_guid,
120     base::ListValue* network_configs);
121 
122 // Replaces all references by GUID to Server or CA certs by their PEM
123 // encoding. Returns true if all references could be resolved. |network_config|
124 // must be a ONC NetworkConfiguration.
125 CHROMEOS_EXPORT bool ResolveServerCertRefsInNetwork(
126     const CertPEMsByGUIDMap& certs_by_guid,
127     base::DictionaryValue* network_config);
128 
129 // Returns a network type pattern for matching the ONC type string.
130 CHROMEOS_EXPORT NetworkTypePattern NetworkTypePatternFromOncType(
131     const std::string& type);
132 
133 }  // namespace onc
134 }  // namespace chromeos
135 
136 #endif  // CHROMEOS_NETWORK_ONC_ONC_UTILS_H_
137