onc_signature.cc revision 2a99a7e74a7f215066514fe81d2bfa6639d9eddd
1// Copyright (c) 2012 The Chromium Authors. All rights reserved. 2// Use of this source code is governed by a BSD-style license that can be 3// found in the LICENSE file. 4 5#include "chromeos/network/onc/onc_signature.h" 6 7#include "chromeos/network/onc/onc_constants.h" 8#include "third_party/cros_system_api/dbus/service_constants.h" 9 10using base::Value; 11 12namespace chromeos { 13namespace onc { 14namespace { 15 16const OncValueSignature kBoolSignature = { 17 Value::TYPE_BOOLEAN, NULL 18}; 19const OncValueSignature kStringSignature = { 20 Value::TYPE_STRING, NULL 21}; 22const OncValueSignature kIntegerSignature = { 23 Value::TYPE_INTEGER, NULL 24}; 25const OncValueSignature kStringListSignature = { 26 Value::TYPE_LIST, NULL, &kStringSignature 27}; 28const OncValueSignature kIPConfigListSignature = { 29 Value::TYPE_LIST, NULL, &kIPConfigSignature 30}; 31 32const OncFieldSignature issuer_subject_pattern_fields[] = { 33 { certificate::kCommonName, &kStringSignature }, 34 { certificate::kLocality, &kStringSignature }, 35 { certificate::kOrganization, &kStringSignature }, 36 { certificate::kOrganizationalUnit, &kStringSignature }, 37 { NULL } 38}; 39 40const OncFieldSignature certificate_pattern_fields[] = { 41 { kRecommended, &kRecommendedSignature }, 42 { certificate::kEnrollmentURI, &kStringListSignature }, 43 { certificate::kIssuer, &kIssuerSubjectPatternSignature }, 44 { certificate::kIssuerCARef, &kStringListSignature }, 45 { certificate::kSubject, &kIssuerSubjectPatternSignature }, 46 { NULL } 47}; 48 49const OncFieldSignature eap_fields[] = { 50 { kRecommended, &kRecommendedSignature }, 51 { eap::kAnonymousIdentity, &kStringSignature }, 52 { eap::kClientCertPattern, &kCertificatePatternSignature }, 53 { eap::kClientCertRef, &kStringSignature }, 54 { eap::kClientCertType, &kStringSignature }, 55 { eap::kIdentity, &kStringSignature }, 56 { eap::kInner, &kStringSignature }, 57 { eap::kOuter, &kStringSignature }, 58 { eap::kPassword, &kStringSignature }, 59 { eap::kSaveCredentials, &kBoolSignature }, 60 { eap::kServerCARef, &kStringSignature }, 61 { eap::kUseSystemCAs, &kBoolSignature }, 62 { NULL } 63}; 64 65const OncFieldSignature ipsec_fields[] = { 66 { kRecommended, &kRecommendedSignature }, 67 { vpn::kAuthenticationType, &kStringSignature }, 68 { vpn::kClientCertPattern, &kCertificatePatternSignature }, 69 { vpn::kClientCertRef, &kStringSignature }, 70 { vpn::kClientCertType, &kStringSignature }, 71 { vpn::kGroup, &kStringSignature }, 72 { vpn::kIKEVersion, &kIntegerSignature }, 73 { vpn::kPSK, &kStringSignature }, 74 { vpn::kSaveCredentials, &kBoolSignature }, 75 { vpn::kServerCARef, &kStringSignature }, 76 // Not yet supported. 77 // { vpn::kEAP, &kEAPSignature }, 78 // { vpn::kXAUTH, &kXAUTHSignature }, 79 { NULL } 80}; 81 82const OncFieldSignature l2tp_fields[] = { 83 { kRecommended, &kRecommendedSignature }, 84 { vpn::kPassword, &kStringSignature }, 85 { vpn::kSaveCredentials, &kBoolSignature }, 86 { vpn::kUsername, &kStringSignature }, 87 { NULL } 88}; 89 90const OncFieldSignature openvpn_fields[] = { 91 { kRecommended, &kRecommendedSignature }, 92 { vpn::kAuth, &kStringSignature }, 93 { vpn::kAuthNoCache, &kBoolSignature }, 94 { vpn::kAuthRetry, &kStringSignature }, 95 { vpn::kCipher, &kStringSignature }, 96 { vpn::kClientCertPattern, &kCertificatePatternSignature }, 97 { vpn::kClientCertRef, &kStringSignature }, 98 { vpn::kClientCertType, &kStringSignature }, 99 { vpn::kCompLZO, &kStringSignature }, 100 { vpn::kCompNoAdapt, &kBoolSignature }, 101 { vpn::kKeyDirection, &kStringSignature }, 102 { vpn::kNsCertType, &kStringSignature }, 103 { vpn::kPassword, &kStringSignature }, 104 { vpn::kPort, &kIntegerSignature }, 105 { vpn::kProto, &kStringSignature }, 106 { vpn::kPushPeerInfo, &kBoolSignature }, 107 { vpn::kRemoteCertEKU, &kStringSignature }, 108 { vpn::kRemoteCertKU, &kStringListSignature }, 109 { vpn::kRemoteCertTLS, &kStringSignature }, 110 { vpn::kRenegSec, &kIntegerSignature }, 111 { vpn::kSaveCredentials, &kBoolSignature }, 112 { vpn::kServerCARef, &kStringSignature }, 113 // Not supported, yet. 114 { vpn::kServerCertRef, &kStringSignature }, 115 { vpn::kServerPollTimeout, &kIntegerSignature }, 116 { vpn::kShaper, &kIntegerSignature }, 117 { vpn::kStaticChallenge, &kStringSignature }, 118 { vpn::kTLSAuthContents, &kStringSignature }, 119 { vpn::kTLSRemote, &kStringSignature }, 120 { vpn::kUsername, &kStringSignature }, 121 // Not supported, yet. 122 { vpn::kVerb, &kStringSignature }, 123 { NULL } 124}; 125 126const OncFieldSignature vpn_fields[] = { 127 { kRecommended, &kRecommendedSignature }, 128 { vpn::kAutoConnect, &kBoolSignature }, 129 { vpn::kHost, &kStringSignature }, 130 { vpn::kIPsec, &kIPsecSignature }, 131 { vpn::kL2TP, &kL2TPSignature }, 132 { vpn::kOpenVPN, &kOpenVPNSignature }, 133 { vpn::kType, &kStringSignature }, 134 { NULL } 135}; 136 137const OncFieldSignature ethernet_fields[] = { 138 { kRecommended, &kRecommendedSignature }, 139 // Not supported, yet. 140 { ethernet::kAuthentication, &kStringSignature }, 141 { ethernet::kEAP, &kEAPSignature }, 142 { NULL } 143}; 144 145// Not supported, yet. 146const OncFieldSignature ipconfig_fields[] = { 147 { ipconfig::kGateway, &kStringSignature }, 148 { ipconfig::kIPAddress, &kStringSignature }, 149 { network_config::kNameServers, &kStringSignature }, 150 { ipconfig::kRoutingPrefix, &kIntegerSignature }, 151 { network_config::kSearchDomains, &kStringListSignature }, 152 { ipconfig::kType, &kStringSignature }, 153 { NULL } 154}; 155 156const OncFieldSignature proxy_location_fields[] = { 157 { proxy::kHost, &kStringSignature }, 158 { proxy::kPort, &kIntegerSignature }, 159 { NULL } 160}; 161 162const OncFieldSignature proxy_manual_fields[] = { 163 { proxy::kFtp, &kProxyLocationSignature }, 164 { proxy::kHttp, &kProxyLocationSignature }, 165 { proxy::kHttps, &kProxyLocationSignature }, 166 { proxy::kSocks, &kProxyLocationSignature }, 167 { NULL } 168}; 169 170const OncFieldSignature proxy_settings_fields[] = { 171 { kRecommended, &kRecommendedSignature }, 172 { proxy::kExcludeDomains, &kStringListSignature }, 173 { proxy::kManual, &kProxyManualSignature }, 174 { proxy::kPAC, &kStringSignature }, 175 { proxy::kType, &kStringSignature }, 176 { NULL } 177}; 178 179const OncFieldSignature wifi_fields[] = { 180 { kRecommended, &kRecommendedSignature }, 181 { wifi::kAutoConnect, &kBoolSignature }, 182 { wifi::kEAP, &kEAPSignature }, 183 { wifi::kHiddenSSID, &kBoolSignature }, 184 { wifi::kPassphrase, &kStringSignature }, 185 { wifi::kSSID, &kStringSignature }, 186 { wifi::kSecurity, &kStringSignature }, 187 { NULL } 188}; 189 190const OncFieldSignature wifi_with_state_fields[] = { 191 { wifi::kBSSID, &kStringSignature }, 192 { wifi::kSignalStrength, &kIntegerSignature }, 193 { NULL } 194}; 195 196const OncFieldSignature cellular_with_state_fields[] = { 197 { kRecommended, &kRecommendedSignature }, 198 { cellular::kActivateOverNonCellularNetwork, &kStringSignature }, 199 { cellular::kActivationState, &kStringSignature }, 200 { cellular::kAllowRoaming, &kStringSignature }, 201 { cellular::kAPN, &kStringSignature }, 202 { cellular::kCarrier, &kStringSignature }, 203 { cellular::kESN, &kStringSignature }, 204 { cellular::kFamily, &kStringSignature }, 205 { cellular::kFirmwareRevision, &kStringSignature }, 206 { cellular::kFoundNetworks, &kStringSignature }, 207 { cellular::kHardwareRevision, &kStringSignature }, 208 { cellular::kHomeProvider, &kStringSignature }, 209 { cellular::kICCID, &kStringSignature }, 210 { cellular::kIMEI, &kStringSignature }, 211 { cellular::kIMSI, &kStringSignature }, 212 { cellular::kManufacturer, &kStringSignature }, 213 { cellular::kMDN, &kStringSignature }, 214 { cellular::kMEID, &kStringSignature }, 215 { cellular::kMIN, &kStringSignature }, 216 { cellular::kModelID, &kStringSignature }, 217 { cellular::kNetworkTechnology, &kStringSignature }, 218 { cellular::kOperatorCode, &kStringSignature }, 219 { cellular::kOperatorName, &kStringSignature }, 220 { cellular::kPRLVersion, &kStringSignature }, 221 { cellular::kProviderRequiresRoaming, &kStringSignature }, 222 { cellular::kRoamingState, &kStringSignature }, 223 { cellular::kSelectedNetwork, &kStringSignature }, 224 { cellular::kServingOperator, &kStringSignature }, 225 { cellular::kSIMLockStatus, &kStringSignature }, 226 { cellular::kSIMPresent, &kStringSignature }, 227 { cellular::kSupportedCarriers, &kStringSignature }, 228 { cellular::kSupportNetworkScan, &kStringSignature }, 229 { NULL } 230}; 231 232const OncFieldSignature network_configuration_fields[] = { 233 { kRecommended, &kRecommendedSignature }, 234 { network_config::kEthernet, &kEthernetSignature }, 235 { network_config::kGUID, &kStringSignature }, 236 // Not supported, yet. 237 { network_config::kIPConfigs, &kIPConfigListSignature }, 238 { network_config::kName, &kStringSignature }, 239 // Not supported, yet. 240 { network_config::kNameServers, &kStringListSignature }, 241 { network_config::kProxySettings, &kProxySettingsSignature }, 242 { kRemove, &kBoolSignature }, 243 // Not supported, yet. 244 { network_config::kSearchDomains, &kStringListSignature }, 245 { network_config::kType, &kStringSignature }, 246 { network_config::kVPN, &kVPNSignature }, 247 { network_config::kWiFi, &kWiFiSignature }, 248 { NULL } 249}; 250 251const OncFieldSignature network_with_state_fields[] = { 252 { network_config::kCellular, &kCellularWithStateSignature }, 253 { network_config::kConnectionState, &kStringSignature }, 254 { network_config::kWiFi, &kWiFiWithStateSignature }, 255 { NULL } 256}; 257 258const OncFieldSignature certificate_fields[] = { 259 { certificate::kGUID, &kStringSignature }, 260 { certificate::kPKCS12, &kStringSignature }, 261 { kRemove, &kBoolSignature }, 262 { certificate::kTrust, &kStringListSignature }, 263 { certificate::kType, &kStringSignature }, 264 { certificate::kX509, &kStringSignature }, 265 { NULL } 266}; 267 268const OncFieldSignature toplevel_configuration_fields[] = { 269 { toplevel_config::kCertificates, &kCertificateListSignature }, 270 { toplevel_config::kNetworkConfigurations, 271 &kNetworkConfigurationListSignature }, 272 { toplevel_config::kType, &kStringSignature }, 273 { encrypted::kCipher, &kStringSignature }, 274 { encrypted::kCiphertext, &kStringSignature }, 275 { encrypted::kHMAC, &kStringSignature }, 276 { encrypted::kHMACMethod, &kStringSignature }, 277 { encrypted::kIV, &kStringSignature }, 278 { encrypted::kIterations, &kIntegerSignature }, 279 { encrypted::kSalt, &kStringSignature }, 280 { encrypted::kStretch, &kStringSignature }, 281 { NULL } 282}; 283 284} // namespace 285 286const OncValueSignature kRecommendedSignature = { 287 Value::TYPE_LIST, NULL, &kStringSignature 288}; 289const OncValueSignature kEAPSignature = { 290 Value::TYPE_DICTIONARY, eap_fields, NULL 291}; 292const OncValueSignature kIssuerSubjectPatternSignature = { 293 Value::TYPE_DICTIONARY, issuer_subject_pattern_fields, NULL 294}; 295const OncValueSignature kCertificatePatternSignature = { 296 Value::TYPE_DICTIONARY, certificate_pattern_fields, NULL 297}; 298const OncValueSignature kIPsecSignature = { 299 Value::TYPE_DICTIONARY, ipsec_fields, NULL 300}; 301const OncValueSignature kL2TPSignature = { 302 Value::TYPE_DICTIONARY, l2tp_fields, NULL 303}; 304const OncValueSignature kOpenVPNSignature = { 305 Value::TYPE_DICTIONARY, openvpn_fields, NULL 306}; 307const OncValueSignature kVPNSignature = { 308 Value::TYPE_DICTIONARY, vpn_fields, NULL 309}; 310const OncValueSignature kEthernetSignature = { 311 Value::TYPE_DICTIONARY, ethernet_fields, NULL 312}; 313const OncValueSignature kIPConfigSignature = { 314 Value::TYPE_DICTIONARY, ipconfig_fields, NULL 315}; 316const OncValueSignature kProxyLocationSignature = { 317 Value::TYPE_DICTIONARY, proxy_location_fields, NULL 318}; 319const OncValueSignature kProxyManualSignature = { 320 Value::TYPE_DICTIONARY, proxy_manual_fields, NULL 321}; 322const OncValueSignature kProxySettingsSignature = { 323 Value::TYPE_DICTIONARY, proxy_settings_fields, NULL 324}; 325const OncValueSignature kWiFiSignature = { 326 Value::TYPE_DICTIONARY, wifi_fields, NULL 327}; 328const OncValueSignature kCertificateSignature = { 329 Value::TYPE_DICTIONARY, certificate_fields, NULL 330}; 331const OncValueSignature kNetworkConfigurationSignature = { 332 Value::TYPE_DICTIONARY, network_configuration_fields, NULL 333}; 334const OncValueSignature kCertificateListSignature = { 335 Value::TYPE_LIST, NULL, &kCertificateSignature 336}; 337const OncValueSignature kNetworkConfigurationListSignature = { 338 Value::TYPE_LIST, NULL, &kNetworkConfigurationSignature 339}; 340const OncValueSignature kToplevelConfigurationSignature = { 341 Value::TYPE_DICTIONARY, toplevel_configuration_fields, NULL 342}; 343 344// Derived "ONC with State" signatures. 345const OncValueSignature kNetworkWithStateSignature = { 346 Value::TYPE_DICTIONARY, network_with_state_fields, NULL, 347 &kNetworkConfigurationSignature 348}; 349const OncValueSignature kWiFiWithStateSignature = { 350 Value::TYPE_DICTIONARY, wifi_with_state_fields, NULL, &kWiFiSignature 351}; 352const OncValueSignature kCellularWithStateSignature = { 353 Value::TYPE_DICTIONARY, cellular_with_state_fields, NULL 354}; 355 356const OncFieldSignature* GetFieldSignature(const OncValueSignature& signature, 357 const std::string& onc_field_name) { 358 if (!signature.fields) 359 return NULL; 360 for (const OncFieldSignature* field_signature = signature.fields; 361 field_signature->onc_field_name != NULL; ++field_signature) { 362 if (onc_field_name == field_signature->onc_field_name) 363 return field_signature; 364 } 365 if (signature.base_signature) 366 return GetFieldSignature(*signature.base_signature, onc_field_name); 367 return NULL; 368} 369 370} // namespace onc 371} // namespace chromeos 372