1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #ifndef CHROMEOS_NETWORK_ONC_ONC_UTILS_H_ 6 #define CHROMEOS_NETWORK_ONC_ONC_UTILS_H_ 7 8 #include <map> 9 #include <string> 10 #include <vector> 11 12 #include "base/basictypes.h" 13 #include "base/memory/ref_counted.h" 14 #include "base/memory/scoped_ptr.h" 15 #include "chromeos/chromeos_export.h" 16 #include "components/onc/onc_constants.h" 17 18 namespace base { 19 class DictionaryValue; 20 class ListValue; 21 } 22 23 namespace net { 24 class X509Certificate; 25 } 26 27 namespace chromeos { 28 namespace onc { 29 30 struct OncValueSignature; 31 32 // A valid but empty (no networks and no certificates) and unencrypted 33 // configuration. 34 CHROMEOS_EXPORT extern const char kEmptyUnencryptedConfiguration[]; 35 36 typedef std::map<std::string, std::string> CertPEMsByGUIDMap; 37 38 // Parses |json| according to the JSON format. If |json| is a JSON formatted 39 // dictionary, the function returns the dictionary as a DictionaryValue. 40 // Otherwise returns NULL. 41 CHROMEOS_EXPORT scoped_ptr<base::DictionaryValue> ReadDictionaryFromJson( 42 const std::string& json); 43 44 // Decrypts the given EncryptedConfiguration |onc| (see the ONC specification) 45 // using |passphrase|. The resulting UnencryptedConfiguration is returned. If an 46 // error occurs, returns NULL. 47 CHROMEOS_EXPORT scoped_ptr<base::DictionaryValue> Decrypt( 48 const std::string& passphrase, 49 const base::DictionaryValue& onc); 50 51 // For logging only: strings not user facing. 52 CHROMEOS_EXPORT std::string GetSourceAsString(::onc::ONCSource source); 53 54 // Used for string expansion with function ExpandStringInOncObject(...). 55 class CHROMEOS_EXPORT StringSubstitution { 56 public: 57 StringSubstitution() {} 58 virtual ~StringSubstitution() {} 59 60 // Returns the replacement string for |placeholder| in 61 // |substitute|. Currently, substitutes::kLoginIDField and 62 // substitutes::kEmailField are supported. 63 virtual bool GetSubstitute(const std::string& placeholder, 64 std::string* substitute) const = 0; 65 66 private: 67 DISALLOW_COPY_AND_ASSIGN(StringSubstitution); 68 }; 69 70 // Replaces all expandable fields that are mentioned in the ONC 71 // specification. The object of |onc_object| is modified in place. Currently 72 // substitutes::kLoginIDField and substitutes::kEmailField are expanded. The 73 // replacement strings are obtained from |substitution|. 74 CHROMEOS_EXPORT void ExpandStringsInOncObject( 75 const OncValueSignature& signature, 76 const StringSubstitution& substitution, 77 base::DictionaryValue* onc_object); 78 79 // Replaces expandable fields in the networks of |network_configs|, which must 80 // be a list of ONC NetworkConfigurations. See ExpandStringsInOncObject above. 81 CHROMEOS_EXPORT void ExpandStringsInNetworks( 82 const StringSubstitution& substitution, 83 base::ListValue* network_configs); 84 85 // Creates a copy of |onc_object| with all values of sensitive fields replaced 86 // by |mask|. To find sensitive fields, signature and field name are checked 87 // with the function FieldIsCredential(). 88 CHROMEOS_EXPORT scoped_ptr<base::DictionaryValue> MaskCredentialsInOncObject( 89 const OncValueSignature& signature, 90 const base::DictionaryValue& onc_object, 91 const std::string& mask); 92 93 // Decrypts |onc_blob| with |passphrase| if necessary. Clears |network_configs|, 94 // |global_network_config| and |certificates| and fills them with the validated 95 // NetworkConfigurations, GlobalNetworkConfiguration and Certificates of 96 // |onc_blob|. Returns false if any validation errors or warnings occurred. 97 // Still, some configuration might be added to the output arguments and should 98 // be further processed by the caller. 99 CHROMEOS_EXPORT bool ParseAndValidateOncForImport( 100 const std::string& onc_blob, 101 ::onc::ONCSource onc_source, 102 const std::string& passphrase, 103 base::ListValue* network_configs, 104 base::DictionaryValue* global_network_config, 105 base::ListValue* certificates); 106 107 // Parse the given PEM encoded certificate |pem_encoded| and create a 108 // X509Certificate from it. 109 CHROMEOS_EXPORT scoped_refptr<net::X509Certificate> DecodePEMCertificate( 110 const std::string& pem_encoded); 111 112 // Replaces all references by GUID to Server or CA certs by their PEM 113 // encoding. Returns true if all references could be resolved. Otherwise returns 114 // false and network configurations with unresolveable references are removed 115 // from |network_configs|. |network_configs| must be a list of ONC 116 // NetworkConfiguration dictionaries. 117 CHROMEOS_EXPORT bool ResolveServerCertRefsInNetworks( 118 const CertPEMsByGUIDMap& certs_by_guid, 119 base::ListValue* network_configs); 120 121 // Replaces all references by GUID to Server or CA certs by their PEM 122 // encoding. Returns true if all references could be resolved. |network_config| 123 // must be a ONC NetworkConfiguration. 124 CHROMEOS_EXPORT bool ResolveServerCertRefsInNetwork( 125 const CertPEMsByGUIDMap& certs_by_guid, 126 base::DictionaryValue* network_config); 127 128 } // namespace onc 129 } // namespace chromeos 130 131 #endif // CHROMEOS_NETWORK_ONC_ONC_UTILS_H_ 132
