chromeos/network/onc/onc_utils.h

   1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
   2 // Use of this source code is governed by a BSD-style license that can be
   3 // found in the LICENSE file.
   4
   5 #ifndef CHROMEOS_NETWORK_ONC_ONC_UTILS_H_
   6 #define CHROMEOS_NETWORK_ONC_ONC_UTILS_H_
   7
   8 #include <map>
   9 #include <string>
  10 #include <vector>
  11
  12 #include "base/basictypes.h"
  13 #include "base/memory/ref_counted.h"
  14 #include "base/memory/scoped_ptr.h"
  15 #include "chromeos/chromeos_export.h"
  16 #include "chromeos/network/onc/onc_constants.h"
  17
  18 namespace base {
  19 class DictionaryValue;
  20 class ListValue;
  21 }
  22
  23 namespace net {
  24 class X509Certificate;
  25 }
  26
  27 namespace chromeos {
  28 namespace onc {
  29
  30 struct OncValueSignature;
  31
  32 // A valid but empty (no networks and no certificates) and unencrypted
  33 // configuration.
  34 CHROMEOS_EXPORT extern const char kEmptyUnencryptedConfiguration[];
  35
  36 typedef std::map<std::string, std::string> CertPEMsByGUIDMap;
  37
  38 // Parses |json| according to the JSON format. If |json| is a JSON formatted
  39 // dictionary, the function returns the dictionary as a DictionaryValue.
  40 // Otherwise returns NULL.
  41 CHROMEOS_EXPORT scoped_ptr<base::DictionaryValue> ReadDictionaryFromJson(
  42     const std::string& json);
  43
  44 // Decrypts the given EncryptedConfiguration |onc| (see the ONC specification)
  45 // using |passphrase|. The resulting UnencryptedConfiguration is returned. If an
  46 // error occurs, returns NULL.
  47 CHROMEOS_EXPORT scoped_ptr<base::DictionaryValue> Decrypt(
  48     const std::string& passphrase,
  49     const base::DictionaryValue& onc);
  50
  51 // For logging only: strings not user facing.
  52 CHROMEOS_EXPORT std::string GetSourceAsString(ONCSource source);
  53
  54 // Used for string expansion with function ExpandStringInOncObject(...).
  55 class CHROMEOS_EXPORT StringSubstitution {
  56  public:
  57   StringSubstitution() {}
  58   virtual ~StringSubstitution() {}
  59
  60   // Returns the replacement string for |placeholder| in
  61   // |substitute|. Currently, substitutes::kLoginIDField and
  62   // substitutes::kEmailField are supported.
  63   virtual bool GetSubstitute(const std::string& placeholder,
  64                              std::string* substitute) const = 0;
  65
  66  private:
  67   DISALLOW_COPY_AND_ASSIGN(StringSubstitution);
  68 };
  69
  70 // Replaces all expandable fields that are mentioned in the ONC
  71 // specification. The object of |onc_object| is modified in place. Currently
  72 // substitutes::kLoginIDField and substitutes::kEmailField are expanded. The
  73 // replacement strings are obtained from |substitution|.
  74 CHROMEOS_EXPORT void ExpandStringsInOncObject(
  75     const OncValueSignature& signature,
  76     const StringSubstitution& substitution,
  77     base::DictionaryValue* onc_object);
  78
  79 // Replaces expandable fields in the networks of |network_configs|, which must
  80 // be a list of ONC NetworkConfigurations. See ExpandStringsInOncObject above.
  81 CHROMEOS_EXPORT void ExpandStringsInNetworks(
  82     const StringSubstitution& substitution,
  83     base::ListValue* network_configs);
  84
  85 // Creates a copy of |onc_object| with all values of sensitive fields replaced
  86 // by |mask|. To find sensitive fields, signature and field name are checked
  87 // with the function FieldIsCredential().
  88 CHROMEOS_EXPORT scoped_ptr<base::DictionaryValue> MaskCredentialsInOncObject(
  89     const OncValueSignature& signature,
  90     const base::DictionaryValue& onc_object,
  91     const std::string& mask);
  92
  93 // Decrypts |onc_blob| with |passphrase| if necessary. Clears |network_configs|
  94 // and |certificates| and fills them with the validated NetworkConfigurations
  95 // and Certificates of |onc_blob|. Returns false if any validation errors or
  96 // warnings occurred. Still, some networks or certificates might be added to the
  97 // output lists and should be further processed by the caller.
  98 CHROMEOS_EXPORT bool ParseAndValidateOncForImport(
  99     const std::string& onc_blob,
 100     ONCSource onc_source,
 101     const std::string& passphrase,
 102     base::ListValue* network_configs,
 103     base::ListValue* certificates);
 104
 105 // Parse the given PEM encoded certificate |pem_encoded| and create a
 106 // X509Certificate from it.
 107 CHROMEOS_EXPORT scoped_refptr<net::X509Certificate> DecodePEMCertificate(
 108     const std::string& pem_encoded);
 109
 110 // Replaces all references by GUID to Server or CA certs by their PEM
 111 // encoding. Returns true if all references could be resolved. Otherwise returns
 112 // false and network configurations with unresolveable references are removed
 113 // from |network_configs|. |network_configs| must be a list of ONC
 114 // NetworkConfiguration dictionaries.
 115 CHROMEOS_EXPORT bool ResolveServerCertRefsInNetworks(
 116     const CertPEMsByGUIDMap& certs_by_guid,
 117     base::ListValue* network_configs);
 118
 119 // Replaces all references by GUID to Server or CA certs by their PEM
 120 // encoding. Returns true if all references could be resolved. |network_config|
 121 // must be a ONC NetworkConfiguration.
 122 CHROMEOS_EXPORT bool ResolveServerCertRefsInNetwork(
 123     const CertPEMsByGUIDMap& certs_by_guid,
 124     base::DictionaryValue* network_config);
 125
 126 }  // namespace onc
 127 }  // namespace chromeos
 128
 129 #endif  // CHROMEOS_NETWORK_ONC_ONC_UTILS_H_