1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #ifndef CHROMEOS_NETWORK_ONC_ONC_UTILS_H_ 6 #define CHROMEOS_NETWORK_ONC_ONC_UTILS_H_ 7 8 #include <map> 9 #include <string> 10 #include <vector> 11 12 #include "base/basictypes.h" 13 #include "base/memory/ref_counted.h" 14 #include "base/memory/scoped_ptr.h" 15 #include "chromeos/chromeos_export.h" 16 #include "chromeos/network/network_type_pattern.h" 17 #include "components/onc/onc_constants.h" 18 19 namespace base { 20 class DictionaryValue; 21 class ListValue; 22 } 23 24 namespace net { 25 class X509Certificate; 26 } 27 28 namespace chromeos { 29 namespace onc { 30 31 struct OncValueSignature; 32 33 // A valid but empty (no networks and no certificates) and unencrypted 34 // configuration. 35 CHROMEOS_EXPORT extern const char kEmptyUnencryptedConfiguration[]; 36 37 typedef std::map<std::string, std::string> CertPEMsByGUIDMap; 38 39 // Parses |json| according to the JSON format. If |json| is a JSON formatted 40 // dictionary, the function returns the dictionary as a DictionaryValue. 41 // Otherwise returns NULL. 42 CHROMEOS_EXPORT scoped_ptr<base::DictionaryValue> ReadDictionaryFromJson( 43 const std::string& json); 44 45 // Decrypts the given EncryptedConfiguration |onc| (see the ONC specification) 46 // using |passphrase|. The resulting UnencryptedConfiguration is returned. If an 47 // error occurs, returns NULL. 48 CHROMEOS_EXPORT scoped_ptr<base::DictionaryValue> Decrypt( 49 const std::string& passphrase, 50 const base::DictionaryValue& onc); 51 52 // For logging only: strings not user facing. 53 CHROMEOS_EXPORT std::string GetSourceAsString(::onc::ONCSource source); 54 55 // Used for string expansion with function ExpandStringInOncObject(...). 56 class CHROMEOS_EXPORT StringSubstitution { 57 public: 58 StringSubstitution() {} 59 virtual ~StringSubstitution() {} 60 61 // Returns the replacement string for |placeholder| in 62 // |substitute|. Currently, substitutes::kLoginIDField and 63 // substitutes::kEmailField are supported. 64 virtual bool GetSubstitute(const std::string& placeholder, 65 std::string* substitute) const = 0; 66 67 private: 68 DISALLOW_COPY_AND_ASSIGN(StringSubstitution); 69 }; 70 71 // Replaces all expandable fields that are mentioned in the ONC 72 // specification. The object of |onc_object| is modified in place. Currently 73 // substitutes::kLoginIDField and substitutes::kEmailField are expanded. The 74 // replacement strings are obtained from |substitution|. 75 CHROMEOS_EXPORT void ExpandStringsInOncObject( 76 const OncValueSignature& signature, 77 const StringSubstitution& substitution, 78 base::DictionaryValue* onc_object); 79 80 // Replaces expandable fields in the networks of |network_configs|, which must 81 // be a list of ONC NetworkConfigurations. See ExpandStringsInOncObject above. 82 CHROMEOS_EXPORT void ExpandStringsInNetworks( 83 const StringSubstitution& substitution, 84 base::ListValue* network_configs); 85 86 // Creates a copy of |onc_object| with all values of sensitive fields replaced 87 // by |mask|. To find sensitive fields, signature and field name are checked 88 // with the function FieldIsCredential(). 89 CHROMEOS_EXPORT scoped_ptr<base::DictionaryValue> MaskCredentialsInOncObject( 90 const OncValueSignature& signature, 91 const base::DictionaryValue& onc_object, 92 const std::string& mask); 93 94 // Decrypts |onc_blob| with |passphrase| if necessary. Clears |network_configs|, 95 // |global_network_config| and |certificates| and fills them with the validated 96 // NetworkConfigurations, GlobalNetworkConfiguration and Certificates of 97 // |onc_blob|. Returns false if any validation errors or warnings occurred. 98 // Still, some configuration might be added to the output arguments and should 99 // be further processed by the caller. 100 CHROMEOS_EXPORT bool ParseAndValidateOncForImport( 101 const std::string& onc_blob, 102 ::onc::ONCSource onc_source, 103 const std::string& passphrase, 104 base::ListValue* network_configs, 105 base::DictionaryValue* global_network_config, 106 base::ListValue* certificates); 107 108 // Parse the given PEM encoded certificate |pem_encoded| and create a 109 // X509Certificate from it. 110 CHROMEOS_EXPORT scoped_refptr<net::X509Certificate> DecodePEMCertificate( 111 const std::string& pem_encoded); 112 113 // Replaces all references by GUID to Server or CA certs by their PEM 114 // encoding. Returns true if all references could be resolved. Otherwise returns 115 // false and network configurations with unresolveable references are removed 116 // from |network_configs|. |network_configs| must be a list of ONC 117 // NetworkConfiguration dictionaries. 118 CHROMEOS_EXPORT bool ResolveServerCertRefsInNetworks( 119 const CertPEMsByGUIDMap& certs_by_guid, 120 base::ListValue* network_configs); 121 122 // Replaces all references by GUID to Server or CA certs by their PEM 123 // encoding. Returns true if all references could be resolved. |network_config| 124 // must be a ONC NetworkConfiguration. 125 CHROMEOS_EXPORT bool ResolveServerCertRefsInNetwork( 126 const CertPEMsByGUIDMap& certs_by_guid, 127 base::DictionaryValue* network_config); 128 129 // Returns a network type pattern for matching the ONC type string. 130 CHROMEOS_EXPORT NetworkTypePattern NetworkTypePatternFromOncType( 131 const std::string& type); 132 133 // Returns true if |property_key| is a recommended value in the ONC dictionary. 134 CHROMEOS_EXPORT bool IsRecommendedValue(const base::DictionaryValue* onc, 135 const std::string& property_key); 136 137 } // namespace onc 138 } // namespace chromeos 139 140 #endif // CHROMEOS_NETWORK_ONC_ONC_UTILS_H_ 141
